[184697] in North American Network Operators' Group
Re: Spamhaus contact needed
daemon@ATHENA.MIT.EDU (Jason Baugher)
Thu Oct 15 13:44:02 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <561FE343.60506@cox.net>
Date: Thu, 15 Oct 2015 12:41:56 -0500
From: Jason Baugher <jason@thebaughers.com>
To: Larry Sheldon <larrysheldon@cox.net>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
When all it says is, "spam-sending trojan, malicious link, or some type of
botnet", it's not a lot to go on. I've seen examples where their lookup
tool provides more details, but in this case, the response is generic.
In fact, usually when this happens to a customer, they're able to figure
out the problem without a lot of fuss and keep it from happening again.
Sometimes we have to help them, but it's always something fairly obvious.
It's only in this one case that we're struggling to identify the cause.
Thank you to those that pointed out their email address on the FAQ page.
How I managed to read through there and miss it, I'll never know.
On Thu, Oct 15, 2015 at 12:32 PM, Larry Sheldon <larrysheldon@cox.net>
wrote:
> On 10/15/2015 00:27, Jason Baugher wrote:
>
>> Sorry to clutter up this list with an email issue, but hopefully someone
>> is
>> here from Spamhaus that can contact me off-list. I have a customer whose
>> IP
>> keeps getting listed in the CBL, and even after doing packet captures of
>> everything in and out of their network, I still can't find a reason for
>> it.
>>
>
> I have been off the line for quite a while, but as I recollect there is no
> "Spamhaus contact" aside from the search engine they provide for their
> database.
>
> You look-up you IP, they tell you what the problem is, you fix it, and the
> block goes away.
>
> It always used to work. Every time.
>
>
> --
> sed quis custodiet ipsos custodes? (Juvenal)
>
