<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>And you earn money on those who send offers for viagra. Let's
talk turkey.<br>
</p>
<br>
<div class="moz-cite-prefix">On 01/30/17 14:00, HRH Prince Sven Olaf
von CyberBunker wrote:<br>
</div>
<blockquote
cite="mid:dd976013-f625-8ea7-bea5-ef312bbc0091@xs4all.nl"
type="cite">
<meta http-equiv="Context-Type" content="text/html; charset=utf-8">
let's make one thing absolutely clear: if your 1960s instant
messenger of choice (smtp) doesn't have<br>
a friends list, therefore is full of strangers sending you offers
for viagra... that is YOUR problem.<br>
you either fix YOUR protocol of choice to have, for example, a
friends list, OR you gtfo and stop using it.. none of which is OUR
problem.. we OWN the internet, we have nothing to do with whatever
the<br>
hell goes on on your silly old protocol. it's not even 'abuse'. if
you get UCE it's working as documented.<br>
<br>
hate to break the news to you but we won't pull any single plugs
just people advertise some urls<br>
in antique smtp shit... lolol. just let it die. problem solved.<br>
<br>
<br>
<div class="moz-cite-prefix">On 30 ينا, 2017 ص 10:53, HRH Prince
Sven Olaf von CyberBunker wrote:<br>
</div>
<blockquote
cite="mid:6bfa5520-c537-b605-b2d4-29b5acd85f89@xs4all.nl"
type="cite">
<p><br>
</p>
<div class="moz-forward-container"><br>
<br>
-------- Forwarded Message --------
<table class="moz-email-headers-table">
<tbody>
<tr>
<th nowrap="nowrap">Subject: </th>
<td>Re: [anti-abuse-wg] RBL policy</td>
</tr>
<tr>
<th nowrap="nowrap">Date: </th>
<td>Mon, 30 Jan 2017 10:51:40 +0000</td>
</tr>
<tr>
<th nowrap="nowrap">From: </th>
<td>HRH Prince Sven Olaf von CyberBunker <a
moz-do-not-send="true" class="moz-txt-link-rfc2396E"
href="mailto:svenk@xs4all.nl"><svenk@xs4all.nl></a></td>
</tr>
<tr>
<th nowrap="nowrap">Organization: </th>
<td>Republic CyberBunker</td>
</tr>
<tr>
<th nowrap="nowrap">To: </th>
<td>Simon Forster <a moz-do-not-send="true"
class="moz-txt-link-rfc2396E"
href="mailto:simon-lists@ldml.com"><simon-lists@ldml.com></a></td>
</tr>
</tbody>
</table>
<br>
<br>
<pre>On 30 ينا, 2017 ص 09:39, Simon Forster wrote:
>> On 30 Jan 2017, at 06:13, ox <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:andre@ox.co.za"><andre@ox.co.za></a> wrote:
>>
>> Hello All,
>>
>> May I please solicit some comments about Abuse Block lists
>> (Without detracting from RFC 5782 and RFC 6471 or :
>> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://www.ripe.net/publications/docs/ripe-409">https://www.ripe.net/publications/docs/ripe-409</a> )
>>
>> Firstly, the background for the start of this thread is simply: As the
>> use of machine learning technology is now also applied and adapted for
>> the use of cyber criminals (including spammers, scammers, etc) the
>> rules and what is socially acceptable is and has changed. Global
>> politics, protectionism, nationalism and the other 'isms' are also
>> causing change.
>>
>> Considering that DNSBL tech is "reactive" (after he abuse)
> This statement appears to be exclusionary — and is one often levelled against DNSBLs. All DNSBLs are not wholly reactive.
>
> Firstly, one needs to acknowledge that all DNSBLs are not they same.
>
> Secondly, some listings in some DNSBLs are proactive. i.e. Made before abuse is seen. As I work for the commercial arm of Spamhaus, I know their offerings quite well and can confidently state that some of the Spamhaus block lists contain proactive and/or precautionary listings.
>
> to be exact: the criminal organisation spamhaus their illegal blacklists effected some 20 million ips on our last scan of their entire database contents. (although that's a bit hard to do, as named kept crashing running 24 cores of gethostbyname() on 10ge , so we may have missed a few million here and there)
at a simultanious portscan of the entire ipv4 internet, it turned out
there were only some 200000 smtp servers left however.
> that leads to the conclusion that 99% of the listings is purely there for blackmail purposes, and has nothing to do with your silly old SMTP protocol AT ALL. the only reason to list those others is to put pressure on people to 1: spend manhours on interacting with the (non-sollicited) spamhaus 'organisation' and 2: illegally force people into breach of contract with their clients.
listing sales department networks of transit carriers to breach national
carriers and connected hosting farms into breach of contract with a
customer, of which steve linford does not like the CONTENT on the
website, kinda, fucks up statistics ay.
face it: smtp is dead, and needs no 'protection' at all.. also ip
addresses identify nodes in a network, not people.
also: forcing people to contact spamhaus, causes manhours to be spent on
communication, which is extortion, as we have no contractual relation
with spamhaus whatsoever, so trying to force carriers and isps into
communication with them, is a crime. (although only punishable by 3
months in .nl ;)
the 'we don't block anything' argument doesn't go. spamhaus advertises
the fact that they have influence on roughly 1/3rd of mail delivery so
they know damn well that by entering an ip on their list, of a sales
department of a transit carrier, like they did with at least: tata and
tiscali, that they are deliberately obstructing data communications and
therefore violating any and all computer sabotage acts.
as for the way in which they advertise their BGP feed. let's just say
that we have BGP feeds as well. and we will use them AGAINST spamhaus
again. (it's called an internet exchange you dummy ;) "we advise our
peers to nullroute traffic to spamhaus or give a preferred route to one
of our dns servers which always returns 127.0.0.2" :P
we still kinda had it with their fuckery.
they simply should roll over and die. if not they should get some help.
fun fact: with all the 110 competing 'auto list / auto-de-list' dnsbls
in the world, there never was -any- issue whatsoever...
having cghq jew linford crying in the jew press that we would be
'spammers' may have worked to spread slander... however fact of the
matter is that smtp is loong dead and we usually don't even read it,
sometimes don't have servers for it, and in any case, blocked port 25 on
all our networks by default ever since 2004. lolol. (who the FUCK still
uses smtp anyway, and why the hell would 'abuse' of it be an excuse to
disconnect paying customers - if any - as we certainly never could FIND
any "spammers" that could afford our fees ;)
what we see here is a CGHQ JTRIG operation (Spamhaus) trying to enforce
UK laws and trade policy upon the rest of the internet, it has nothing
to do with 'abuse' spamhaus is a political operation run by the jews at
CGHQ.
stophaus is a colation of cyberdivisions of armies fighting them. china,
russia, and the republic cyberbunker have every right in the world to
just nuke linford off the surface of this planet. and that's probably
just what we should have done in the first fucking place.
> I imagine SURBL does likewise. Other block lists probably have similar policies / inputs.
> Simon
>
>
>> The block time policies of RBLs
>> ***********************************
>> There are two main types of block lists: No automatic removal and
>> automatic removal
>>
>> Is the policy to auto de-list after a period of time, still accurate?
>>
>> Considering the change in abuse patterns and technology, should the
>> block times be increased or de-creased?
>>
>> Does society require more specialist non auto de-list DNSBLs?
>> (Would it be helpful to law enforcement to have a "child pornography"
>> dnsbl? or a phish dnsbl? - or is the reactive time to high in order
>> for dynamic ipv4? - but on ipv6 allocations to devices could be more
>> 'permanent'? etc)
>>
>> Andre
>>
>
</pre>
</div>
</blockquote>
<br>
</blockquote>
<br>
<div class="moz-signature">-- <br>
Kind regards,<br>
CTO at<br>
<b>Foton Telecom CJSC</b><br>
Tel.: +7 (499) 679-99-99<br>
AS42861 on <a href="http://as42861.peeringdb.com/">PeeringDB</a>,
<a href="https://radar.qrator.net/as42861">Qrator</a>, <a
href="http://bgp.he.net/AS42861">BGP.HE.NET</a><br>
</div>
</body>
</html>