You misread it. If a dynamic and non-dynamic IP sits under the same AS number, they will both get blacklisted, no matter if the dynamic IP was "clearly marked" as dynamic and the static "clearly marked" as one.
They want the ISP to block port 25 all together from "dynamic IPs". -----Original Message----- From: Noam Rathaus [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2008 3:09 PM To: Imri Zvik Cc: shimi; linux-il Subject: Re: Israeli ISP and Blacklisting Hi, Exactly you prove my point, you proved that none of the Israeli ISPs are doing anything to: 1) Clearly mark what is an DSL, modem, etc connection so they will all be listed as spammer by default 2) Clearly mark what are 'static'/'hosted' IP address so they will not fall under category 1 3) Clearly do a good job of reverse-PTR records - I had to fight with barak to get it for our server - they claimed it costs money to do, I said this is minimal service - in the end they gave it to me for free - wow 4) ISP should do the minimal effort of not allowing, proxy, open relay, vulnerable servers, infected computers from being in their HOSTED farm, not talking about dialup or DSL, or any other small business/home users. On Thursday 24 July 2008 14:52:39 Imri Zvik wrote: > You are *SO* wrong. > > It takes the following to get your whole AS blocked: > > "UCEPROTECT-Level 3 lists all IP's within an ASN if more than 100 IP's, but > also a minimum of 0.2% of all IP's allocated to this ASN got Level 1 listed > within the last 7 days." > > Now, to get listed in their Level 1 DB you need the following: > > " Level 1 exclusively lists IP addresses with either wrong or missing or > generic reverse DNS (PTR record), or “dialup” connections [typically > suggesting a home/other user with a dynamic connection], or computers with > exploited / exploitable security holes (e.g. open proxies, open relays, > vulnerable webservers, virus infected etc) or which are assigned to > well-known spammers. > > When one of these conditions / criteria is met, and it only takes one > spamtrap to be hit from such a system, the IP address will be automatically > listed at UCEPROTECT BLacklist Level 1. " > > Please notice the last sentence. > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Noam Rathaus Sent: Thursday, July 24, 2008 2:32 PM > To: shimi > Cc: linux-il > Subject: Re: Israeli ISP and Blacklisting > > Hi, > > I haven't dropped water into a boiling pan for nothing if you go here: > http://www.uceprotect.net/en/rblcheck.php > > You will see that the IP (a hosted server): > 192.117.232.213 > > Is all ok, beside the last one, which is due to the fact that Bezeq Int is > blacklisted, at first I thought it was just them, but I checked three other > IP addresses we have, and the other ISPs are blacklisted as well > > As: > 3845 of 1107456 (0.347 %) addresses they have are marked as spammers - not > spam senders, but routinely sending spam, and ISP not blocking them after > an abuse email is issued. > > On Thursday 24 July 2008 14:09:42 shimi wrote: > > On Thu, Jul 24, 2008 at 12:57 PM, Noam Rathaus <[EMAIL PROTECTED]> > > > > wrote: > > > Hi, > > > > > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision > > > to get > > > them off the blacklisting found here: > > > http://www.uceprotect.net/en/rblcheck.php > > > > > > Apparently all the Israeli ISP are blacklisted here (any host you put > > > there in > > > their hosting range) - and all because they don't have a policy of > > > cleaning up their network from spammers. > > > > > > This means we are all losing emails we send because our ISPs are doing > > > a bad > > > job. > > > > Hi Noam, > > > > Did you check the Israeli ISPs outgoing SMTP servers addresses and saw > > that they're blacklisted? > > > > Or did you just use users dial-up/DSL/cable IP ranges in your test, which > > SHOULD be blacklisted (why would a home user need to emit SMTP traffic on > > his own instead of his ISP SMTP servers, where proper authentication and > > thus logging and auditing can be taken care of? > > > > Most RBLs will list all non-ISP-managed block ranges for the above > > reasons, regardless of their location on the globe... > > > > -- Shimi -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007
