This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] UCEPROTECT DNSBL possibly abusive practice and RIPEStat Blacklist entries widget

Previous message (by thread): [anti-abuse-wg] UCEPROTECT DNSBL possibly abusive practice and RIPEStat Blacklist entries widget
Next message (by thread): [anti-abuse-wg] UCEPROTECT DNSBL possibly abusive practice and RIPEStat Blacklist entries widget

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Kristijonas Lukas Bukauskas ripe at n0.lt
Wed Mar 3 09:35:03 CET 2021

On 2021-03-02 13:12, Esa Laitinen wrote:

> On 02.03.21 10:49, Vittorio Bertola via anti-abuse-wg wrote:
> 
>> Il 02/03/2021 00:08 Kristijonas Lukas Bukauskas via anti-abuse-wg 
>> <anti-abuse-wg at ripe.net> ha scritto:
> 
> UCEPROTECT blacklists the whole range of IP addresses, including the 
> full IP range of some autonomous systems:
> I stress that the problem is not in blacklisting entire providers, 
> something that may be justified if those providers are lenient in 
> fighting abuse on their networks, but in blacklisting entire providers 
> with very weak criteria (so weak that most big European hosters end up 
> at least in the level 3 blacklist) and then asking for money to remove 
> them. This is actually prohibited by RFC 6471 (section 2.2.5) because 
> indeed, especially when done at scale, it looks a lot like extortion.

They don't ask for money to be removed from the the list. The listing 
gets automatically removed after 7 days of taking care of the issue, 
without money changing hands. Please stop spreading lies.

Interestingly -- but not unexpectedly -- enough they may add you to the 
uceprotect-level1 list if they see you attempted a payment but haven't 
paid. So, for reasons not related to spamming.

The whole autonomous system of my cloud provider got listed in  
uceprotect-level3. I wanted to check how their whitelisting works. They 
blacklisted the public IP of my home internet connection, with a reason 
(https://pasteboard.co/JQShns8.png):

> Payment attempts with invalid credit cards.

Needless to say: my home ISP doesn't allow sending mail, has port 25 
blocked, and I haven't entered any card data to get my IP of Cloud 
server whitelisted whatsoever, only initiated the payment and closed the 
browser tab once I was routed to their payment provider.

Regards,
Kristijonas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/anti-abuse-wg/attachments/20210303/3021c7df/attachment.html>

Previous message (by thread): [anti-abuse-wg] UCEPROTECT DNSBL possibly abusive practice and RIPEStat Blacklist entries widget
Next message (by thread): [anti-abuse-wg] UCEPROTECT DNSBL possibly abusive practice and RIPEStat Blacklist entries widget

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]