Request Spamhaus contact

Mark Scholten mark at streamservice.nl
Mon Jan 17 19:23:14 CST 2011


> From: Jeffrey Lyon [mailto:jeffrey.lyon at blacklotus.net]
> Sent: Tuesday, January 18, 2011 1:42 AM
>
> I fat fingered the netmask, try now.
> 
> Thanks, Jeff

I don't think it is yet solved. The listed time is CET (GMT+1).

tmp at support:~$ wget -S www.vertrouwdeapotheek.nl
--2011-01-18 02:18:15--  http://www.vertrouwdeapotheek.nl/
Resolving www.vertrouwdeapotheek.nl... 208.64.120.197
Connecting to www.vertrouwdeapotheek.nl|208.64.120.197|:80... connected.
HTTP request sent, awaiting response...
  HTTP/1.1 301 Moved Permanently
  Cache-Control: private
  Content-Length: 0
  Location: http://www.vertrouwdeapotheek.nl/Home.aspx
  Server: Microsoft-IIS/7.0
  X-AspNet-Version: 4.0.30319
  X-Powered-By: ASP.NET
  Date: Tue, 18 Jan 2011 01:17:50 GMT
  Connection: close
Location: http://www.vertrouwdeapotheek.nl/Home.aspx [following]
--2011-01-18 02:18:15--  http://www.vertrouwdeapotheek.nl/Home.aspx
Connecting to www.vertrouwdeapotheek.nl|208.64.120.197|:80... connected.
HTTP request sent, awaiting response...
  HTTP/1.1 200 OK
  Cache-Control: private
  Content-Length: 126007
  Content-Type: text/html; charset=utf-8
  Server: Microsoft-IIS/7.0
  X-AspNet-Version: 4.0.30319
  WL-Version: 2475.0
  Set-Cookie: ASP.NET_SessionId=olbzhbkanrerwwzqeoho22ws; path=/; HttpOnly
  X-Powered-By: ASP.NET
  Date: Tue, 18 Jan 2011 01:17:51 GMT
  Connection: close
Length: 126007 (123K) [text/html]
Saving to: `index.html'

100%[=======================================================================
============>] 126,007      154K/s   in 0.8s

2011-01-18 02:18:17 (154 KB/s) - `index.html' saved [126007/126007]

I did check the content of index.html and it shows a page I expect at that
domain. Giving a suspend page is also acceptable for me (or a page with a
message that the site was removed).

How difficult is it for you to nullroute it? For me (and probably for
others) it is also acceptable if you put a firewall between them and the
internet with the rule to DROP everything for that IP. I'm even prepared to
give an example config (based on Debian 5) to drop the traffic for all IPs
mentioned on this list and on SBL.

How you do it isn't important for me, but please clean your network for as
far as possible with the given information (and looking through your
clients).

Regards, Mark





More information about the NANOG mailing list