North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Praise to XO's Security/Abuse

  • From: Kai Schlichting
  • Date: Mon Sep 09 16:54:20 2002

On 8/30/2002 at 8:25 PM, [email protected] wrote:


> On 04:36 PM 8/30/02, John M. Brown wrote:
>  >
>  >
>  >Jason at XO's security/abuse staff.  Very helpful chap

> Indeed he is.  Which is why I'm totally mystified about why rfc-ignorant 
> insists that my domain doesn't have a working abuse address.  I would 
> privately email the admin at rfc-ignorant about this problem, but, well.... 
> (see below)

> jc

I don't think rfc-ignorant.org tests entries at a later time, ever.
I have brought the concentric.net case to their attention today.

Speaking of Concentric domains: cnc.net has not had a working [email protected]
address for several YEARS, and I have brought that to Concentric's
attention, oh, 3-4 years ago?

I consider this a reckless way of operating: some people have
interpreted RFC822 in such a way that you only have to accept mail
to "[email protected]" if you actually accept any mail for the domain
at all. I wonder who's smart idea within Concentric it was to use
cnc.net for a bazillion FQDN's and in-addr.arpa records, but create
an MX record for the domain and not accept postmaster and [email protected] .
If I wouldn't know better (the whole incompetent vs. malevolent logic),
I'd outright describe this as being "evasive".

Speaking of evading: I wish to remind the readers of this thread
(a subset of NANOG readers) that the good deeds of a few cannot
make up for the colossal, corrupt policy failures of a bankrupt
organization as a whole, or else I wouldn't currently be in
possession of about 90 complaints (and corresponding 90 auto-replies,
with exactly ZERO human-generated replies) from xo.com
regarding spam-spewing factories of crime in their IP space,
with such complaints sent to them in the short, short period of
the last 2.5 months, based on an amazingly small swath of IP
space at the receiving end of this Internet crime.

Examples of XO customers who can't tell right from wrong, and
"220 DO ME HARD" from "550 NO TRESPASSING, CRIMINAL SCUM", and
who continue to criminally trespass onto other people's property
after being told to stay away:

Sep  9 08:13:25 sonet sendmail[895]: IAA00895: from=<[email protected]>, size=0, class=0, pri=0, nrcpts=0, proto=SMTP,
relay=gw.iaccess.com [64.221.226.129]

Sep  9 02:19:51 saturn sendmail[5229]: NOQUEUE: ruleset=check_relay, arg1=lsv-004.cynergen.net, arg2=66.239.204.53,
relay=lsv-004.cynergen.net [66.239.204.53], reject=550 no access for OIN - Spammers must die.

Sep  9 00:35:21 saturn sendmail[1729]: NOQUEUE: ruleset=check_relay, arg1=host28.anglcorp.com, arg2=67.105.80.91, relay=host28.anglcorp.com
[67.105.80.91], reject=550 no access for list-washing twits at anglcorp.com - Spammers must die.

Sep  8 00:13:57 saturn sendmail[12484]: NOQUEUE: ruleset=check_relay, arg1=lsv-001.cynergen.net, arg2=66.239.204.50,
relay=lsv-001.cynergen.net [66.239.204.50], reject=550 no access for OIN - Spammers must die.

Sep  7 20:58:36 saturn sendmail[6541]: NOQUEUE: ruleset=check_relay, arg1=host24.anglcorp.com, arg2=67.105.80.87, relay=host24.anglcorp.com
[67.105.80.87], reject=550 no access for list-washing twits at anglcorp.com - Spammers must die.

Sep  7 16:26:39 sonet sendmail[11480]: NOQUEUE: ruleset=check_relay, arg1=lsv-002.cynergen.net, arg2=66.239.204.51,
relay=lsv-002.cynergen.net [66.239.204.51], reject=550 no access for OIN - Spammers must die.

Sep  7 05:01:49 saturn sendmail[2655]: FAA02655: <X>... User unknown - user never existed - single-opt-in is spam - and
Spammers must die.
Sep  7 05:01:49 saturn sendmail[2655]: FAA02655:
from=<[email protected]>, size=0, class=0,
pri=0, nrcpts=0, proto=SMTP, relay=ul1.tilw.net [209.164.4.171]

Sep  6 20:55:27 saturn sendmail[14573]: NOQUEUE: ruleset=check_relay, arg1=lsv-001.cynergen.net, arg2=66.239.204.50,
relay=lsv-001.cynergen.net [66.239.204.50], reject=550 no access for OIN - Spammers must die.

Sep  5 20:10:41 sonet sendmail[18779]: UAA18779: from=<[email protected]>, size=0, class=0, pri=0, nrcpts=0, proto=SMTP,
relay=host228.iaccess.com [64.221.226.228] (may be forged)

Sep  5 18:44:45 saturn sendmail[9560]: NOQUEUE: ruleset=check_relay, arg1=lsv-002.cynergen.net, arg2=66.239.204.51,
relay=lsv-002.cynergen.net [66.239.204.51], reject=550 no access for OIN - Spammers must die.

Sep  5 14:30:19 saturn sendmail[26113]: NOQUEUE: ruleset=check_relay, arg1=thething.emailfactory.com, arg2=64.35.34.30,
relay=thething.emailfactory.com [64.35.34.30], reject=550 NO TRESPASSING for emailfactory.com/newc.com - Spammers must die.

Sep  4 16:20:57 saturn sendmail[817]: NOQUEUE: ruleset=check_relay, arg1=lsv-001.cynergen.net, arg2=66.239.204.50,
relay=lsv-001.cynergen.net [66.239.204.50], reject=550 no access for OIN - Spammers must die.


There is no doubt in my mind that XO is fully aware of the criminal trespass
committed by their customers, and continues to aid and abet these criminal
activities on a daily basis by knowingly and willingly providing service and
/dev/null'ing complaints about them - kinda like Sprintlink/Sprint aiding
and abetting their criminals^Wcustomers while committing acts of forgery,
false declaration of goods, false declaration of goods in interstate and
international commerce, criminal impersonation, falsification of business
records and business and wire fraud across state lines - only more passively.

I could point the finger in almost any direction from here.
>From UnSavvy to APiss&Pee. From Uh-Oh!Net to Clueless&Witless.
>From FraudLynx to VeryUglio, From Exorcism to Worldcunt.
The bigger, the more bankrupt, the more aiding and abetting.

It's 5pm: do you know who you work for?

--
"Just say No" to Spam                                     Kai Schlichting
New York, Palo Alto, You name it             Sophisticated Technical Peon
Kai's SpamShield <tm> is FREE!                  http://www.SpamShield.org
|                                                                       |
LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes
WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath