nanog mailing list archives

Re: Anyone else blacklisted this morning by rbl.iprange.net?

From: Mel Beckman <mel () beckman org>
Date: Tue, 2 Jan 2018 17:15:57 +0000

LOL! Apparently Level3 (my upstream) at least has blacklisted their IP, way before it gets anywhere near the 
Netherlands!

traceroute rbl.iprange.net 
traceroute to rbl.iprange.net (80.127.112.180), 64 hops max, 40 byte packets
 1  router1.sb.becknet.com (206.83.0.1)  0.862 ms  0.415 ms  0.365 ms
 2  206-190-77-9.static.twtelecom.net (206.190.77.9)  0.817 ms  1.234 ms  0.734 ms
 3  ae1-90g.ar7.lax1.gblx.net (67.17.75.18)  2.933 ms  3.023 ms  2.928 ms
 4  ae10.edge1.losangeles9.level3.net (4.68.111.21)  3.040 ms  2.996 ms  3.040 ms
 5  * * *
 6  * * *
 7  * * *

Thank you Level3! Now if other major backbone providers will do the same, we might inoculate the Internet from this 
ignorant RBL operator quickly. 

 -mel

On Jan 2, 2018, at 9:10 AM, Jon Lewis <jlewis () lewis org> wrote:

On Tue, 2 Jan 2018, Mel Beckman wrote:

I woke up this morning to a barrage of complaints from users that our mail servers' outbound emails are bouncing due 
to a blacklisting. Sure enough, mxtoolbox.com<http://mxtoolbox.com> reports that 
rbl.iprange.net<http://rbl.iprange.net> has blacklisted us for more than a day. However, looking up our address on 
the rbl.iprange.net<http://rbl.iprange.net> lookup webpage shows we're NOT listed. But a check of the RBL's DNS 
shows that we are. Then I found this on the rbl.iprange.net<http://rbl.iprange.net> owner's website ():

"rbl.iprange.net<http://rbl.iprange.net> (is offline since 01-01-2018) please replace it with 
rbl.realtimeblacklist.com<http://rbl.realtimeblacklist.com>
rbl.iprange.net<http://rbl.iprange.net> will mark every ip address as listed to force removal of this server."

What the heck? I've tried contacting realtimeblacklisk.com<http://realtimeblacklisk.com>, but they're in the 
Netherlands and apparently fast asleep (in more ways than one, it seems).


If you do manage to get ahold of anyone there, you might suggest they read section 3.4 of

https://tools.ietf.org/html/draft-irtf-asrg-bcp-blacklists-10

There's a right way to shut down a DNSBL that's been tested and used by others.  Listing the world is not the right 
way.

----------------------------------------------------------------------
Jon Lewis, MCP :)           |  I route
                            |  therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

Current thread:

Re: Anyone else blacklisted this morning by rbl.iprange.net?, (continued)
- - Re: Anyone else blacklisted this morning by rbl.iprange.net? Mel Beckman (Jan 02)
  - Re: Anyone else blacklisted this morning by rbl.iprange.net? Alexander Maassen (Jan 02)
    - Re: Anyone else blacklisted this morning by rbl.iprange.net? Mel Beckman (Jan 02)
    - Re: Anyone else blacklisted this morning by rbl.iprange.net? Mike Hale (Jan 02)
    - Re: Anyone else blacklisted this morning by rbl.iprange.net? John Levine (Jan 04)
    - Re: Anyone else blacklisted this morning by rbl.iprange.net? Mel Beckman (Jan 04)
    - Re: Anyone else blacklisted this morning by rbl.iprange.net? John R. Levine (Jan 04)
- Re: Anyone else blacklisted this morning by rbl.iprange.net? Rich Kulawiec (Jan 02)
  - making the queries go away, was Re: Anyone else blacklisted this morning John Levine (Jan 04)
- Re: Anyone else blacklisted this morning by rbl.iprange.net? Jon Lewis (Jan 02)
  - Re: Anyone else blacklisted this morning by rbl.iprange.net? Mel Beckman (Jan 02)