David, is there real things I can do? Semi-real is 5. But the problem is much more deep. Some people make blacklisting by firewall rules based on data years old. Some blacklists (my client said about yahoo and aol) just have no policy to delist a network, and ignore requests. David Conrad wrote:
An "interesting" (in sort of the way the Ebola virus is "interesting") problem that is going to become much more common as we start reallocating previously allocated or otherwise flagged blocks. Leo Vegoda has done a couple of presentations on this.
Just imagine the fun folks who are going to get prefixes out of 1.0.0.0/8 are going to have.
Options I can think of:
1) Get everybody to transition to IPv6 (um, yeah). 2) Get all the folks who are running RBLs/DUNs to update their lists when address status changes (slightly more realistic than (1)). 3) Get everybody to use reputation services like http://www.karmasphere.com/, et al. (no, I'm not affiliated with them) 4) Get RPKI deployed to reduce the need for black list services (um, yeah.) 5) Get the folks who win the draw on prefixes to go around to every black list service themselves (as they discover them) and convince the operator of that list (somehow) to remove them (the default).
No good answers I'm aware of...
Regards, -drc
On 1/16/08 9:28 AM, "Max Tulyev" <president@ukraine.su> wrote:
Hello All,
I just got an assignment for my client (large PI block). But this block is listed in all DNS RBLs and DUN lists, as it was in use till Oct'07 as dynamic DHCP pool of other big ISP.
So my client says they can't use this network, because mail service is blocked.
RIPE rejected my request to change this network to another one: "As we do understand how unfortunate this is for **********, there is nothing we can do about prefixes that appear on so called black lists."
How can I solve this?
-- WBR, Max Tulyev (MT6561-RIPE, 2:463/253@FIDO)