Can someone send me a list of *all* AOL netblocks? ARIN's whois only gives back a handful.
I want to block _all_ AOL netblocks, but its tough to find out what they are.
Thanks to a few malicious, radical antispammers (Chris Neill, Alan Brown, etc) we are getting hit with a large number of criminal mail relays. Mostly coming from AOL addresses. We have about a half dozen individual criminal complaints underway.
Thanks,
--Dean
Don't kid us, Dan. Close your fucking relays (not that any of them talk to
my hosts anyhow). If this has to be drummed into your bonehead again: THEY
WILL FIND YOUR RELAYS ON THEIR OWN, AND THEY WILL ABUSE THEM, NO MATTER
HOW LOUD YOU SCREAM. THEY SIT IN CHINA, PAKISTAN AND KOREA, AND THERE IS
NOTHING YOU CAN DO ABOUT THEM SHORT OF CALLING THE WHITEHOUSE AND GETTING
THESE PLACES INVADED. Alternatively, you could come to your senses and
shut the literal front door of your house now that you've finally noticed
the first unsavory characters passing by. A couple years after the rest
of us, no doubt.
And they won't need ORBS or any other service to locate you, either.
Stop complaining. No more secrets (now that's from Scott Yelich's tagline).
bye,Kai
In transition to a new mail server (with a new address), I installed a
plug-gateway on the old server to redirect mail.
Unfortunately, plugd hides the ip address of the sender, and since I trust
my netblocks, all of the ip addresses on the old server became "spam relay
entry points".
It took the spammers 96 hours to find 3 of the addresses on that box and
for us to be listed in orbs. I figured I would have at least had a week
or two to figure out a better way.
I ended up staying up all night getting transparent proxying to work right
on the new server and making it work with a cisco route-map.
- Forrest W. Christian (forrestc@imach.com) KD7EHZ
If you plug-gw it, you can also just tcp_wrap it, and then use
your hosts.allow, etc.. to stop spammers.
I've done similar things with netcat from inetd, which makes it easy to
run through tcpd.