This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] 213.0.0.0/8 and AS12445 (selenebs.it aka "A2A Smart City S.P.A"/Italy)
- Previous message (by thread): [anti-abuse-wg] telia.lt: Ignoring abuse complaints (?)
- Next message (by thread): [anti-abuse-wg] 213.0.0.0/8 and AS12445 (selenebs.it aka "A2A Smart City S.P.A"/Italy)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ronald F. Guilmette
rfg at tristatelogic.com
Sun Apr 7 08:15:08 CEST 2019
I guess that I have a lot to learn yet about routing. Maybe some of you folks will yet again take pity on me and explain this to me. >From where I am sitting it appears that AS12445 is announcing a route to all of 213.0.0.0/8. (I only happened to find out about this because, as it happens there are some spamming inside of 213.0.0.0/8.) Anyway, this is my reference source: https://bgp.he.net/AS12445#_prefixes I did think that I should try to just email the official contacts AS12445 privately to inquire about this, and so I sent email to all three of the contact email addresses listed in the RIPE WHOIS record for AS12445, but as you can all see below, that didn't really work out very well. Anyway, this doesn't seem to be such a great idea, security-wise, i.e. to allow random network to announce routes to entire /8s (or larger) that don't actually belong to them. It is hard for me to tell how long this has been ongoing in the case of this specific prefix and this specific ASN. If anyone else can illuminate me regarding that, then I would appreciate it. ------- Forwarded Message Return-Path: <> X-Original-To: rfg at tristatelogic.com Delivered-To: rfg at tristatelogic.com Received: by segfault.tristatelogic.com (Postfix) id 323DF3AFF4; Sat, 6 Apr 2019 22:57:35 -0700 (PDT) Date: Sat, 6 Apr 2019 22:57:35 -0700 (PDT) From: MAILER-DAEMON at tristatelogic.com (Mail Delivery System) Subject: Undelivered Mail Returned to Sender To: rfg at tristatelogic.com Auto-Submitted: auto-replied MIME-Version: 1.0 Content-Type: multipart/report; report-type=delivery-status; boundary="8E09A3AEF2.1554616655/segfault.tristatelogic.com" Message-Id: <20190407055735.323DF3AFF4 at segfault.tristatelogic.com> This is a MIME-encapsulated message. - --8E09A3AEF2.1554616655/segfault.tristatelogic.com Content-Description: Notification Content-Type: text/plain; charset=us-ascii This is the mail system at host segfault.tristatelogic.com. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <galasso at selenebs.it>: host selenebs-it.mail.protection.outlook.com[104.47.10.36] said: 550 5.4.1 [galasso at selenebs.it]: Recipient address rejected: Access denied [DB5EUR03FT051.eop-EUR03.prod.protection.outlook.com] (in reply to RCPT TO command) <gvinetti at selenebs.it>: host selenebs-it.mail.protection.outlook.com[104.47.10.36] said: 550 5.4.1 [gvinetti at selenebs.it]: Recipient address rejected: Access denied [DB5EUR03FT051.eop-EUR03.prod.protection.outlook.com] (in reply to RCPT TO command) - --8E09A3AEF2.1554616655/segfault.tristatelogic.com Content-Description: Delivery report Content-Type: message/delivery-status Reporting-MTA: dns; segfault.tristatelogic.com X-Postfix-Queue-ID: 8E09A3AEF2 X-Postfix-Sender: rfc822; rfg at tristatelogic.com Arrival-Date: Sat, 6 Apr 2019 22:57:32 -0700 (PDT) Final-Recipient: rfc822; galasso at selenebs.it Original-Recipient: rfc822;galasso at selenebs.it Action: failed Status: 5.4.1 Remote-MTA: dns; selenebs-it.mail.protection.outlook.com Diagnostic-Code: smtp; 550 5.4.1 [galasso at selenebs.it]: Recipient address rejected: Access denied [DB5EUR03FT051.eop-EUR03.prod.protection.outlook.com] Final-Recipient: rfc822; gvinetti at selenebs.it Original-Recipient: rfc822;gvinetti at selenebs.it Action: failed Status: 5.4.1 Remote-MTA: dns; selenebs-it.mail.protection.outlook.com Diagnostic-Code: smtp; 550 5.4.1 [gvinetti at selenebs.it]: Recipient address rejected: Access denied [DB5EUR03FT051.eop-EUR03.prod.protection.outlook.com] - --8E09A3AEF2.1554616655/segfault.tristatelogic.com Content-Description: Undelivered Message Content-Type: message/rfc822 Return-Path: <rfg at tristatelogic.com> Received: from segfault-nmh-helo.tristatelogic.com (localhost [127.0.0.1]) by segfault.tristatelogic.com (Postfix) with ESMTP id 8E09A3AEF2; Sat, 6 Apr 2019 22:57:32 -0700 (PDT) From: "Ronald F. Guilmette" <rfg at tristatelogic.com> To: gvinetti at selenebs.it, galasso at selenebs.it, abuse at selenebs.it Subject: 213.0.0.0/8 Date: Sat, 06 Apr 2019 22:57:32 -0700 Message-ID: <32415.1554616652 at segfault.tristatelogic.com> Greetings, I waas wondering if you people could explain to me why your ASN (AS12445) announcing a route at all of 213.0.0.0/8. I don't think that your network has been assigned that entire huge block of IPv4 addresses or that all of that IPv4 space belongs to you. Do you disagree? https://bgp.he.net/AS12445#_prefixes - --8E09A3AEF2.1554616655/segfault.tristatelogic.com-- ------- End of Forwarded Message
- Previous message (by thread): [anti-abuse-wg] telia.lt: Ignoring abuse complaints (?)
- Next message (by thread): [anti-abuse-wg] 213.0.0.0/8 and AS12445 (selenebs.it aka "A2A Smart City S.P.A"/Italy)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]