Discussion:
people blocking "all APNIC space"
(too old to reply)
Joe Abley
2003-04-29 23:35:10 UTC
Permalink
There's recurring wisdom on other lists that people outside the Asia
Pacific region routinely block "all APNIC space" in order to reduce the
amount of spam they receive (the most recent example was on NANOG, when
someone inferred that APNIC address space was useless because it is so
regularly blocked).

I've run MTAs numbered within 202/8 and 203/8 before, and I've never
noticed a problem; if the practice of blocking all APNIC space was that
commonplace, I would have expected to have noticed. Maybe I was just
lucky, or maybe these block-happy ISPs don't include 202/8 and 203/8 in
"all APNIC space".

Anybody here noticed widespread blocking of any APNIC ranges by ISPs
elsewhere in the world?


Joe
Alastair Johnson
2003-04-29 23:46:55 UTC
Permalink
Yes - we have seen this quite reguarly. Specifically, the
210/8 network seems particuarly disliked.

pbi.net used to block connections from 210/8 but not from
202/7 for a good part of 2002.


We have customers complain about it every so often, but I forget
what the most recent case was - some little ISP in TX, IIRC.


aj...

On Tue, 29 Apr 2003, Joe Abley wrote:

> Date: Tue, 29 Apr 2003 19:35:10 -0400
> From: Joe Abley <***@automagic.org>
> To: ***@list.waikato.ac.nz
> Subject: [nznog] people blocking "all APNIC space"
>
> There's recurring wisdom on other lists that people outside the Asia
> Pacific region routinely block "all APNIC space" in order to reduce the
> amount of spam they receive (the most recent example was on NANOG, when
> someone inferred that APNIC address space was useless because it is so
> regularly blocked).
>
> I've run MTAs numbered within 202/8 and 203/8 before, and I've never
> noticed a problem; if the practice of blocking all APNIC space was that
> commonplace, I would have expected to have noticed. Maybe I was just
> lucky, or maybe these block-happy ISPs don't include 202/8 and 203/8 in
> "all APNIC space".
>
> Anybody here noticed widespread blocking of any APNIC ranges by ISPs
> elsewhere in the world?
>
>
> Joe
>
> _______________________________________________
> Nznog mailing list
> ***@list.waikato.ac.nz
> http://list.waikato.ac.nz/mailman/listinfo/nznog
>

---
Never attempt with words what can be achieved with a flame thrower.
Steve Phillips
2003-04-30 01:27:02 UTC
Permalink
Just recently came across another blocking of 210.0.0.0/8 with chat servers.

While probably not considered by many to be a productive service :-) it
does still show attitudes that say "APNIC ? forget it" and this attitude
appears to be markedly prevalent amongst US based admins and now appears to
be expanding to cover services other than e-mail.

--
Steve.

At 11:46 30/04/2003 +1200, Alastair Johnson wrote:
>Yes - we have seen this quite reguarly. Specifically, the
>210/8 network seems particuarly disliked.
>
>pbi.net used to block connections from 210/8 but not from
>202/7 for a good part of 2002.
>
>
>We have customers complain about it every so often, but I forget
>what the most recent case was - some little ISP in TX, IIRC.
>
>
>aj...
>
>On Tue, 29 Apr 2003, Joe Abley wrote:
>
> > Date: Tue, 29 Apr 2003 19:35:10 -0400
> > From: Joe Abley <***@automagic.org>
> > To: ***@list.waikato.ac.nz
> > Subject: [nznog] people blocking "all APNIC space"
> >
> > There's recurring wisdom on other lists that people outside the Asia
> > Pacific region routinely block "all APNIC space" in order to reduce the
> > amount of spam they receive (the most recent example was on NANOG, when
> > someone inferred that APNIC address space was useless because it is so
> > regularly blocked).
> >
> > I've run MTAs numbered within 202/8 and 203/8 before, and I've never
> > noticed a problem; if the practice of blocking all APNIC space was that
> > commonplace, I would have expected to have noticed. Maybe I was just
> > lucky, or maybe these block-happy ISPs don't include 202/8 and 203/8 in
> > "all APNIC space".
> >
> > Anybody here noticed widespread blocking of any APNIC ranges by ISPs
> > elsewhere in the world?
> >
> >
> > Joe
> >
> > _______________________________________________
> > Nznog mailing list
> > ***@list.waikato.ac.nz
> > http://list.waikato.ac.nz/mailman/listinfo/nznog
> >
>
>---
>Never attempt with words what can be achieved with a flame thrower.
>
>_______________________________________________
>Nznog mailing list
>***@list.waikato.ac.nz
>http://list.waikato.ac.nz/mailman/listinfo/nznog
Mark Foster
2003-04-30 07:17:41 UTC
Permalink
I once had to explain to an american mail system admin what APNIC was.

As far as he was concerned the world finished at ARIN.

At 13:27 30/04/03, you wrote:
>Just recently came across another blocking of 210.0.0.0/8 with chat servers.
>
>While probably not considered by many to be a productive service :-) it
>does still show attitudes that say "APNIC ? forget it" and this attitude
>appears to be markedly prevalent amongst US based admins and now appears
>to be expanding to cover services other than e-mail.




>*snip*
Patrick Quinn-Graham
2003-05-03 07:42:56 UTC
Permalink
I have in the last two days watched hundreds of connections come in to my
smtp server, all of which comes from an ISP in Taiwan.

I am progressivly just blocking large chunks of their address space.

If I had the time or the knowledge of where to find the info I would
block the entire reagon. (Why can't they see the We don't relay without
authentication and leave?)

Granted, however, this is blocking them from wasting my mailservers time
deciding to reject their relay attempts. I can certainly understand the
frustration that people would get.

Sorry if this is off topic... I don't post here often, and will probably
not again for a while.

Cheers,
Patrick.

On Tue, 29 Apr 2003, Joe Abley wrote:

> Date: Tue, 29 Apr 2003 19:35:10 -0400
> From: Joe Abley <***@automagic.org>
> To: ***@list.waikato.ac.nz
> Subject: [nznog] people blocking "all APNIC space"
>
> There's recurring wisdom on other lists that people outside the Asia
> Pacific region routinely block "all APNIC space" in order to reduce the
> amount of spam they receive (the most recent example was on NANOG, when
> someone inferred that APNIC address space was useless because it is so
> regularly blocked).
>
> I've run MTAs numbered within 202/8 and 203/8 before, and I've never
> noticed a problem; if the practice of blocking all APNIC space was that
> commonplace, I would have expected to have noticed. Maybe I was just
> lucky, or maybe these block-happy ISPs don't include 202/8 and 203/8 in
> "all APNIC space".
>
> Anybody here noticed widespread blocking of any APNIC ranges by ISPs
> elsewhere in the world?
>
>
> Joe
>
> _______________________________________________
> Nznog mailing list
> ***@list.waikato.ac.nz
> http://list.waikato.ac.nz/mailman/listinfo/nznog
>
Jeff Williams
2003-05-05 01:13:42 UTC
Permalink
Patrick and all,

Well thank you for posting here regarding this seemingly ongoing
problem stemming it seems from APNIC allocation policy changes
of late. I have recently forwarded these postings from Nznog along
to APNIC for their attention as I an CC'ing this one as well.


Patrick Quinn-Graham wrote:

> I have in the last two days watched hundreds of connections come in to my
> smtp server, all of which comes from an ISP in Taiwan.
>
> I am progressivly just blocking large chunks of their address space.
>
> If I had the time or the knowledge of where to find the info I would
> block the entire reagon. (Why can't they see the We don't relay without
> authentication and leave?)
>
> Granted, however, this is blocking them from wasting my mailservers time
> deciding to reject their relay attempts. I can certainly understand the
> frustration that people would get.
>
> Sorry if this is off topic... I don't post here often, and will probably
> not again for a while.
>
> Cheers,
> Patrick.
>
> On Tue, 29 Apr 2003, Joe Abley wrote:
>
> > Date: Tue, 29 Apr 2003 19:35:10 -0400
> > From: Joe Abley <***@automagic.org>
> > To: ***@list.waikato.ac.nz
> > Subject: [nznog] people blocking "all APNIC space"
> >
> > There's recurring wisdom on other lists that people outside the Asia
> > Pacific region routinely block "all APNIC space" in order to reduce the
> > amount of spam they receive (the most recent example was on NANOG, when
> > someone inferred that APNIC address space was useless because it is so
> > regularly blocked).
> >
> > I've run MTAs numbered within 202/8 and 203/8 before, and I've never
> > noticed a problem; if the practice of blocking all APNIC space was that
> > commonplace, I would have expected to have noticed. Maybe I was just
> > lucky, or maybe these block-happy ISPs don't include 202/8 and 203/8 in
> > "all APNIC space".
> >
> > Anybody here noticed widespread blocking of any APNIC ranges by ISPs
> > elsewhere in the world?
> >
> >
> > Joe
> >
> > _______________________________________________
> > Nznog mailing list
> > ***@list.waikato.ac.nz
> > http://list.waikato.ac.nz/mailman/listinfo/nznog
> >
> _______________________________________________
> Nznog mailing list
> ***@list.waikato.ac.nz
> http://list.waikato.ac.nz/mailman/listinfo/nznog

Regards,

--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 129k members/stakeholders strong!)
================================================================
CEO/DIR. Internet Network Eng. SR. Eng. Network data security
Information Network Eng. Group. INEG. INC.
E-Mail ***@ix.netcom.com
Contact Number: 214-244-4827 or 214-244-3801
Phill Groom
2003-05-05 07:04:06 UTC
Permalink
Below is a response I received after one of my customers complained
about being unable to reach
http://www.usace.army.mil . Note that the "China net class A network"
reffered to is 203.x.x.x . Note also that this was received twelve
months ago and access has since been restored.

Regards,
Phill.

> Phillip, Based on the information we have there is currently no
> justification to open that network. The China net Class A network was
> blocked several months ago due to very high volumes of malicious
> traffic that threatened the security of our army networks. If you can
> provide a specific reason to access the Corp of Engineer site then
> we can re-evaluate your request. If you can have the USACE folks
> contact us and verify your need, that can help to further justify
> your requirement. At this point, there is no reason for us to open
> the Chinanet host to our networks.
>
> John L King Team Leader, Current Operations RCERT-CONUS Com (520)
> 538-2482 DSN 879-2482 Ft. Huachuca, AZ
>

I esecially liked this comment that appeared in the middle of the email
trail as it was forwarded from person to person;

> -----Original Message-----
> From: Cartagena, Adelina USANETA
> Sent: Thursday, March 14, 2002 3:30 PM
> To: Ludwig, David E USANETA
> Subject: FW: <http://www.usace.army.mil>
>
>
> Dave:
>
> Another one.



Jeff Williams wrote:
> Patrick and all,
>
> Well thank you for posting here regarding this seemingly ongoing
> problem stemming it seems from APNIC allocation policy changes of
> late. I have recently forwarded these postings from Nznog along to
> APNIC for their attention as I an CC'ing this one as well.
>
>
> Patrick Quinn-Graham wrote:
>
>
>> I have in the last two days watched hundreds of connections come in
>> to my smtp server, all of which comes from an ISP in Taiwan.
>>
>> I am progressivly just blocking large chunks of their address
>> space.
>>
>> If I had the time or the knowledge of where to find the info I
>> would block the entire reagon. (Why can't they see the We don't
>> relay without authentication and leave?)
>>
>> Granted, however, this is blocking them from wasting my mailservers
>> time deciding to reject their relay attempts. I can certainly
>> understand the frustration that people would get.
>>
>> Sorry if this is off topic... I don't post here often, and will
>> probably not again for a while.
>>
>> Cheers, Patrick.
>>
>> On Tue, 29 Apr 2003, Joe Abley wrote:
>>
>>
>>> Date: Tue, 29 Apr 2003 19:35:10 -0400 From: Joe Abley
>>> <***@automagic.org> To: ***@list.waikato.ac.nz Subject:
>>> [nznog] people blocking "all APNIC space"
>>>
>>> There's recurring wisdom on other lists that people outside the
>>> Asia Pacific region routinely block "all APNIC space" in order to
>>> reduce the amount of spam they receive (the most recent example
>>> was on NANOG, when someone inferred that APNIC address space was
>>> useless because it is so regularly blocked).
>>>
>>> I've run MTAs numbered within 202/8 and 203/8 before, and I've
>>> never noticed a problem; if the practice of blocking all APNIC
>>> space was that commonplace, I would have expected to have
>>> noticed. Maybe I was just lucky, or maybe these block-happy ISPs
>>> don't include 202/8 and 203/8 in "all APNIC space".
>>>
>>> Anybody here noticed widespread blocking of any APNIC ranges by
>>> ISPs elsewhere in the world?
>>>
>>>
>>> Joe
>>>
>>> _______________________________________________ Nznog mailing
>>> list ***@list.waikato.ac.nz
>>> http://list.waikato.ac.nz/mailman/listinfo/nznog
>>>
>>
>> _______________________________________________ Nznog mailing list
>> ***@list.waikato.ac.nz
>> http://list.waikato.ac.nz/mailman/listinfo/nznog
>
>
> Regards,
>
> -- Jeffrey A. Williams Spokesman for INEGroup LLA. - (Over 129k
> members/stakeholders strong!)
> ================================================================
> CEO/DIR. Internet Network Eng. SR. Eng. Network data security
> Information Network Eng. Group. INEG. INC. E-Mail
> ***@ix.netcom.com Contact Number: 214-244-4827 or 214-244-3801
>
>
> _______________________________________________ Nznog mailing list
> ***@list.waikato.ac.nz
> http://list.waikato.ac.nz/mailman/listinfo/nznog
>
>
Lin Nah
2003-05-04 11:28:51 UTC
Permalink
On Sat, 3 May 2003, Patrick Quinn-Graham wrote:
> I have in the last two days watched hundreds of connections come in to my
> smtp server, all of which comes from an ISP in Taiwan.
>
> I am progressivly just blocking large chunks of their address space.
>
> If I had the time or the knowledge of where to find the info I would
> block the entire reagon. (Why can't they see the We don't relay without
> authentication and leave?)
This can be done. There are sites such as cluecentral.net that
supplies list of IPs by country (or by originating AS as well) and
even talk about how you can implement such blocks. They have the IPs
listed, taking your taiwanese users as an example, in a group like
tw.rbl.cluecentral.net. Anyway for more info etc check out
http://www.cluecentral.net/rblcheck/

regards
lin
Loading...