[tor-relays] webiron requesting to block several /24 subnet

tor at as250.net tor at as250.net
Wed Oct 21 11:21:00 UTC 2015


Dear yl,

just a few words from the abuse helpdesk of a larger tor-exit-node...

TL;DR: we ignore those requests. they don't even reach a human.

While we do handle most genuine/honest/helpful and especially all
non-automated abuse reports very diligently. Pointless nagging
services like webiron however are automatically rejected before they
reach our abuse inbox. It seems that we are not the only ones who deem
their mass mailings as spam, as evident from the spamhaus listing below:

Oct 20 03:34:54 mail smtpd: NOQUEUE: reject: RCPT from abuse-reporting.webiron.com[23.91.17.162]: 554 5.7.1 Service unavailable; Client host [23.91.17.162] blocked using sbl.spamhaus.org; http://www.spamhaus.org/sbl/query/SBLCSS; from=<###@abuse-reporting.webiron.com> to=<abuse@###> proto=ESMTP helo=<abuse-reporting.webiron.com>
Oct 20 03:34:54 mail smtpd: disconnect from abuse-reporting.webiron.com[23.91.17.162]
Oct 20 19:49:51 mail postfix/smtpd: NOQUEUE: reject: RCPT from unknown[23.239.20.29]: 554 5.7.1 <###@abuse-reporting.webiron.com>: Sender address rejected: Access denied; from=<###@abuse-reporting.webiron.com> to=<abuse@###> proto=ESMTP helo=<abuse-reporting.webiron.com>

We had similar problems with report at redsnitch.net and most
notably with clean-mx.de which seems to be a confused single individual
(Mr. Recher) sending out not very helpful mass mailings. Repeated
contact attempts by mail and on his apparently 24/7 reachable mobile
number (included in every of his mails) did not convince him to stop.
If you also get these and are annoyed with that, try to give him a call,
he seems to like feedback and was ok with getting a call at an odd time.

Also on our inbound-deny-list is a regex match for /^(.*)fail2ban(.*)$/
to a rather recent phenomenon.
Some people out there apparently are of the opinion that it is a
reasonable choice to use the ugly crutch that is "fail2ban" instead of
deprecating password based authentication for ssh. To make things
worse, these days this ill-conceived piece of software includes
an option to advertise itself to other people. automatedly. via mail.
*sigh*

Cheers


More information about the tor-relays mailing list