ARIN has dropped all registry information for 206.46.0.0 - 255.255.0.0.
This range includes our residential and business mail customers. We are
aware of the issue and are addressing this NOW to have our ARIN records
re-published again. We are not sure why this has happened at this time.
Any sender verification that checks for PTR records will fail on outbound
mail from Verizon Online.
Based on this problem, completewhois has stopped listing 206.46.0.0/16 as
a bogon (and actively having it blocked through dns for those using
bogons.dnsiplists.completewhois.com for active blocking in email), this
exception will last 48 hours. If you're using bogon lists in firewall
with daily downloads of bogon ip block list, please make immediate
download of currently available list or manually remove 206.46.0.0/16
from list of bogons and reinitialize your firewall.
Based on this problem, completewhois has stopped listing 206.46.0.0/16 as
a bogon (and actively having it blocked through dns for those using
bogons.dnsiplists.completewhois.com for active blocking in email), this
exception will last 48 hours. If you're using bogon lists in firewall
with daily downloads of bogon ip block list, please make immediate
download of currently available list or manually remove 206.46.0.0/16
from list of bogons and reinitialize your firewall.>
> ARIN has dropped all registry information for 206.46.0.0 - 255.255.0.0.
> This range includes our residential and business mail customers. We are
> aware of the issue and are addressing this NOW to have our ARIN records
> re-published again. We are not sure why this has happened at this time.
> Any sender verification that checks for PTR records will fail on
outbound
> mail from Verizon Online.
>
> --------------------------
> Dennis Dayman
> Verizon Internet Services Operations
> Security and Legal Compliance
> --------------------------
ARIN is cracking down on IP Space that is or has been issued (legally) and
have been found to have the contact records "out of date" or the e-mail
addresses either don't work or their are mailboxes full and so on. You will
see more and more of these allocations being removed for failing to act on
network issue via their stated ARIN information.
A good example was that fellow trying contact RoadRunner's network center.
You should be able to do so from their ARIN information on record but...
nope they let the numbers changes, e-mails fade and people come and go.
More to come of this as Renewal Time is just around the corner.
-Peter
ARIN is cracking down on IP Space that is or has been issued (legally) and
have been found to have the contact records "out of date" or the e-mail
addresses either don't work or their are mailboxes full and so on. You will
see more and more of these allocations being removed for failing to act on
network issue via their stated ARIN information.
ARIN actions are sometimes not totally predictable, but I've not seen
them remove blocks just because contact info is out of date, in this case
they will simply mark the ip block as invalid and remove dns servers.
Unlike others I actually monitor this and what I have seen suggests the
blocks are deleted ONLY if the original company actually does not exist
and there exist legal documents to show that (i.e. court ordered liqudation
or sometimes in cases of ip block actively being abuse after some investigation
they would consider corporate registration data that shows company as
being dead for several years to be enough). The other reasons are if ip
block admin actually asked for ip block to be removed (sometimes if he's
getting large space somewhere else instead).
New this year are that ARIN is beginning to remove blocks when it has
not been paid renewal fees for some years. This, I think, led to greatly
increased (by order of 5) number active bogon routes out of ARIN's direct
allocations blocks like 207/8, 209/8, 216/8, 64/8 now showing up at
http://www.completewhois.com/bogons/active_bogons.htm
When I saw how bad it has become, I've tried sending reports about active
bogon routes manually to admins of the networks routing these blocks and
this led to some of them routes getting removed (most are just old static
routes still present in the routers although some are on purposely ignoring
ARIN), but this manual process is time-consuming and for the future I
hope to create automated system that will be able to send these reports
once per month to admin contacts listed for ASNs routing these blocks
(but the reports may not be as well targeted to proper people, when doing
it manually I could sometimes enter correct contact when I knew which
network it is, automated system will be harder to tune-in, especially
given that ARIN contact data listed for ASN whois is also often enough
out of data, especially for these old blocks).
P.S. On topic to the original post, the Verizon block 206.46.0.0/16 being
listed as active bogon on completewhois page (or any other route listed
there) are not equivalent to bogon ip block list used for active filtering.
The active list is created for monitoring purposes based on routeviews
data based on bogon ip lists prior to when exceptions are applied (like
current Verizon case), this is so I could monitor if situation has been
resolved or not. Just FYI.
A good example was that fellow trying contact RoadRunner's network center.
You should be able to do so from their ARIN information on record but...
nope they let the numbers changes, e-mails fade and people come and go.
That is a problem with ARIN data that there is no validation of it, there
was a policy proposal at ARIN (see http://www.arin.net/policy/2003_16.html)
but it was killed (despite support of a lot of people on the meeting and
despite that it was already a scaled down version of previous more radical
anti-abuse and data validation proposals) so I'm not sure what will happen
now. There was also another proposal http://www.arin.net/policy/2004_4.html
that also tried to provide for better validity of whois data and it was
also killed. Along the lines of killing every whois related proposal
at last meeting same also will probably happen to my Whois AUP proposal
http://www.arin.net/policy/2004_4.html (for history of this proposal
see http://www.elan.net/~william/arin_whoisaup_history.htm) which provides
for having a legal "note" that you should not improperly use data
from whois queries (did you know ARIN is now the only whois registry that
does not have AUP on how the data may or may not be used?), but for that
if you dont want it to die you still have a chance to stop it if you
voice your opinion and send private email in support of the proposal to
petition@arin.net and also post confirmation of your support at ppml@arin.net
But otherwise few people like myself trying to do anything about it
I'm not sure what will need to happen for ARIN to understand that validity
and security of whois data is important and people rely on that all the
time and they can't just ignore these issues. Unfortunetly most people who
actually use their data also the ones who really dont have time or interest
to participate in ARIN political process and as such are not heard at all.
I received endless spam from hosts on other verizon networks, e.g.
(the following generated: Tue Jun 8 05:01:33 EDT 2004):
NetRange: 206.124.64.0 - 206.124.64.255
CIDR: 206.124.64.0/24
NetName: GTENET-CSD-DNS1
NetHandle: NET-206-124-64-0-2
Parent: NET-206-124-64-0-1
NetType: Reassigned
NameServer: BIGGUY.GTE.NET
NameServer: OTHERGUY.GTE.NET
Comment:
RegDate: 1999-02-24
Updated: 1999-02-24
OrgAbuseHandle: VOH1-ARIN
OrgAbuseName: Hostmaster, Verizon Online
OrgAbusePhone: +1-800-927-3000
OrgAbuseEmail: hostmaster@bizmailsrvcs.net
E-mail sent to this listed contact bounced and/or was undeliverable.
I sent notifications of this breakage to every other directly related
and listed contact, and was met with complete silence. I tried dozens
of times. For months and months. One of the non-responders was
a contact associated with GTE.NET, christian.andersen@verizon.com,
AKA CA546-ARIN, for example.
I also inquired of ARIN about its policy regarding Invalid Contacts.
They merely pointed out that it is not their responsibility to police
such issues, but merely mark them, i.e. (the following generated:
Tue Jun 8 05:02:55 EDT 2004):
Name: Hostmaster, Verizon Online
Handle: VOH1-ARIN
Company:
Address: Verizon Online
Address: 5525 MacArthur Ste 320
City: Irving
StateProv: TX
PostalCode: 75038
Country: US
Comment: The information for POC handle VOH1-ARIN has been reported to
Comment: be invalid. ARIN has attempted to obtain updated data, but has
Comment: been unsuccessful. To provide current contact information,
Comment: please e-mail hostmaster@arin.net.
RegDate: 2002-02-21
Updated: 2003-06-03
Phone: +1-800-927-3000 (Office)
Email: hostmaster@bizmailsrvcs.net
The coincidence that the last-updated date is "06/03/2003" is remarkable.
Well, one thing that has to happen is that ISPs and co-lo providers
(such as Inflow, our former - note /former/ - provider) need to
"understand that validity and security of whois data is important and
people rely on that all the time and they can't just ignore these issues".
Which, unfortunately, is what Inflow refused to understand the entire
time we were co-lo'd with them, and continue to ignore to this day. I'm
not surprised to find that our old netblock is still tagged with my
company's name, despite requests to have it updated:
Request: 66.45.6.196
connected to whois.arin.net [192.149.252.43:43] ...
Inflow NFLO-AR-2 (NET-66-45-0-0-1)
66.45.0.0 - 66.45.127.255
Hesketh INFLOW-55125-5697 (NET-66-45-6-192-1)
66.45.6.192 - 66.45.6.223
# ARIN WHOIS database, last updated 2004-06-07 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.
...because Inflow didn't give a damn when we were paying them, I can't
imagine they'd give a damn now that we've decided to pay someone else.
We tried for six months to get them to add an abuse contact field to our
ARIN record and they wasted dozens of hours explaining that because it
was optional they didn't have to do it, when the point was that it was
/necessary/, or at least /being actively requested/, and that the way to
keep customers isn't to explain how you don't have to do something, but
rather to do what the customer asks. I'm glad that RFCi listing didn't
have any real effect on our ability to send mail. :-/
But, as I've said, Inflow is our /former/ co-lo provider, so they can go
to hell for all I care. But I really wish they, or someone, would clean
up our old ARIN records so that the next spammer they host, or netblock
that gets hijacked, doesn't suggest, via ARIN, that my company has
anything to do with it.
Steve
William,
ARIN understands exactly how important the validity and security of
the whois data is... This understanding is based on the policies that
the community chooses to adopt (or not).
The Third Joint meeting of Nanog and ARIN will take place October 17th
through the 22nd in Reston Virginia (thanks to local host TimeWarner!)
More information is hidden on the home page of http://www.nanog.org/.
I understand that Reston is not exactly a tropical vacation spot, but I
ask that folks who feel strongly about the policies affecting whois data
stay another day or so and participate in the public policy process. In
this manner, we're assured of getting balanced policies that reflect the
wishes of the entire community.
Thanks!
/John
John Curran
Chair, ARIN Board of Trustees
The record I was ranting about yesterday has now been expunged, thanks
to some clueful folks at Inflow and the efforts of one Thom Smith. Many
thanks to all concerned.