New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
SpamHaus listing the whole /10 :O
feezioxiii
Member, Host Rep
This actually surprised me as I got replied from a provider refused to announce my /24 :O
Link: https://www.spamhaus.org/pbl/query/PBL1620170
#RIP
Edit: As pointed out, this might be requested from the ISP (Sprint) as @Francisco's post.
Thanked by 1eol
This discussion has been closed.
Comments
Very interesting...
Well, maybe the range you rent, was to cheap?
No wonder if the seller does not check the range for blacklisted IP's.
The range is owned by Sprint, how exactly are you getting leases from it?
Good chance Sprint is the one that requested the listing. I've seen a few larger end user ISP's do that (in the past at least).
Francisco
Well, that's PBL, which is not a blacklist as such (see spamhaus faq on that topic).
PBL basically means that no unauthenticated mail submission should occur from that IP range which is usually the case for dynamic end-customer IPs assigned by ISPs or unallocated address space.
If your subnet was just recently allocated, Spamhaus probably missed to update their PBL.
The owner of the addresses (i.e. who's listed in whois) can create an account at the Spamhaus ISP Portal (https://portal.spamhaus.org/isp/). There you can add IP ranges you own which will be manually verified by Spamhaus through whois records. After your IP range has been approved you can manage PBL listings within that range on your own. For example you can add IPs from which you don't want to allow unauthenticated mail submission.
In case there is an older larger PBL listing overlaying your particular IP range, you can also claim your specific IP range which means it will be excluded from the larger overlaying PBL listing or the larger PBL will be removed after review. This process is also described in the ISP FAQ.
You will probably have to read a bit through the PBL and ISP FAQ from Spamhaus. But that's not a big deal and really nothing to worry. It will just cost you some time but once you have done it, you are fine and your IPs will disappear from the PBL.
Leased from a provider on LET (not so reputable among members but been in the hosting industry for long enough). Haven't been able to check RIPE database as their DB just rejecting my connection. But from my last check, the /24 was originated from provider's /22 iirc (so it should be RIPE allocation).
Not gonna list the name and the exact /24 block here for privacy sakes.
Probably try again later with RIPE DB, I am also facing high processing times and several timeouts while working with RIPE DB right now. Seems to have some load issues at the moment.
But the IP range you are referring to is definitely not managed by RIPE. 184/8 is allocated to ARIN by the IANA. And from ARIN it is assigned to Sprint as mentioned by Francisco.
So if you got a RIPE offer from within 184/8, it might have been to cheap.
Well, I know about that (as I read the FAQ right after being notified about this - announcement rejected). But no matter how I explain to my upstream, they will still reject it anyways, Spamhaus even mentioned "THE PBL IS NOT A BLACKLIST" and "It is perfectly normal for these IP addresses to be listed on the PBL" on their site.
¯_(ツ)_/¯
Maybe search for another upstream if they are rejecting announcements because of PBL listing?!
I mean, the PBL per design includes nearly all dynamic IP addresses assigned to end-customer internet connections. And they are obviously still routable.
Jeez, just double checked and seems like my provider gave the wrong IP range on the LOA. The IP is started from 185 and not 184. Re-checking with them again now
Solved
Thank you @dfroe and @Francisco for pointing it out that the range is from Sprint
Then there was in fact a good reason for your upstream provider to reject the announcement.
Pity it was rejected through a listing on a PBL instead of checking that the person issuing the LoA had no rights to do that, but yeah, least it wasn’t announced.
That's the point though, they could have mentioned that the IP is from a Reputable ISP and tell me to recheck it.
Personally, I would safely assume that the LOA is correct as it must be checked twice anyways (IP provider and Upstream who will announce the range). So never expected the LOA has incorrect information.![:\](https://lowendtalk.com/resources/emoji/confused.png ":\")
Edit: Also lesson learned, be sure to double check everything and stop assuming
Thread closed per the OP’s request.