amuck-landowner

LunaNode being booted from SingleHop

lbft

Active Member
The five records are related to the customer who registered multiple accounts. The first record is our web server, which doesn't send any email (we have a dedicated mail server outside of SingleHop LLC's network). We're not positive of anything since SpamHaus Project Ltd. is ignoring our communications, but presumably they won't blacklist our IP address blocks with BurstNET if no spam is sent.
If they designate you a "spam operation" (as they seem to have done in one listing there) they will list any IPs they associate with you, regardless of any lack of actual spam.
 

mcmyhost

New Member
We'll try to work on that as an alternative to blocking outgoing traffic to port 25 by default. However SpamHaus doesn't seem to care either way, it's easier for them to just shut down small companies.

Either way, the same situation won't happen again with the disabled automatic provisioning for new clients.
Use FraudRecord, it's quite useful.
 

Francisco

Company Lube
Verified Provider
If they designate you a "spam operation" (as they seem to have done in one listing there) they will list any IPs they associate with you, regardless of any lack of actual spam.
Yep.

I hope burst is informed of your policies because if you get any SWIP entries, Spamhaus may track them.

You could go with CC. They love spammers and doesn't afraid of anything.

Francisco
 

perennate

New Member
Verified Provider
If they designate you a "spam operation" (as they seem to have done in one listing there) they will list any IPs they associate with you, regardless of any lack of actual spam.
It is ironic because that's the listing that is completely illegitimate. I'm glad they at least haven't blacklisted our mail server.
 

perennate

New Member
Verified Provider
If you don't convince them that you're innocent they'll probably blacklist any IP you move to since they've labeled you a "spam hosters / operation".
Also I really don't know what else we can do to convince them. We've already informed them of the changes, especially the manual screening.  We've told them that we'd be happy to take additional actions if they deem what we've done so far to be insufficient. But they responded once and now seem to be ignoring our emails.
 

drmike

100% Tier-1 Gogent
You could go with CC. They love spammers and doesn't afraid of anything.
You had to go there, ehh? 

Explain to me how CC goes on and on with Spamhaus listings and doesn't end up perma-listed on ranges?  I mean, everyone I know probably could find multiple email SPAMS that originated from their ASN.
 

perennate

New Member
Verified Provider
I hope burst is informed of your policies because if you get any SWIP entries, Spamhaus may track them.
To what policies are you referring?

You could go with CC. They love spammers and doesn't afraid of anything.
Well, we've terminated all spammers on our network and are manually screening new customer information.
 

DomainBop

Dormant VPSB Pathogen
Explain to me how CC goes on and on with Spamhaus listings and doesn't end up perma-listed on ranges?  I mean, everyone I know probably could find multiple email SPAMS that originated from their ASN.
The difference is CC owns its IP addresses and (eventually) terminates the clients Spamhaus has labeled as spammers and then Spamhaus gives CC a  pat on the back for helping keep the Internet safe from spam.  LunaNode doesn't have its own IP space and has been labeled as a spammer ("spam host / operation") by Spamhaus.  It would be much easier for LunaNode to clean up this mess if they owned their IP space because then their client would have been labeled the spammer and LunaNode would get a pat on the back from Spamhaus when they terminated the client.  As it stands now, Singlehop will be getting the pat on the back from Spamhaus for giving LunaNode the boot.
 

cubixcloud

Member
Verified Provider
Having the number resources (PI Space) is really great but along with that are expenses and infrastructure costs to be considered.

I get Spamhaus has a mission and many people use them. But to label a provider as "spam host / operation" without concrete evidence is completely wrong. This could be construed as libel. But there are so many VPS/VPN/Hosting provider front companies out there that you really have to look at your customers.

Spamhaus has been threatening a lot of ISPs lately. IMO SingleHop should not have let Spamhaus bully them unless there is more to the story than meets the eye. If the provider doesn't stand up for legitimate customers that simply had issues then who will?
 
Last edited by a moderator:

SkylarM

Well-Known Member
Verified Provider
Having the number resources (PI Space) is really great but along with that are expenses and infrastructure costs to be considered.
If you're large enough to apply for an ARIN IP block, you really have ZERO reason not to do so. Almost every datacenter I can think of will announce IP space free of charge if you don't have your own switch/router with a BGP session. Most DC's likely charge for the BGP session if you go that route, but are willing to announce your IP space free.

Costs of IPs are much cheaper direct with ARIN than through a provider, and gives you more control. I don't really see why anyone large enough to get IPs hasn't done so.

@Lunanode, GL with the move. Sucks to see Spamhaus do that to you. Hopefully their responses are just slow due to Christmas and such.
 

cubixcloud

Member
Verified Provider
But just because you are large enough doesn't mean you should from a financial stand point. You can just as easily get space reallocated and you can announce anywhere long as you have an ASN with a LOA of course.

Yes, I agree the mileage varies with the costs per DC or upstream provider, however, there is more to it than just announcing your space. That's the easy part. That's why we have so many /24s deaggregated on the global routing table which is a discussion for another day. You need to also consider RFCs/BCPs.

The proper way to obtain IP space is to ask your provider -> ask your provider's upstream -> then finally ask ARIN if it's your region.
 
Last edited by a moderator:

dcdan

New Member
Verified Provider
Have you tried nodewatch? Looks like you are running OpenVZ; nodewatch will stop all spammers in like 10 seconds.
 

Aldryic C'boas

The Pony
The difference is CC owns its IP addresses and (eventually) terminates the clients Spamhaus has labeled as spammers and then Spamhaus gives CC a  pat on the back for helping keep the Internet safe from spam.
Heh, not quite.  Spamhaus is very well aware of CC's habit of knowingly selling ranges to spammers under the Velocity name.  Last I spoke with them on it, they're just debating what course of action to take on the issue.

Back on topic... Every now and then I hear some Spamhaus horror story, or get linked to a "read this to see why Spamhaus is evil" page.  And the first thought that always comes to mind is "This is the same Spamhaus I deal with?  The same guys that remove any SBLs we get within minutes of me dealing with the problem?  That will commonly email me directly about a problem rather than just issue an SBL?  The same folks that know me on a first name basis and have never once given us cause to complain?"

Eh, I dunno.  Just seems a bit surreal - like waking up one day to hear that De La Casas ended up a mass murderer or something.  That "Really?  _THAT_ guy?" feeling.
 

Francisco

Company Lube
Verified Provider
I used to deal with spamhaus during my DSN days. They were always reasonable, even when they knew Ed was playing games. For whatever reason they gave me an easy enough time and didn't hold it against us when we finally got the hell out of there.

I know it's a strong marketing tool, but you offering a /29+ with a VM for pennies isn't worth it. Spammers can't buy a /29 for $5, nevermind a /28 that you did for $7.50/month or something like that. Really, if they sign up and get 2 - 3 days of pure pound, they'll never charge back on you.

When we first opened up BuyVM on LEB we got a spammer signup within 24 hours. He was terminated 48 hours after that and never charged back. He never disputed it, argued it, made threats. He hit and run and our SBL was gone pretty quick, too.

Francisco
 
Last edited by a moderator:

signius

New Member
Legitimate businesses are becoming increasingly fucked off with Spamhaus & how they conduct their business.

I know a couple of people who run small UK ISPs &Spamhaus do not have a good or respected reputation among most ISPs due to their practices of blacklisting entire IP Blocks of an ISP without warning often, because of abuse from a single IP address. I am also told they are an absolute pain in the fucking ass to try and deal with & that they are technically ignorant on many issues.

I think they started out with good intentions but recently they seem to have got ideas above their station, just look up the recent thread of their unworkable nonsense bullshit ideas & trying to involve the UK government also.

I am not sure if there has been some management changes of late within Spamhaus but if there has they need to review things.
 
Last edited by a moderator:
Top
amuck-landowner