mailing list archives
Re: anti-spam vs network abuse
From: "Jack Bates" <jbates () brightok net>
Date: Thu, 27 Feb 2003 21:58:16 -0600
From: <jlewis () lewis org>
We (Atlantic.Net) have gotten a flurry of abuse complaints from people
who's systems have been scanned by 188.8.131.52 (rt.njabl.org...a DNSBL
hosted on our network). I'm hoping the new PTR record will head off many
For the past 15 months, NJABL has reactively tested systems that have
connected to participating SMTP servers to see if those systems are open
relays. Just over a week ago, NJABL added open proxy testing to its relay
testing software. The proxy testing checks for a variety of common proxy
software/protocols on about 20 different ports simultaneously. This is
apparently setting off some IDS/firewall alarms.
We do not consider what NJABL does abuse, and we reply to all the
Ahh, yes. The age old debate. So long as you, their provider, doesn't
consider it abuse, they should be relatively safe. Obviously, there are some
net blocks up to stop the probes. There always are and always will be.
Networks don't like scans. One thing I'll say about NJABL, it's probably the
most accurate list for what it does. With the added proxy testing, they'll
get more people using the list, along with more complaints. I'll be adding
my log IP's to that list soon enough.
- Re: RIPE Down or DOSed ?, (continued)