Atrivo/Intercage: NO Upstream depeer

Andrew D Kirch trelane at
Sun Sep 21 17:48:35 CDT 2008

Russell Mitchell wrote:
> Hello all,
> Andrew:
> It is truly enlightening, to say the least, that you want to talk about all of the SBL Listings, all of the DNSBL Listings, and all of the abuse on our network has never had action taken.
> -----
> In Spamhaus' article, they did a history of more then ?350? SBL Listings for our company. Today, we have 6 ACTIVE Listings in the SBL. If we haven't acted on abuse claims, why do those numbers not match up?
I didn't say deal with some of them, I said deal with _ALL_ of them.  I 
have 0 SBL Listings, 0 ROKSO listings.  There's not an acceptable 
minimum.  Don't host abusers, period.  No points are given for half effort.
> So, sometime over the weekend, Spamhaus listed our ONLY Upstream's /22 IP Block.. There's NO Evidence of any abuse from PIE for the listing. How can they be labeled as a SPAM or Abuse Supporter after routing us for such a short time? That's ethical, legitimate, and reasonable to you?
There were listings of PIE earlier this week as well.  I am not with 
Spamhaus and I don't speak for them, but I think that the legitimacy 
threshold is met by being consistent with their own listing criteria.  
As you have nothing other than a vague insinuation otherwise, your claim 
here fails.
> We have ALL of our IP Space listed with Spamhaus because we have a Reseller named Esthost. While their customer track record may not be a straight arrow, they've ALWAYS taken action on abuse we've received for machines leased to them (Just like every other customer we have!).
Damn, did you forgot the botnet C&C's?  The Credit Card Fraud, the 40 
page report documenting Atrivo's abuse of the Internet?
> We enacted a zero tolerance policy in light of the community delivering false information and giving false reports to news media. What did that do? It gave us the opportunity to cancel service on EVERY Machine that an abuse was reported on. 
> What happened shortly after? No more reports, no more abuse.
0 Tolerance = 6 SBL listings?  0 != 6
> Esthost's Registrar entity, EstDomains launched a great campaign to work with the public and take in reports against Malware Customers, as that is what the news media was reporting was the issue. Over 20,000 Domains get suspended by EstDomains in a period of about a week. Your going to come back and say, "Well Directi did it in about 2 days!". Yeah? Directi had it placed right on their desk! They didn't have to launch any campaign or go out and ask the COMMUNITY for it. The people behind those false reports on our company gave them a set of Data to allow them to act that fast.
Directi was a slightly stagnate pond compared to the sewer which is Atrivo.
> So, we see Esthost turning a corner and going out to the community with an outreach program. Community is giving support for it. 
> We enact a zero tolerance policy for our entire network, this isn't made public aside to a GOOD and TRUTHFUL Editor from TheRegister, Dan Goodin.
> We gave ourselves 1 month to see what is going to happen between the community, and Esthost. In the final stretch of that 1 month, we get blind-sided by Spamhaus.
Yep, the British Tabloids are always accurate.  Dan's pretty new there, 
and they have better security writers.
> So now, an apparently level-headed James Thomas brings the happenings from last night into the light, and here we are.
> All of the claims about us being the RBN, Emil being some Russian named "Igor", and "Atrivo" being the epicenter with such partners like InterCage. Did you forget? Emil has a split-personality, that's how they got their claim of InterCage being partnered with Atrivo. As though they're 2 seperate entities! Good Research Matt, Jart, Garth, and all the others who've written about us recently!
After the years of abuse it doesn't matter if there's a factual basis 
for where I send my e-mail reports (I think I've demonstrated that there 
still is), or merely a visceral dislike of the long-standing business 
practices at Atrivo (I think I've demonstrated that as well).


More information about the NANOG mailing list