-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I have a fairly high bandwidth exit node running for about a month now that I'm having difficulty keeping off of the http://cbl.abuseat.org/ blacklist and have been informed of this listing by the VPS provider. The relay is running with a reduced exit policy -- and additionally I've blocked common mail ports, etc via IPFW so I know that no spam is actually being sent out of the relay. Still, various botnets connections are connecting to abuseat.org botnet sinkholes via port 80 Command&Control connection attempts. I'm at a loss at how to stop this or somehow detect and filter botnet traffic. I've informed the VPS provider that I'm on top of it and have the machine configured to not actually allow this sort of malicious traffic out and they seem to be generally happy with that explanation, but a better solution if one exists would be appreciated. Thanks, Julian Plamann julian (at) amity.be GPG: 0x96881D83 -----BEGIN PGP SIGNATURE----- Version: Mailvelope v0.13.1 Comment: https://www.mailvelope.com wsFcBAEBCAAQBQJVcKatCRB9wOTqlogdgwAAgdYP/268o2gs1nSKVcNKQfJR gnKQyBsduy2DZCGlSCnEmj4JJ0E9jiOsh+aBrZBknnbbwYPtwMBuctHTblXD czQAy5DxMNUE+E9wofLQJHLUe3W43hueKGuKzVjBnnSgxKhsUS+7dH1q4dLt KHzYdxUqQQYmmX4P9uY43/6tWeratdUF7w93cevatRpDbULMTb0j09+aeUyE MfU2i3KK6CZXIij6oo2pndwrglHywcasFwXpmEN058SYrHlB/4QDQBl7xgyU eELb71jxmz+vwZOyfEyj10ffwVtT/TcYKi5wOT1viDqQV9orNmlu8UOvu3xE 47zsb8M1Bt8JU19AsKmJNVS3YLH+2J5ertyi2mFM2PpSRIAQ6NzGA/zd/+Qr MJ7pilIBpozauf/iqiZH3UFDU5UUSezqR62fSkUDuTNaSIV5Inz0gWJnqK8w ZUMLM5xovCvWg/SqrZo0Qbry2AxOZ/l5zyhW4Jn2uioOoP+Z763FP04LcRm9 gVqfvVDNHyaAvdgKR8PSPXi2PrnNb0uEKDZLea76deWN8f2DBgfqp5hRAUOf Mk2BD9Fk30F1RC0QH0DLm/hsgTnxDEyq+XDtD6LJiGkfiHtwPkye6pH+Qf3K ZuonkypZqdfccY68lb2hMkLW7N/hsOf4hjUVQri/TL8V6eUMoEw0OAZLzhtZ gv2S =HitE -----END PGP SIGNATURE-----