nanog mailing list archives
RE: Re: Request Spamhaus contact
From: "Mark Scholten" <mark () streamservice nl>
Date: Tue, 18 Jan 2011 02:23:14 +0100
From: Jeffrey Lyon [mailto:jeffrey.lyon () blacklotus net] Sent: Tuesday, January 18, 2011 1:42 AM I fat fingered the netmask, try now. Thanks, Jeff
I don't think it is yet solved. The listed time is CET (GMT+1). tmp@support:~$ wget -S www.vertrouwdeapotheek.nl --2011-01-18 02:18:15-- http://www.vertrouwdeapotheek.nl/ Resolving www.vertrouwdeapotheek.nl... 208.64.120.197 Connecting to www.vertrouwdeapotheek.nl|208.64.120.197|:80... connected. HTTP request sent, awaiting response... HTTP/1.1 301 Moved Permanently Cache-Control: private Content-Length: 0 Location: http://www.vertrouwdeapotheek.nl/Home.aspx Server: Microsoft-IIS/7.0 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Tue, 18 Jan 2011 01:17:50 GMT Connection: close Location: http://www.vertrouwdeapotheek.nl/Home.aspx [following] --2011-01-18 02:18:15-- http://www.vertrouwdeapotheek.nl/Home.aspx Connecting to www.vertrouwdeapotheek.nl|208.64.120.197|:80... connected. HTTP request sent, awaiting response... HTTP/1.1 200 OK Cache-Control: private Content-Length: 126007 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 4.0.30319 WL-Version: 2475.0 Set-Cookie: ASP.NET_SessionId=olbzhbkanrerwwzqeoho22ws; path=/; HttpOnly X-Powered-By: ASP.NET Date: Tue, 18 Jan 2011 01:17:51 GMT Connection: close Length: 126007 (123K) [text/html] Saving to: `index.html' 100%[======================================================================= ============>] 126,007 154K/s in 0.8s 2011-01-18 02:18:17 (154 KB/s) - `index.html' saved [126007/126007] I did check the content of index.html and it shows a page I expect at that domain. Giving a suspend page is also acceptable for me (or a page with a message that the site was removed). How difficult is it for you to nullroute it? For me (and probably for others) it is also acceptable if you put a firewall between them and the internet with the rule to DROP everything for that IP. I'm even prepared to give an example config (based on Debian 5) to drop the traffic for all IPs mentioned on this list and on SBL. How you do it isn't important for me, but please clean your network for as far as possible with the given information (and looking through your clients). Regards, Mark
Current thread:
- Re: Request Spamhaus contact, (continued)
- Re: Request Spamhaus contact Ken Gilmour (Jan 18)
- Re: Request Spamhaus contact Kevin Stange (Jan 18)
- RE: Request Spamhaus contact Nathan Eisenberg (Jan 18)
- Re: Re: Request Spamhaus contact Gary E. Miller (Jan 17)
- Re: Request Spamhaus contact William Pitcock (Jan 17)
- Re: Request Spamhaus contact Steve Atkins (Jan 17)
- Re: Re: Request Spamhaus contact William Herrin (Jan 17)
- Re: Re: Request Spamhaus contact Jeffrey Lyon (Jan 17)
- Re: Re: Request Spamhaus contact William Herrin (Jan 17)
- Re: Re: Request Spamhaus contact Jeffrey Lyon (Jan 17)
- RE: Re: Request Spamhaus contact Mark Scholten (Jan 17)
- Re: Request Spamhaus contact TR Shaw (Jan 17)
- Re: Request Spamhaus contact Jeffrey Lyon (Jan 17)
- Re: Request Spamhaus contact Raymond Dijkxhoorn (Jan 17)
- Re: Request Spamhaus contact Jeffrey Lyon (Jan 17)
- Message not available
- Message not available
- Message not available
- Re: Request Spamhaus contact Jeffrey Lyon (Jan 17)
- RE: Request Spamhaus contact Mark Scholten (Jan 17)
- Re: Request Spamhaus contact Jeffrey Lyon (Jan 17)
- RE: Request Spamhaus contact Mark Scholten (Jan 17)
- Re: Request Spamhaus contact Jeffrey Lyon (Jan 17)
- Request Spamhaus contact Atticus (Jan 17)