Purchasing IPv4 space - due diligence homework

• Previous message (by thread): Purchasing IPv4 space - due diligence homework
• Next message (by thread): Purchasing IPv4 space - due diligence homework
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The issue isn’t with Spamhaus itself per se, more providers who implement automated edge filters based on those lists and then take a long time to get removed manually.

Sent from my iPhone

On Apr 3, 2019, at 1:40 PM, Eric Dugas <edugas at unknowndevice.ca<mailto:edugas at unknowndevice.ca>> wrote:

I cleaned two blocks last year with Spamhaus and others. Took me less than two weeks and Spamhaus were the quickest of the bunch (we're talking about a full or two business days). PSN can be tricky, same for Netflix and whatnot but I always put these new blocks in "quarantine" for a couple of weeks by using these services with random IPs in a new block.

In order, I began to announce the prefixes right after the transfers were approved by ARIN. I then contacted Spamhaus and the others roughly a week later. As I mentioned, Spamhaus were really reactive. The others responded in about 2 weeks.

What helped us (I think) is that we're a listed MANRS participant (so filtering, BCP38, proper NOC/Ops contacts). We also sign all of our routes with ROAs, proper route objects in an IRR and PTRs generated for every IPs.

On Apr 3 2019, at 1:20 pm, Nikolas Geyer <nik at neko.id.au<mailto:nik at neko.id.au>> wrote:
A big +1 to checking Spamhaus, specifically their DROP and EDROP lists. These two lists are what causes us most pain when acquiring IPv4 space as a lot of providers put auto blocking in place based on these two which can be difficult to get removed.

I won’t even contemplate prefixes on either of these lists unless the seller knocks $5/IP off the purchase price because of the associated time and pain trying to clean it up.

Sent from my iPhone

On Apr 3, 2019, at 11:49 AM, Valdis Klētnieks <valdis.kletnieks at vt.edu<mailto:valdis.kletnieks at vt.edu>> wrote:

On Wed, 03 Apr 2019 15:20:17 -0000, "Torres, Matt via NANOG" said:

3. Check SORBS blacklisting. It should not show up except maybe the DUHL list(?). If it does, walk away.

SORBS isn't the only place to check. As an example, if Spamhaus doesn't have
nice things to say about the block, it's time to start asking questions....

http://www.anti-abuse.org/multi-rbl-check/ has a fairly good list of
places that could give your customer a bad time (whether or not the
listing is deserved - the point is that being listed anywhere there will
probably mean problems that have to be cleaned up)

You may all now begin the religious war over where else to check.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190403/32a22cfb/attachment.html>

• Previous message (by thread): Purchasing IPv4 space - due diligence homework
• Next message (by thread): Purchasing IPv4 space - due diligence homework
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]