Client host rejected: 85/8 banned for abuse

J.A. Terranson measl at mfn.org
Fri Oct 20 06:24:47 PDT 2006


On Thu, 19 Oct 2006, Bill Stewart wrote:

> >Are you sure? 85/8, that's a lot of unreal estate.
> >
> >  <measl at mfn.org>: host mx1.mfn.org[204.238.179.8] said: 554
> >      <v64.ativel.com[85.10.225.64]>: Client host rejected: 85/8 banned for
> >abuse
> >      (in reply to RCPT TO command)
>
> The whole /8?  I'd certainly say it's a lot -
> it's not even a single Class A owned by a carrier like AT&T or UUNet,
> but has a number of different ISPs in different countries owning
> chunks of it.  leitl.org has a /24 that's part of an ISP /18 in Germany,
> and I saw some Swisstel in another /18 there.
>
> That's the kind of global overkill I'd expect from an
> irresponsible spam-blocker list like SPEWS,
> and even for them that would be pretty excessive.

Ahhh, but I have a *lot* more flexibility here than SPEWS does.  I can
set filters by individuals, and I have little need for the vast majority
of IP space - therefore I filter very hyperagressively for this domain.

Prior to this "overreaction", I was receiving approximately 25K spam
emails per day (on an *average* day - there have been *much* worse!).
Now, I see less than several hundred: a fair trade for the rare false
positive (about 75% of which come from this list, and of which I see less
than a dozen per year).

I have literally dozens of /8s on block: All of APNIC, AFRINIC, South
America, Israel, Russia and neighboring real estate... You get the idea.

The policy here is that if an abusive email gets through:
(1) If generated by a hosting company, the entire allocation to that
hosting company is blocked;
(2) If from dynamic space, it was missed the first time, so added now;
(3) If from a microallocation (/25-/32) I block the micro, and if from a
company with significant space, but what appears to be just a compromised
host, the /24 in which that host lives.

It works.

-- 
Yours,

J.A. Terranson
sysadmin at mfn.org
0xBD4A95BF

"Surely the larger lesson learned from that day is that other men, all
over the world, took inspiration not from the heroism of the rescuers in
New York or the passengers flying over Pennsylvania, but from the 19
hijackers - the twisted brilliance of their scheme and their willingness
to sacrifice their lives to make a political and, as they saw it,
religious statement."

Richard Corliss/Time Magazine
11 Aug 2006





More information about the cypherpunks-legacy mailing list