Hello,
I am trying to understand all the points that five-ten-sg.com makes
about one (actually two) of my servers' IPs. (I wrote to them, no
reply)
the blacklist lookup page seems to return a result in contradiction
with the DNS A record for my IP.
http://www.five-ten-sg.com/blackhole.php?ip=213.92.104.121&Search=Search
says that my server's IP is in the misc.spam group. But the result
from a lookup of:
dig 121.104.92.213.blackholes.five-ten-sg.com a
gives 127.0.0.2, that the bottom of the page above lists as belonging
to the bulk group. So, misc.spam or bulk?
B) Also, in the page above it is said that three requisites are to be
met for a block [they do not specify the length!] to be listed, that
is:
"The misc.spam group is mostly (but not entirely) composed of entire
[entire? isn't a block entire by definition, that is topologically
simply connected? if I remember well...] addresses blocks that have
a) sent spam here, b) have consecutive or missing reverse dns, and c)
have no customer sub-delegation via either the controlling RIR (ARIN,
RIPE, LACNIC, APNIC, etc) or an rwhois server referenced in the main
RIR records."
to each point:
a) where is the report of the spam sent there, so that I can contact
my provider (talking to a human, that is usually more effective than
email) and make them act on that.
b) what is "consecutive" reverse DNS? Do they mean rDNS built in some
way from the IP address?
c) how can a provider give customer subdelegation if it distributes
single static IPs? Should they provide their own rwhois to have that?
Seems a bit heavy on small providers. But I guess this is not
necessary as long and one of the other two point do not apply, if, as
I understand, all three points have to be met in order to be listed.
Thank you for your attention
Giuliano Gavazzi
