-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

I have a fairly high bandwidth exit node running for about a month now that I'm having difficulty keeping off of the http://cbl.abuseat.org/ blacklist and have been informed of this listing by the VPS provider. The relay is running with a reduced exit policy -- and additionally I've blocked common mail ports, etc via IPFW so I know that no spam is actually being sent out of the relay. Still, various botnets connections are connecting to abuseat.org botnet sinkholes via port 80 Command&Control connection attempts. I'm at a loss at how to stop this or somehow detect and filter botnet traffic.

I've informed the VPS provider that I'm on top of it and have the machine configured to not actually allow this sort of malicious traffic out and they seem to be generally happy with that explanation, but a better solution if one exists would be appreciated.

Thanks,

Julian Plamann

julian (at) amity.be GPG: 0x96881D83