[tor-relays] webiron requesting to block several /24 subnet

Dhalgren Tor dhalgren.tor at gmail.com
Wed Oct 21 05:20:01 UTC 2015

>snake oil service like webiron

A most excellent characterization!

As a sales maneuver WebIron has been grandstanding
for months saying that Tor operators are "unwilling
to cleanup" when they know full-well that tor operators
can not / should not filter traffic due to minor brute-
force login attempts.  For contrast, Fail2ban in 2012
was modified to silently block login attacks without
spamming Tor operators in a reasonable gesture of
politeness.  SSH brute-force attacks have been a
fact-of-life for 20 years.  Hardly anyone thinks
it worth the effort to spam abuse@ desks over it
when a simple rate-limit does the job nicely.

WebIron has become so obnoxious that Spamhaus
placed their domain on the Domain Block List
last Friday


and in addition, the IP of their reporting
system appears on the Spamhaus snow-shoe list
and thereby on the big-bazooka Zen DNSBL.


Spamhaus is highly conservative, highly respected
and only  lists egregious  unrepentant abusers.

The only reason to comply is in deference to
the overworked abuse-desk of your ISP if they
do not have an automated system for dealing
with this nonsense.

More information about the tor-relays mailing list