| Author |
Message |
zaphod
Site Admin
Joined: 28 Jan 2008
Posts: 75
|
|
 Signature update 10 |
 |
Blocked 2 new blocks of addresses.
209.62.96.0-209.62.127.255 theplanet.com . Bad host or isp, with a penchant for spammers.
94.181.0.0-94.181.255.255 Large chunk of Russian Business Network (cybercrime syndicate). 1000s of spammers in this 65,536 address space with no hostnames registered.
Get back to me if there's problems...
Zap 
|
|
| Fri Dec 05, 2008 8:23 pm |
  |
 |
diabolic.bg
Joined: 30 Nov 2008
Posts: 30
Location: Bulgaria |
|
| |
|
Hi, Zap!
I have some comments about signatures:
 |
|
$ax = $ax + (rmatch($hoster,"rima-tde.net","rima-tde.net No habla good behaviour (Spamhaus and SORBS blacklists)"));
$ax = $ax + (iprange($address,"83.63.128.0","83.63.255.255","rima-tde.net No habla good behaviour (Spamhaus and SORBS blacklists)")); |
The argument "No habla good behaviour (Spamhaus and SORBS blacklists)" for me is not serious. I know examples when Spamhaus and SORBS make a mistake. The first example - before one year SORBS often blocked my servers IP because I used forum mail system. After all I started my personal real mail server and this was the end of my troubles.
Example two you can see in this topic.
Look at my posts and how MysteryFCM answer me.
Why I tell you all this?
When I see Google search link, I see the next - this is Bulgarian who lives in Spain and search online bulgarian books.
My topic 303 is topic for online books. Why I must block this man?
I will comment this two lines. And I think you must increase your criterion for inclusion in signatures. The blocker must block spammers and hackers, not the usual humans.
P.S. In Spain have many Bulgarians in last twenty years and they often visit me.
Excuse me for my frankness. I debate of principle. 
_________________
Fallout Vault BG | Vault Tec RSS News |
|
| Sat Dec 06, 2008 8:04 am |
 |
|
zaphod
Site Admin
Joined: 28 Jan 2008
Posts: 75
|
|
| |
|
This ISP was the source of several bot attacks on my phpBB forum. Also got a couple of remote include attacks from it. Perhaps I was wrong to block them. I will temporarilly remove the block... Comment out and move to the bottom, but if more crap comes from them, it goes back up and stays. Apparently though, as far as ISPs go, they allow mail-servers without getting approval from the ISP for them. Sure, this is good net neutrality, but this also makes it a botlord haven.
And yes, perhaps the "no habla" bit was over the top, but it was for comic relief, not disgruntlement of anyone. And allowing downstream mail servers without authorization, is IMHO bad behavior. All my ISP asks is that I request to have a mail server. If I do, they unblock port 25. If you leave 25 open, some botlord will set up an open relay on it if he can, and begin spamming out your IP. So the behavior in question is a matter of simply blocking un-annouced mail servers...
alas, mail was not my reason for blocking them anyway, I just confused the issue by mentioning the bad mail behaviour.
Sorry to have upset you,
Zap
P.S. By adding "//" to the beginning of any signature, you essentially turn off the detection. You don't have to accept my blocks in total. They are just what I feel is best to protect myself. Also, you can add your own blocks if you like. If you want one added to my primary list, just drop a note in here about who attacked you, how they attacked you, and what method(s) they used.
|
|
| Sat Dec 06, 2008 1:18 pm |
|
|
diabolic.bg
Joined: 30 Nov 2008
Posts: 30
Location: Bulgaria |
|
| |
|
You don't upset me. Don't worry.
As say one bulgarian proverb "each herd have a carrion".
I want to say - in each address space have bad users but they aren't all. For last 3 years I don't have attack from rima-tde.net.
You and I are from the same side of the barricade.
Only what I want - we both together to find out the truth.
I again hope you understand me.
_________________
Fallout Vault BG | Vault Tec RSS News |
|
| Sat Dec 06, 2008 2:00 pm |
|
|
zaphod
Site Admin
Joined: 28 Jan 2008
Posts: 75
|
|
| |
|
Actually, to my mind, this is more like a herd of carrion (very Vlad Teppes) with one survivor in the middle of it.
As I said, you don't have to accept all my blocks. They are easy to comment out.
|
|
| Sat Dec 06, 2008 2:24 pm |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
