Well this explains a few things.
What do you mean by 'blacklist' ?
Are we talking about DNSBL's usually used to block spam sources?
Or are we talking about something that more generically blocks IP's seen
to originate 'malicious' behavior?
Many 'blacklists' rigged to block spam as their primary function, will
frequently or even by standard practice, block dynamic IP allocations.
Clearly you can't attribute the behavior of one user who held a dynamic
IP at some point, to the new holder of the same IP - but this also means
that those of us in the real world shouldn't be trusting that our
end-users will be on non-blacklisted IP's. Either don't operate the
blacklist in question, live with it, or insist that your users have
static IP's and whitelist those to get around it.
If someone's using a spam-oriented blacklist to generate a list of IP's
that should be treated as 'bad' for other purposes, is going to have a
mixed success with this anyway, particularly if you're dealing with the
big telco's that'll have a relatively large number of compromised or
'abusive' (for varying definitions of abusive) clients online at any one
time, and proportionately small amount of resource dedicated to
On 19/02/2015 11:46 a.m., Daniel Christie wrote:
The incident I had this morning was a Spark NZ
broadband customer, they didn't have a static IP as I asked them to restart their
router which gave them a different IP address.
I wouldn't want to unblock them myself as this could cause them to get listed again
and more permanently if they hadn't first resolved the cause of it themselves, like
you have said.
I imagine, as it was a dynamic address that it would have been blacklisted by another one
of Sparks customers beforehand and then dished out to the user I was talking to last night
after their office had a power outage.
I've tried looking on the Spark NZ website but could not find any support article or
help guide for this scenario.
would anyone on this list (possibly from Spark broadband services) be able to help me
with what should be done for this?
Daniel Christie SYSTEMS ENGINEER/APPLICATION SPECIALIST
Depends who owns the IP space, in the event the ISP has provided space it¹s in your best
interest to unblock them so if they get re-assigned to someone else they work.
Again depends on what the customer is doing to continually get blacklisted, I.e. Not
fixing an issue they were told to fix, like open NTP or something.
If the IP space belongs to your downstream customer, then it¹s their problem, but still
good to try and assist for a quality of service.
Barry Murphy / Chief Operating Officer
On 19/02/15 10:59 am, "Daniel Christie"
I'm working for a small web/mail hosting company.
I've recently noticed a lot of blacklisted IP addresses from NZ based
ISPs being dished out, part of our intrusion prevention methods involve
denying connections from these addresses.
How do these blacklisted IP addresses get unlisted? Is it the
responsibility of the customers of these ISPs or it is the responsibility
of the ISP?
NZNOG mailing list
NZNOG mailing list