[tor-relays] webiron requesting to block several /24 subnet
Tyler Durden
virii at enn.lu
Mon Nov 16 23:42:47 UTC 2015
Dhalgren Tor:
>> . . .I have to understand how my ISP reacts to this kind of things.
>
>> For the moment I will keep a low profile and I will block the
>> mentioned IP range for a month.
>
> Webiron's system sends notifications to both the abusix.org contact
> for the IP and to abuse at base-domain.tld for the reverse-DNS name of
> the relay IP. So if you can configure abuse@ for the relay domain to
> forward to you, you will see their notices at the same time as the ISP
> abuse desk. Might be helpful to know about it before they contact you
> and/or to see if they become familiar enough with the notices to
> ignore them. Automated abuse complaints from other sources do not
> always go to the domain-based address.
>
> http://multirbl.valli.org/
>
> is a handy resource that shows the abuseix.org and abuse.net
> information, as well as how many DNSBLs the relay has racked up. You
> can change the abuse.net contact but Webiron appears to ignore this
> source and simply construct the abuse@ from the rDNS domain name.
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
We had problems with webiron too. We decided to block them on our
mailserver. They even send false-positives. Like we would transport UDP
based attacks...
We told our ISP the same story, that most of the abuse mails from
webiron are false-positives and now they don't bother us.
Greetings
--
Sam Grüneisen - President
Frënn vun der Ënn A.S.B.L.
enn.lu
More information about the tor-relays
mailing list