SBL99576 195.191.102.0/24 SR04

Sven Olaf Kamphuis sven at cb3rob.net
Tue Mar 22 17:05:11 CDT 2011


BL99576 195.191.102.0/24 SR04
SBL100272 195.191.102.0/23 SR02

> IDEAR4BUSINESS (trademark fraud replicas spammers)
> Trademark fraud replicas & knock-offs advertised in spam. (was SBL99180, 
> also SBL99576)

- trademarks are not valid in china
- chinese law applies to the customer's services
- no evidence of fraud
- no evidence of spamming (also, judistiction thingy).

"Partners of "AS34109/AS51787 (CB3ROB)"

- not a partner, a downstream transit customer, that just so happens to be 
on AS34109 for now as they lack their own (for now ;)

- the /23 seems to overlap with the /24... there may be 2 reasons for this

   1: the customer seems to have added 2 /24 "delegations' on his -PI-
   space in the RIPE database, which, isn't supposed to be possible with PI space
   anyway, nontheless, that happened ;)

   2: they are indeed announced as 2 seperate /24's most of the time
   (incoming ddos attack "migitation")

-IF- spamming -really- would be going on, from these ranges or to these 
ranges, you are ofcourse free to list those, and only those:

195.191.102.0/23 IDEAR4BUSINESS
84.22.98.8/29 Media Entertainment Guide
84.22.98.16/29 Media Entertainment Guide
84.22.98.24/29 Media Entertainment Guide
and whatever is behind AS56512 (no idea, several prefixes on several 
ASNs))

these are the only listings for which spamhaus seems to have -any- reason 
whatsoever, despite that for these listings as well, all the evidence is 
lacking and there are merely a few unbased claims and some whois outputs 
to "support" them. (and usually they even got the whois/prefix lenght 
wrong, or added it to the wrong company's "case"... ;)

All of the above listings are ISPs themselves, and usually don't have 
anything to do with the hosted content.

as for the AS56512 thingy, no idea what your problem is with them, its not 
like we can make it up from your listings besides you calling everyone 
'spammers' and 'frauders' and replica rolex sellers or partners thereof 
(including us!), none of which is supplied with any evidence, police 
reports, or court convictions.

Now, its really quite easy, we WILL NOT DISCONNECT any customers just 
because spamhaus tries to blackmail us into doing so by adding:

SBL105802 205.189.71.0/24 (PCCF, a company in which the cyberbunker-group holds the majority of shares)
SBL105804 205.189.72.0/23 (PCCF, a company in which the cyberbunker-group holds the majority of shares)
SBL105803 91.209.12.0/24 ZYZTM research #10 B.V. (part of the cyberbunker-group)

These ranges are used solely for research and development of new internet 
protocols. (including one to replace that dusty old spam-infested smtp 
crap of yours ;)

SBL99505  84.22.96.0/19 (entire PA space of ours)
SBL105813 84.22.96.0/32 (?)
SBL105806 84.22.96.0/32 (?)

No idea why you'd list the entire PA space while all customers are clearly 
marked in whois, it's PA space, you're SUPPOSED to delegate it to 
different customers, after which, its up to the customers.

well, except for that you clearly are trying to blackmail us into 
disconnecting customers without getting a court order or even providing 
evidence of any of your claims.

if blacklisting won't work if you do it for the actual prefix that's 
"causing" it (according to your claims) it also won't work for larger 
prefixes or completely non-related prefixes, therefore, thats nothing more 
or less than just blackmail, and very childish.

let's just say that port 25/tcp traffic is mainly incoming... ;)
except for the occasional invoice going out...

spamhaus is ofcourse absolutely free to list spammers, spamhaus is not 
free to "make things up" and blackmail carriers and calling third parties 
'criminals' and what not.

as a european provider, we have no liability whatsoever for what customers 
do or do not do, all or most of our customers are ISPs themselves, go bug 
them... if they don't do what you want, they probably have their reasons 
for it (really i don't see why we even reply to third parties like 
spamhaus either ;)

wherever the customers have their office, there probably are courts, 
should you think the customer is breaking the law, feel free to have some 
attorneys or the cops do something about it, but the moment you start to 
claim things without any evidence, spamhaus is clearly in the wrong.

any carriers/peers that could potentially drop prefixes due to spamhaus 
listings are well advised to review their terms and conditions and
contracts as i'm quite sure it doesn't mention "spamhaus listing" in
there as a "reason" to filter prefixes anywhere... therefore, if 
you're a paid transit, and receive prefixes, you're gonna have to 
relay them, with or without spamhaus listings. spamhaus is no authority 
whatsoever, and clearly, for very valid reasons.

i'm not "for spamming" but frankly, i no longer give a shit about that 
rusty old protocol without a friends list, as far as i'm concerned, it's 
dead and replaced by skype ages ago.

we expect this matter to be resolved.

until that time, we advise everyone not to resolve spamhaus'es 
blocklists, as clearly, 99% of it, is just there to attempt to blackmail.


-- 
Greetings,

Sven Olaf Kamphuis,
CB3ROB Ltd. & Co. KG
=========================================================================
Address: Koloniestrasse 34         VAT Tax ID:      DE267268209
          D-13359                   Registration:    HRA 42834 B
          BERLIN                    Phone:           +31/(0)87-8747479
          Germany                   GSM:             +49/(0)152-26410799
RIPE:    CBSK1-RIPE                e-Mail:          sven at cb3rob.net
=========================================================================
<penpen> C3P0, der elektrische Westerwelle
http://www.facebook.com/cb3rob
=========================================================================

Confidential: Please be advised that the information contained in this
email message, including all attached documents or files, is privileged
and confidential and is intended only for the use of the individual or
individuals addressed. Any other use, dissemination, distribution or
copying of this communication is strictly prohibited.





More information about the NANOG mailing list