Hi Mr Ramesh

Would just like to shed some quick insights on these blacklisting issues (not related to contact details).

Based on some testing I have performed on a few networks, the following observations were made:

By dropping port 25 UDP & TCP on "any port" basis (src + dst port) - IPv4 + IPv6
By dropping port 5060-5061 UDP & TCP on "any port" basis (src + dst port) - IPv4 only (IPv6 not required as we can log-prefix delegation directly anyway and I believe we should allow SIP via IPv6)
I observed that public pools were no longer being blacklisted and the above method seems to solve the issue for good

No legitimate service will use port 25, so blocking it for good, works well.

A couple of other filtering procedures are required to truly build armour against unwanted traffic, if you are interested you can shoot me be back a reply :)

Best Regards

Daryll J. L. Swer

Mobile Number: +91 700 592 0360

Website: daryllswer.com

On Fri, 3 Sept 2021 at 21:56, Ramesh R Chandra via INNOG <innog@innog.net> wrote:

Gentlemen,

As we know, there are many public & private organizations (e.g. UCEProtect, RATSpam, Spamhous, SORBS, BARRACUDA etc....) are active in public domain and blacklisting IPv4 pools. As a result of this, service experience of many operators is impacted. It is also noticed that process of blacklisting and removal are not very transparent or atleast not being followed what they have published to the best of our experience. Many pools not in use for 12 months are also blacklisted and not getting removed automatically. These are common issues and faced by almost all TSP/MSP/ISP etc.. These organizations have published only email ID for contacts and system generated response is received when contacted. Not sure how many if we have members from these organization in these mailing groups.

Requesting phone and additional email IDs of employees/people from these organizations to establish contacts, understand effectiveness of process and work closely to address issues related to blacklisting of pools. Look forward to your support and contact details please....

Regards
Ramesh Chandra

"Confidentiality Warning: This message and any attachments are intended only for the use of the intended recipient(s).
are confidential and may be privileged. If you are not the intended recipient. you are hereby notified that any
review. re-transmission. conversion to hard copy. copying. circulation or other use of this message and any attachments is
strictly prohibited. If you are not the intended recipient. please notify the sender immediately by return email.
and delete this message and any attachments from your system.

Virus Warning: Although the company has taken reasonable precautions to ensure no viruses are present in this email.
The company cannot accept responsibility for any loss or damage arising from the use of this email or attachment."
_______________________________________________
INNOG mailing list -- innog@innog.net
To unsubscribe send an email to innog-leave@innog.net