AusRegistry Whois Blacklisting - how many?

AusRegistry Whois Blacklisting - how many?

From: Andrew Heath <andrew§bluetongue.com>
Date: Wed, 24 Mar 2004 09:13:02 +1100
Morning all...

I have this morning been tracking down (or attempting to) the source of some
SPAM that came from an Australian source...

I do this using the trusty NeoTrace program, which has the built in ability
to do whois lookups whis is very handy when looking for source information.

I was doing this when I noticed the following in the whois entry window:

Copyright 2001 auDA.  Terms of Use at http://www.aunic.net/copyright.html

The object shown below is NOT in the AUNIC database.
It has been obtained by forwarding your query to a remote server:
(whois.ausregistry.net.au) at port 43.
If whois.ausregistry.net.au says that AUNIC's IP address has been
blacklisted, 
then please send your query directly to whois.ausregistry.net.au instead.

BLACKLISTED: You have exceeded the query limit for your IP address and have
been blacklisted. This restriction will be removed in 24 hours.

    End of referred query result

How many queries does one have to do to get blacklisted?

It seems (FWIW) that at the moment that the limit may be set too low as it
is blacklisting legitimate use - to try and find SPAMMERS...  Roll on April
10...

Andrew

For those who care - the spam was the current Equity Spotlight SPAM from
"Stock-Market Spotlight" that has been going around...

Headers and other info below...

Return-Path: <duldrsol&#167;asianhome.net>
Received: from 203.17.238.134 ([210.8.211.138])
	by penguin.bluetongue.com (8.11.3/8.11.3/check_local4.2) with SMTP
id i2NGcFB16326
	for <jobs&#167;bluetongue.com>; Wed, 24 Mar 2004 03:38:16 +1100
X-Spam-Filter: check_local&#167;penguin.bluetongue.com by digitalanswers.org
X-Spam-Envelope: resolve_fail
Received: from 224.184.70.159 by 210.8.211.138; Tue, 23 Mar 2004 11:38:06
-0500
Message-ID: <ARGZFJDPTNBEKQBUTRBLWJZ&#167;yahoo.com>
From: "Son Burger" <duldrsol&#167;asianhome.net>
Reply-To: "Son Burger" <duldrsol&#167;asianhome.net>
To: jobs&#167;bluetongue.com
Subject: Investors: OSSI, the Next Ditech, LendingTree, or Countrywide? Tue,
23 Mar 2004 11:38:06 -0500
Date: Tue, 23 Mar 2004 11:38:06 -0500
X-Mailer: 
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="--3691480753697955333"
X-Spam-Checker-Version: SpamAssassin 2.61 (1.212.2.1-2003-12-09-exp) on 
	penguin.bluetongue.com
X-Spam-Status: No, hits=1.9 required=5.0 tests=BAYES_30,RFA autolearn=no 
	version=2.61
X-Spam-Level: *
X-UIDL: :a0!!([1"!67e!!E:I!!
Status: RO


inetnum:      210.8.211.128 - 210.8.211.191
netname:      UNIVERSAL2-CC-AU
descr:        Universal Network Technologies Pty Limited
descr:        Suite G08 / Bay 16
descr:        Australian Technology Park
descr:        Eveleigh, NSW 1430
country:      AU
admin-c:      JS32-CC-AU
tech-c:       JS32-CC-AU
status:       ASSIGNED PA
remarks:      This information has been partially mirrored by APNIC from
remarks:      Connect.Com.Au. To obtain more specific information, please
remarks:      use the CCAIR whois server at whois.connect.com.au.
notify:       dbmon&#167;connect.com.au
mnt-by:       CONNECT-AU
changed:      sstokes&#167;connect.com.au 20031208
source:       CCAIR
Received on Fri Oct 03 2003 - 00:00:00 UTC

This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:07 UTC