I've had two recent experiences with "new" IPv4s where the IPs were either black listed or in the second case receiving very heavy bot traffic trying to access the IP. The IPs came with not so good histories.
The worse case of the two is the one where the IP was already black listed before we even started to use it.
Does any one know where one can verify an IPv4 as a clean IP? And what is a person's options? Like can we clean the IP ourselves?
I guess the chances of getting a not so clean IPV4 these days is quite good particularly since there is a limited supply of IPv4's available so they're being recycled regularly. Would be nice to know how one could clean up an IP.
There are a few free and very good services available online where you can check the state of your IPv4 IP address against multiple blacklists.
Blacklist Checking Services
With the above mentioned services you can check your IP address state against many blacklists for mail spam, open proxy listing and etc.
Usually to get your IP address delisted you have to verify that whatever has caused the listing is NOT happening anymore. If that is checked you have to visit the actual website of the blacklist and look for a "Delisting" or "Removal" option. There you can submit a request for your IP address to be removed from their blacklist. This usually works well.
Example of a delisting or removal request site of a blacklist:
http://www.barracudacentral.org/rbl/removal-request (Barracuda Blacklist)
Others can be quite different. Sometimes you might have to sign up with them and open internal tickets for removal of your IP from their blacklists and others only accept mails.
About your IP address "receiving very heavy bot traffic trying to access the IP". This is a very common problem and absolutely nothing new. You can change your IP address as much as you want but it will still keep happening (sooner or later). The bots scan all subnets on the Internet and attack all IPs. There is no escape. You however, given that we discussed this before here, know what to do to get rid of the automated attacks
. So the best weapon against these attackers is a secured server. This is always a rather good idea. Operating a server wide open and without any kind of security is simply negligent and shows a very modest behavior.
Generally IP blacklisting is also a very common issue in the hosting world. ISPs and providers should care about it. There are extreme cases where blacklists list whole IP ranges that are probably only rented from datacenters. And the datacenters terminate contracts and service with the people who rented the IP ranges from them because they care to have a good reputation. Especially for servers a blacklisted IP means a lot... atleast if you're ever planning to host a mail server or pass traffic through the IP (e.g. coperate VPN, private VPN and such).
Imagine you are running a hosting company and someone abuses your IP space by spamming thousands of mail inboxes with a overall of millions of spam mails. This would get you listed on pretty much all of the blacklists. In the worst case you get the whole IP space listed and the datacenter where you got the hardware and IP space from won't be happy. They will decide to cancel the contract with you. Out of the sudden the plug in your IP space is pulled. Clients demand their money back, start PayPal and CC disputes and run away. Farewell "your hosting company name here".
Users themselves should also care of course. When I got VPSs before I performed blacklists checks and made sure I don't run anything that might cause the issues. Then I went to the blacklist sites and requested delisting. In most cases successfully. Some blacklists can be really hard to get off because they only accept removal requests from the owners of the IP blocks or won't remove a single IP address on request if they have listed the whole range.
(07-17-2018, 05:16 PM)Hidden Refuge Wrote: [ -> ][...]
Imagine you are running a hosting company and someone abuses your IP space by spamming thousands of mail inboxes with a overall of millions of spam mails. This would get you listed on pretty much all of the blacklists. In the worst case you get the whole IP space listed and the datacenter where you got the hardware and IP space from won't be happy. They will decide to cancel the contract with you. Out of the sudden the plug in your IP space is pulled. Clients demand their money back, start PayPal and CC disputes and run away. Farewell "your hosting company name here".
Users themselves should also care of course. When I got VPSs before I performed blacklists checks and made sure I don't run anything that might cause the issues. Then I went to the blacklist sites and requested delisting. In most cases successfully. Some blacklists can be really hard to get off because they only accept removal requests from the owners of the IP blocks or won't remove a single IP address on request if they have listed the whole range.
Thanks VERY MUCH for the detailed contribution
. Particularly for the information on delisting. I was hoping there was a central place one could do it at, but now understand about checking who is doing the blocking with MX Toolbox. Probably worth signing up with them as well, as they have a very good DNS Inspect service too.Only thing, in our case with our block, MX Toolbox didn't show Google or Microsoft blocks. That we only discovered when people were using their e-mail system. Hopefully it's fixed now.
You're so right about the other constraints like abusing one's IP space with spamming thousands of mail inboxes. I guess that in its own right is an excellent reason to only keep company with high quality hosts and datacenters - that is more expensive though. Another constraint I've also found lately is with the regional blocks. South Africa shouldn't really be blocked as the standards by the only ISP there is - Telkom - are very strict. Those doing "funny stuff" usually get flagged in their system pretty quickly and there is a zero tolerance for abuse. But I guess, any one living in Africa gets brushed with the same feathers from those who are situated elsewhere in the world. Every now and then I find I can't view a show, or get access to a Website because it is not available for people from the region I'm in for now. Hence why I guess quite a large number of people here use VPNs. Irony is that our ISP flags people who use VPNs probably because of the high crime rate. So both those who are honest and dishonest are penalized by the same system.
Tonight I also learned about "failover IPs". You probably already know about them. OVH offers a person IPs that one can migrate to other servers, but obviously the other servers have to be owned by them too - in the same family. Aha .... looks like Hetzner is offering it too. It does cost extra though, so I guess this will only be used by large corporations:
https://wiki.hetzner.de/index.php/Failover/en
OVH:
https://www.ovh.com/world/dedicated-serv...ilover.xml
Kimsufi - the discount company that belongs to OVH - doesn't allow additional IPs. I found that very intriguing.
https://www.kimsufi.com/en/faq/
I guess as time goes one on of these days getting an IPv4 is going to be very expensive. They're probably so heavily recycled now, cleaning IPs before one uses them is going to become a specialist field of a kind.
Oh! Yes, sorry. I forgot to mention that Microsoft, Google and probably also other providers use their own internal blacklists that have no public blacklist checking API. The only way to check in that case is try to send mails to e-mail addresses hosted at these companies.
It can be hard or impossible to get off those list. Neither Microsoft nor Google are really cooperating on what the issue is, how to properly fix it and how to get delisted. It's a hard job to keep your IP space off the list of such providers.
I remember asking Hotmail to remove my IP from their blocked list. You can't really do anything about it. You just have to complete a form and wait for a reply.