Re: [anti-spam-wg] blacklisted for no reason
From: furio ercolessi furio+as@localhost
Date: Mon, 14 Apr 2008 15:52:35 +0200
On Fri, Apr 11, 2008 at 02:22:08AM -0700, JT Adelphia wrote:
> My servers ip was recently erroneously blacklisted in an sbl listing. The
> other ips in the listed range I have no control over. This is having a very
> negative effect on my business. The sbl support department is not
> responding to my emails.
What some may consider erroneous is _not_ blocking the whole of
Calpop.com (or atmlinkinc.com, or "Hollywood Interactive", or
whatever their name is today).
This company has hit us with much spam, for many years, and had us
losing much time in dealing with customer complaints and adjusting filters,
until the day last year where we decided to reverse the usual operational
procedure by blocking the whole of Calpop and start whitelisting individual
IPs as the need arises. That was an action that we did not regret.
Such a persistent supply of services to spammers could not exist
unless the management of the company considers this as part of their
core business. The management of Calpop is part of the problem
that led to the existence of this and other discussion groups,
and of the various blocking lists as well. The Internet would be
a better place without this company - at least in the way that it is
"Erroneous sbl listing"? Sorry, I do not think so. Snowshoe
spammers on Calpop are the normality, and this case is not different.
Spamhaus may have no history, but Ironport has one:
And you can see high emissions in the past days from:
126.96.36.199 mail.pitufamar.cxm (anonymous domain registered 21-mar-2008)
188.8.131.52 mail.quiquebas.cxm (anonymous domain registered 21-mar-2008)
184.108.40.206 mail.wientime.cxm (anonymous domain registered 31-mar-2008)
220.127.116.11 mail.xanduzen.cxm (anonymous domain registered 21-mar-2008)
18.104.22.168 mail.largosos.cxm (anonymous domain registered 31-mar-2008)
22.214.171.124 mail.winteraire.cxm (anonymous domain registered 21-mar-2008)
126.96.36.199 mail.pitremis.cxm (anonymous domain registered 31-mar-2008)
[ NOTE: this the second version of this mail to the list. The first was
rejected by the content filters at RIPE because of these spammy domains
in the body. This is why I changed the suffix from the real ".com"
to ".cxm". ]
This makes 188.8.131.52/28 "a dirty network". Since SBL is no
longer listing it, the safe (based on experience) conclusion that
can be reached is that Calpop moved the spammer elsewhere in its
space. The spammer will reappear shortly with a new set of domains.
This crap from Calpop has been going for _years_.
> To be frank this is costing me a lot of money and the Spamhaus support staff
> seems unconcerned. I did nothing to earn being listed. I am an innocent
> bystander who is now fighting to save his business. I rely on income from
> my hosting server to pay for my home, car, and family.
To be frank, I could not understand why you would host a site on
one of the worst ISPs in the world, spamwise. The best thing that you
could do to your business is move the hosting elsewhere.
> It is not fair to blacklist my ip when I have no control over any other ip.
> This is clearly an issue between spamhaus, the offending user, and the data
> center and should not involve my ip. If I am not the offending user, why is
> my ip involved here?
I see it as an issue between an ISP sold to (or run by) spammers and the
rest of the Internet, with Spamhaus as a sort of savvy mediator to
mitigate the damage that spammers and spam-support ISPs inflict to the
> I feel humiliated, ignored, and slandered. No one at my ip has been
> involved in any kind of spam related activity, yet my ip is blacklisted.
> Spamhaus has provided me with no timeline for a solution to this problem.
Well, it apparently has been solved, for some meaning of "solved".
Obviously Spamhaus could not provide a timeline, since it is entirely
in the hands of the ISP!
> Someone should help me to resolve this before my losses become so great I am
> forced to seek the help of an attorney.
Since Calpop is the responsible party, you may consider directing the
attorney against Calpop for placing spammers nearby your IP. You may
even consider to get some public fund-raising for such an action. I
would be ready to contribute with $100 out of my own pocket.
> Jon T.
I punched a hole for your IP in our local access list.
PS your IP is in a block registered in ARIN by the following entity:
OrgName: AirlineReservations.Com, Inc.
Address: 600 W. 7th Street
Address: Suite 360
City: Los Angeles
Did you buy hosting from this company?
I will be grateful if you can indicate me a web site or anything else
that relates this corporation with any activity somehow related with
airline reservations. I have not been able to do so, in spite of
some research; but perhaps I am not good enough. Or perhaps they
like using a weird name for a hosting business, for some reason.