<HTML><HEAD></HEAD> <BODY dir=ltr> <DIV dir=ltr> <DIV style="FONT-SIZE: 12pt; FONT-FAMILY: 'Calibri'; COLOR: #000000"> <DIV>Yesterday, Andre wrote:</DIV> <DIV>> In 2015, the number of emails sent and received per day total over 205 billion...</DIV> <DIV> </DIV> <DIV>Andre is underestimating the size of the problem and Olaf, the prince of spam, the demolisher, the man who almost broke the internet, pretends to be unaware:</DIV> <DIV> </DIV> <DIV>During 2010, about 107 trillion emails were sent around the world. Of that total, 89.1% were spam - this corresponds to an average of 262 billion unwanted messages per day, according to data from Royal Pingdom consultancy, which monitors web traffic.</DIV> <DIV> </DIV> <DIV>293 billion emails being 262 billion spam, in 2010.</DIV> <DIV> </DIV> <DIV>Marilson</DIV> <DIV style='FONT-SIZE: small; TEXT-DECORATION: none; FONT-FAMILY: "Calibri"; FONT-WEIGHT: normal; COLOR: #000000; FONT-STYLE: normal; DISPLAY: inline'> <DIV style="FONT: 10pt tahoma"> <DIV> </DIV> <DIV style="BACKGROUND: #f5f5f5"> <DIV style="font-color: black">From: <A title=anti-abuse-wg-request@ripe.net href="mailto:anti-abuse-wg-request@ripe.net">anti-abuse-wg-request@ripe.net</A> </DIV> <DIV>Sent: Monday, January 30, 2017 2:21 PM</DIV> <DIV>To: <A title=anti-abuse-wg@ripe.net href="mailto:anti-abuse-wg@ripe.net">anti-abuse-wg@ripe.net</A> </DIV> <DIV>Subject: anti-abuse-wg Digest, Vol 62, Issue 28</DIV></DIV></DIV> <DIV> </DIV></DIV> <DIV style='FONT-SIZE: small; TEXT-DECORATION: none; FONT-FAMILY: "Calibri"; FONT-WEIGHT: normal; COLOR: #000000; FONT-STYLE: normal; DISPLAY: inline'>Send anti-abuse-wg mailing list submissions to anti-abuse-wg@ripe.net To subscribe or unsubscribe via the World Wide Web, visit https://mailman.ripe.net/ or, via email, send a message with subject or body 'help' to anti-abuse-wg-request@ripe.net You can reach the person managing the list at anti-abuse-wg-owner@ripe.net When replying, please edit your Subject line so it is more specific than "Re: Contents of anti-abuse-wg digest..." Today's Topics: 1. Re: Fwd: Re: RBL policy (HRH Prince Sven Olaf von CyberBunker) 2. Re: Fwd: Re: RBL policy (ox) 3. Re: Fwd: Re: RBL policy (ox) 4. Re: Fwd: Re: RBL policy (HRH Prince Sven Olaf von CyberBunker) ---------------------------------------------------------------------- Message: 1 Date: Mon, 30 Jan 2017 13:19:32 +0000 From: HRH Prince Sven Olaf von CyberBunker <svenk@xs4all.nl> To: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] Fwd: Re: RBL policy Message-ID: <8099bc26-b01b-84e1-2b2e-f5e773ee22f9@xs4all.nl> Content-Type: text/plain; charset=UTF-8; format=flowed as for smtp being alive.. out of 4 billion ips some 200k run an smtp server... still a lot more than ftp (including badly configured printers and security cameras).. but considering it's a protocol that was supposed to run on each and every workstation. it's dead. facebook has more users per second than smtp has mails per year. lol. On 30 ???, 2017 ? 01:13, ox wrote: > On Mon, 30 Jan 2017 13:01:46 +0000 > HRH Prince Sven Olaf von CyberBunker <svenk@xs4all.nl> wrote: >> no not all dnsbls are a problem. none of the other ones block >> non-directly related prefixes as a means of extortion into complete >> breach of contract. there are some 110 of them last time we checked. >> we only were on the 2 operated by spamhaus. :P >> so by far... pretty much all dnsbl's list the ips that originate the >> 'undesired' traffic, which stops it from >> reaching those that use their service, and that's where it ends for >> them... that's perfectly acceptable. >> (as long as it's the actual end user making the decision to use their >> 'filtering' or not) >> > Okay, got it, thank you for that > >> howeverrrrr... then there is spamhaus... >> > yeah, but it will show good manners if you make a new thread about > that? > >> as for the ripe mailinglist being smtp... yes. it unfortunately still >> is.. and it's about the ONLY thing that still needs smtp, next to >> signing up to habbo hotel. lol. i haven't started the mail client for >> anything else in years. lol. face it: smtp is dead, the reason it is >> dead: is spamhaus itself. making it unreliable. mainly. >> > we will have to agree to disagree (or not agree - with the same > result :) ) > > smtp - 2017 my pov (and own stats) There has never been so much legit > traffic sent ever... > > Easy to check though as everyone on here has their own stats and to > quickly analize 25 vs say 80 (wow - and 443 is just as crazy in terms of > growth as 25!) in 2015 as compared to 2016 - smtp is alive and kicking > (so is 443!) > > Andre > ------------------------------ Message: 2 Date: Mon, 30 Jan 2017 15:37:32 +0200 From: ox <andre@ox.co.za> To: HRH Prince Sven Olaf von CyberBunker <svenk@xs4all.nl> Cc: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] Fwd: Re: RBL policy Message-ID: <mailman.5202.1485793288.1952.anti-abuse-wg@ripe.net> Content-Type: text/plain; charset=UTF-8 On Mon, 30 Jan 2017 13:19:32 +0000 HRH Prince Sven Olaf von CyberBunker <svenk@xs4all.nl> wrote: > as for smtp being alive.. out of 4 billion ips some 200k run an smtp > server... still a lot more than ftp (including badly configured > printers and security cameras).. but considering it's a protocol that > was supposed to run on each and every workstation. it's dead. > > facebook has more users per second than smtp has mails per year. lol. > https://zephoria.com/top-15-valuable-facebook-statistics/ statistics, facts (after they happened) are so crazy, lol In 2015, the number of emails sent and received per day total over 205 billion... in 2016 email/smtp = +8% lol and 2017 - looks to be even more hectic. - smtp maybe closer to 300 billion (per day) or 109 Trillion emails per year...lol by 2020 we may be at 1000 trillion emails... how many users does facebook have per day. lol > > On 30 ???, 2017 ? 01:13, ox wrote: > > On Mon, 30 Jan 2017 13:01:46 +0000 > > HRH Prince Sven Olaf von CyberBunker <svenk@xs4all.nl> wrote: > >> no not all dnsbls are a problem. none of the other ones block > >> non-directly related prefixes as a means of extortion into complete > >> breach of contract. there are some 110 of them last time we > >> checked. we only were on the 2 operated by spamhaus. :P > >> so by far... pretty much all dnsbl's list the ips that originate > >> the 'undesired' traffic, which stops it from > >> reaching those that use their service, and that's where it ends for > >> them... that's perfectly acceptable. > >> (as long as it's the actual end user making the decision to use > >> their 'filtering' or not) > >> > > Okay, got it, thank you for that > > > >> howeverrrrr... then there is spamhaus... > >> > > yeah, but it will show good manners if you make a new thread about > > that? > > > >> as for the ripe mailinglist being smtp... yes. it unfortunately > >> still is.. and it's about the ONLY thing that still needs smtp, > >> next to signing up to habbo hotel. lol. i haven't started the mail > >> client for anything else in years. lol. face it: smtp is dead, the > >> reason it is dead: is spamhaus itself. making it unreliable. > >> mainly. > >> > > we will have to agree to disagree (or not agree - with the same > > result :) ) > > > > smtp - 2017 my pov (and own stats) There has never been so much > > legit traffic sent ever... > > > > Easy to check though as everyone on here has their own stats and to > > quickly analize 25 vs say 80 (wow - and 443 is just as crazy in > > terms of growth as 25!) in 2015 as compared to 2016 - smtp is > > alive and kicking (so is 443!) > > > > Andre > > > > ------------------------------ Message: 3 Date: Mon, 30 Jan 2017 16:36:48 +0200 From: ox <andre@ox.co.za> To: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] Fwd: Re: RBL policy Message-ID: <mailman.5203.1485793288.1952.anti-abuse-wg@ripe.net> Content-Type: text/plain; charset=US-ASCII On Mon, 30 Jan 2017 14:25:01 +0000 HRH Prince Sven Olaf von CyberBunker <svenk@xs4all.nl> wrote: > although i can't see how you managed to obtain statistics on the > number of emails being sent each day... unless spamhaus would like to > admit that they also spy on dns requests to their dnsbl... which <snip> Okay, we can just agree to disagree - or simply just disagree is also good. lol May I please solicit some comments about Abuse Block lists (Without detracting from RFC 5782 and RFC 6471 or : https://www.ripe.net/publications/docs/ripe-409 ) Considering that DNSBL tech is "MOSTLY" "reactive" (after he abuse) - although - there are - some - DNSBL (apparently Spamhaus? etc etc) that apparently block before anything happens (thank you for pointing this out Simon) The block time policies of RBLs - Not specifically anyone blocklist in particular - just the general policies) *********************************** Among the reactive and pre emptive DNSBL, there are two main types of block lists: No automatic removal and automatic removal Is the policy to auto de-list after a period of time, still accurate? or should block lists not auto de list at all any longer? If still auto de-list - Considering the change in abuse patterns and technology, should the block times be increased or de-creased? Then; Ignoring pre-emptive - predictive (in advance for no reason) blocking: Does society require more specialist non auto de-list DNSBLs? (Would it be helpful to civil society, law enforcement etc to have a "child pornography" dnsbl? or a phish dnsbl? - or is the reactive time to high in order for dynamic ipv4? - but on ipv6 allocations to devices could be more 'permanent'? etc) Andre ------------------------------ Message: 4 Date: Mon, 30 Jan 2017 13:21:54 +0000 From: HRH Prince Sven Olaf von CyberBunker <svenk@xs4all.nl> To: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] Fwd: Re: RBL policy Message-ID: <840945de-6bb5-c7f3-a7e7-231ea0117f23@xs4all.nl> Content-Type: text/plain; charset="utf-8"; Format="flowed" smtp is just one of many protocols out there, a primitive, fairly unimportant and severely lacking in terms of security one at that, and it's protection cannot be a reason for any disconnection -ever-. On 30 ???, 2017 ? 01:17, HRH Prince Sven Olaf von CyberBunker wrote: > > and now it's time for everyone here, to stop giving stevieboy his way > with his absurd definitions of 'abuse'... if there is no law against > it in the country in which the customer recides. its no reason for > disconnection. doing so is not delivering a paid service, caving into > blackmail, and undermining provider immunity by caving in to any > random idiot that just so happens to have gained influence over mail > delivery, and frequently abuses said (advertised) influence to commit > computer sabotage (he knows what the impacts of his listings are, he > advertises with it), to extort the internet industry into wasting > valuable manhours on him and his self-declared 'delisting procedure', > and breach valuable contracts. > > if he mentions any ip address (or worse: personal details) in his > crappy slander and blackmail system he calls 'spamhaus' just call the > feds on him. the guardia civil for example as he currently is in spain. > > viola 13 > > puerta d' andratx. > > under no circumstance should 'spamhaus' be allowed to dictate which > customers to serve and which not. simple as that. > > > now act PROFESSIONAL and stop giving this idiot his way just because > he mentions 'spam'. as if 'spam' > > is the worst thing that ever happened to the internet... how about him > trying to get entire isps disconnected. who gives a shit about him and > his 'spam'. > > > > > On 30 ???, 2017 ? 01:09, HRH Prince Sven Olaf von CyberBunker wrote: >> >> one would almost go and set up a few 1000 smtp servers, all sending >> steve linford viagra offers, just to annoy the guy back. operational >> costs would go through the roof tho lol. >> >> >> On 30 ???, 2017 ? 01:04, HRH Prince Sven Olaf von CyberBunker wrote: >>> >>> btw. this is europe. not america. we can say fuck however many times >>> we want over here. tyvm. and in the case of spamhaus, it's fully >>> applicable. spamhaus IS a cancer. that was using this mailinglist >>> just a few hours ago to try to further the reach of their cancerous >>> censorship tool disguised as a 'spam fighter' >>> >>> >>> On 30 ???, 2017 ? 01:03, HRH Prince Sven Olaf von CyberBunker wrote: >>>> >>>> if the fully appropriate language used is the only thing you can >>>> think of as an argument, that shows it's completely right. lol. >>>> you're free to google 'cb3rob' and see what steve linford told the >>>> 'world press' about our operations in the past. so far for >>>> inappropriate language. >>>> >>>> >>>> >>>> On 30 ???, 2017 ? 12:58, Tobias Knecht wrote: >>>>> Hello, >>>>> >>>>> @Sven Olaf: >>>>> Please stop using this type of offensive language! >>>>> This is a public mailinglist and not a place for you to rant and >>>>> attack in the way you are at the moment. >>>>> >>>>> So step back for a minute, take a deep breath and calm down! >>>>> >>>>> And if you feel you can send a message without using this type of >>>>> language, feel free to do so, otherwise stay away! >>>>> >>>>> If you have any questions, feel free to reach out to me directly. >>>>> >>>>> Thanks, >>>>> >>>>> Tobias >>>>> >>>>> -- >>>>> ?RIPE Anti Abuse Working Group Co-Chair >>>>> >>>>> >>>>> ? >>>>> >>>>> On Mon, Jan 30, 2017 at 1:46 PM, HRH Prince Sven Olaf von >>>>> CyberBunker <svenk@xs4all.nl <mailto:svenk@xs4all.nl>> wrote: >>>>> >>>>> btw it would be of great assistance in this matter if transit >>>>> carriers, simply, only HAD asn's and no ip prefixes that can >>>>> be used as a blackmailing vector. don't quite see why everyone >>>>> combines the 'isp' part with the 'transit providing' part of >>>>> their operations. parties that provide transit, have no need >>>>> for ip space (bgp sessions are better on 10.0.0.0/8 >>>>> <http://10.0.0.0/8> anyway, prevents attack from 'outside'). >>>>> if there are no ip's there is nothing idiots like spamhaus (so >>>>> far they are the only ones) can 'blacklist' to 'build up >>>>> pressure' to breach contracts. so just split up those operations. >>>>> >>>>> >>>>> On 30 ???, 2017 ? 12:32, HRH Prince Sven Olaf von CyberBunker >>>>> wrote: >>>>>> >>>>>> customer wants to send packets from ip A to ip b... did they >>>>>> arrive? -> yes. we did our job. no -> we did not do our job. >>>>>> i can't quite see why we would even need to know what 'smtp' >>>>>> is. nor any of the other obscure shit protocols out there. >>>>>> >>>>>> >>>>>> On 30 ???, 2017 ? 12:30, HRH Prince Sven Olaf von CyberBunker >>>>>> wrote: >>>>>>> >>>>>>> content. is NEVER. network-related-abuse. >>>>>>> >>>>>>> 'making more use of a mail protocol that in every other way >>>>>>> is used as intended' is also not 'network-related-abuse' in >>>>>>> fact it's not abuse at all. it's like tv advertisements. >>>>>>> >>>>>>> 'malware and virusses' all simply exploit the same old >>>>>>> services 'provided' by crappy windows malware, which should >>>>>>> get some import restrictions, and the problem is solved ay. >>>>>>> it's windows itself that is the malware there... >>>>>>> >>>>>>> 'phishing'... so you're saying your bank login procedure >>>>>>> sucks balls and/or you think 16 numbers on the front and 3 >>>>>>> top secret ones on the back of a plastic card people show in >>>>>>> every restaurant they go to are 'security' - go fix your own >>>>>>> crap and stop bothering us, we forward -packets-. we don't >>>>>>> have time to hunt ghosts for your broken financial services. >>>>>>> >>>>>>> 'announcing the whole god damn internet split up into >>>>>>> /24s'.. - yes .. that's 'abuse'. lol. >>>>>>> >>>>>>> and either way... if someone doesn't like what someone else >>>>>>> is doing they can take them to the -appropriate- courts (of >>>>>>> the other party) and try to get them to stop... blackmailing >>>>>>> the sales department of the transit carriers of their >>>>>>> supplier of their supplier of their supplier, will only make >>>>>>> them change isps, cause financial loss (or gains: setup >>>>>>> fees), etc. >>>>>>> >>>>>>> so far all spamhaus has ever established is: >>>>>>> >>>>>>> - a whole lot of unroutable/unsellable/unusable ipv4 >>>>>>> 'burned' ranges. >>>>>>> >>>>>>> - smtp is no longer peer to peer (their bashing on open relays) >>>>>>> >>>>>>> - smtp is no longer real time (graylisting) >>>>>>> >>>>>>> - smtp is no longer reliable (with over 20 million ip >>>>>>> addresses listed despite there only being 300k mailservers >>>>>>> in the world, no wonder!) >>>>>>> >>>>>>> so instead of stopping spam, they managed to kill of smtp. >>>>>>> congratulations. >>>>>>> >>>>>>> everyone now uses skype and facebook (which are real-time >>>>>>> and do have friends-lists) lolol. you have succeeded in >>>>>>> bringing microsoft and facebook users to spy on. well done. >>>>>>> >>>>>>> if smtp is 'getting less' that is only because it has no >>>>>>> users left. people only start it up to read ripe >>>>>>> mailinglists (lol) or sign up for habbo hotel. FACT. lol. >>>>>>> >>>>>>> none of our customers has ever sent UCE from our networks... >>>>>>> because... ever since 2004... we have simply blocked port >>>>>>> 25... smtp only causes -shit- and it -delivers shit- >>>>>>> (abusemail and 'legal' threats about shit that is not our >>>>>>> problem). we sure as hell have some customers that cause >>>>>>> 'shit' but they usually do it in somewhat more profitable >>>>>>> markets than sending 'spam' and most definately can buy a tv >>>>>>> station or 2 to do their advertisements on. tyvm spamhaus. lol. >>>>>>> >>>>>>> where this 'mytical' spammer that can pay our 1000-1500 >>>>>>> euros per month per server would come from, i don't know, i >>>>>>> certainly have never met any... i tried to invoice one 60k >>>>>>> once and he backed off already. poor spammers. they're like >>>>>>> child porn people. can't pay for anything, so not an urgent >>>>>>> issue at all. >>>>>>> >>>>>>> our customers frequently have the entire fucking cia rolling >>>>>>> over their doorstep and if it's not them its the god damn >>>>>>> copyright mafia. slightly different budgetarial picture >>>>>>> there. shit that -is- worth the trouble. >>>>>>> >>>>>>> now, please take your shitty nagging about 'abuse' of your >>>>>>> crappy silly old smtp protocol, which doesn't even >>>>>>> -originate- from our networks in the first fucking place, >>>>>>> and stick it where the sun doesn't shine... as for >>>>>>> malware... windows is the malware there... it facilitates >>>>>>> all the programs residing on top of the same old 1990s badly >>>>>>> implemented os/2 ripoff crap. so basically call mickeysoft >>>>>>> and ask them to fix the bugs they all exploit, or call the >>>>>>> european commission and impose trade bans against microsoft. >>>>>>> simple enough. >>>>>>> >>>>>>> >>>>>>> On 30 ???, 2017 ? 12:13, HRH Prince Sven Olaf von >>>>>>> CyberBunker wrote: >>>>>>>> >>>>>>>> advertising the sale of : viagra, sex slaves, ak47s, porn >>>>>>>> of any kind, human trafficing services, specific animals, >>>>>>>> cocain, data obtained through espionage, encryption >>>>>>>> technology, vpns, gay propaganda, military propaganda, etc >>>>>>>> is subject to applicable local law (if any, and if there is >>>>>>>> none, it's perfectly fine)... not 'spamhaus policies' as >>>>>>>> spamhaus is not supposed to be 'the internet government'. >>>>>>>> even if they think they should be. >>>>>>>> >>>>>>>> if the uk wants to keep certain products from entering >>>>>>>> 'their' territory (and in doing so limit the freedom of >>>>>>>> their own stakeholders/tax payers) that is up to them >>>>>>>> others choose not to work against their own >>>>>>>> stakeholders/tax payers that way. they have a customs >>>>>>>> department to keep said products outside. can't tell others >>>>>>>> not to produce or sell or advertise it. setting up dirty >>>>>>>> front operations like 'spamhaus' to lure naive nerds into >>>>>>>> the illusion that they would be 'fighting spam' is a very >>>>>>>> nasty thing to do. geo-political wise and business wise. >>>>>>>> >>>>>>>> now... in thailand porn is illegal... so... let's >>>>>>>> disconnect all porn sites because thailand wants us to, oh >>>>>>>> but wait, thailand doesn't have a 'spamhaus' thinking they >>>>>>>> rule the entire internet through means of blackmail and >>>>>>>> calling people 'spammers' or 'spam supporters'. >>>>>>>> >>>>>>>> what also works, besides blackmailing with committing >>>>>>>> computer sabotage against the sales department of suppliers >>>>>>>> of suppliers of suppliers of the publisher of a website, >>>>>>>> are: assassins, commandos, carpet bombing, agent orange. >>>>>>>> etc... all of which should be deployed against spamhaus if >>>>>>>> you ask me. :P but a nullroute would suffice. lol. after >>>>>>>> all bgp is an 'advisory' to 'voluntary peers' and 'we don't >>>>>>>> block anything' as they themselves always say. >>>>>>>> >>>>>>>> >>>>>>>> On 30 ???, 2017 ? 11:29, Esa Laitinen wrote: >>>>>>>>> >>>>>>>>> >>>>>>>>> On Mon, Jan 30, 2017 at 12:19 PM HRH Prince Sven Olaf von >>>>>>>>> CyberBunker <svenk@xs4all.nl <mailto:svenk@xs4all.nl>> wrote: >>>>>>>>> >>>>>>>>> also it's quite vague that when some mossadis rent >>>>>>>>> servers and run an espionage botnet on it (which we >>>>>>>>> happily intercept ourselves ofcourse) - spamhaus >>>>>>>>> somehow magically never lists -that-.. just >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> Looking at the amusing rant of Sven Olaf, it seems that >>>>>>>>> the listing works! >>>>>>>>> >>>>>>>>> Keep up the good work, spamhaus et al! >>>>>>>>> >>>>>>>>> esa >>>>>>>> >>>>>>> >>>>>> >>>>> >>>>> >>>> >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/anti-abuse-wg/attachments/20170130/ab0922ac/attachment.html> End of anti-abuse-wg Digest, Vol 62, Issue 28 ********************************************* </DIV></DIV></DIV></BODY></HTML>