[117322] in North American Network Operators' Group
Re: Repeated Blacklisting / IP reputation
daemon@ATHENA.MIT.EDU (Leo Vegoda)
Wed Sep 9 23:31:11 2009
From: Leo Vegoda <leo.vegoda@icann.org>
To: Alex Lanstein <ALanstein@FireEye.com>
Date: Wed, 9 Sep 2009 20:30:02 -0700
In-Reply-To: <60B0F2124D07B942988329B5B7CA393D010FA10708@mail2.FireEye.com>
Cc: John Curran <jcurran@arin.net>, "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sep 9, 2009, at 7:18 PM, Alex Lanstein wrote:
> Along the same lines, I noticed that the worst Actor in recent =20
> memory (McColo - AS26780) stopped paying their bills to ARIN and =20
> their addresses have been returned to the pool.
>
> It's my opinion that a very select number of CIDR blocks (another =20
> example being the ones belonging to Cernel/InternetPath/Atrivo/etc, =20
> if it were ever fully extinguished) are, and forever will be, =20
> completely toxic and unusable to any legitimate enterprise. =20
> Arguments could be made that industry blacklists can and should be =20
> more flexible, but from the considerably more innocuous case in this =20
> thread, that is apparently not the modus operandi
Putting these addresses back into use does not mean that they have to =20
be allocated to networks where they'll number mail servers. ARIN staff =20
is doubtless aware of the history of these blocks and will presumably =20
do their best to allocate them to networks that aren't intended to =20
host mail servers.
Regards,
Leo
