Repeated Blacklisting / IP reputation

Thu Sep 10 03:48:18 UTC 2009

In message <E1DECFC9-80EF-40FA-9D98-5C622AACCA2F at icann.org>, Leo Vegoda writes:
> On Sep 9, 2009, at 7:18 PM, Alex Lanstein wrote:
> 
> > Along the same lines, I noticed that the worst Actor in recent =20
> > memory (McColo - AS26780) stopped paying their bills to ARIN and =20
> > their addresses have been returned to the pool.
> >
> > It's my opinion that a very select number of CIDR blocks (another =20
> > example being the ones belonging to Cernel/InternetPath/Atrivo/etc, =20
> > if it were ever fully extinguished) are, and forever will be, =20
> > completely toxic and unusable to any legitimate enterprise.  =20
> > Arguments could be made that industry blacklists can and should be =20
> > more flexible, but from the considerably more innocuous case in this =20
> > thread, that is apparently not the modus operandi
> 
> Putting these addresses back into use does not mean that they have to =20
> be allocated to networks where they'll number mail servers. ARIN staff =20
> is doubtless aware of the history of these blocks and will presumably =20
> do their best to allocate them to networks that aren't intended to =20
> host mail servers.
> 
> Regards,
> 
> Leo

What a load of rubbish.  How is ARIN or any RIR/LIR supposed to
know the intent of use?

Push has come to shove and those that have incorrectly treated
address assignment as immutable will need to correct their ways
(excluding legacy assignments).  This will be painful for some.

Note we all could start using IPv6 and avoid this problem altogether.
There is nothing stopping us using IPv6 especially for MTA's.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org