[SpamCop-List] Re: SC lookup error mirroring Apnic ??

Thu Aug 19 18:51:32 EDT 2004

"Graeme Leith" <glnews030922 at highspot.net> wrote in message
news:cg2eeu$vb9$1 at news.spamcop.net...
> David Butler wrote:
>
> [snip]
> > $ whois 222.250.109.25
> >
> > [spamcop mirror]
> >
> > inetnum:      222.0.0.0 - 222.255.255.255
> > netname:      APNIC-AP
> >
> > Which is the wrong Netrange!
> >
> > (which is what openrbl.org also pulls up via Arin)
> >
> > SC also misses:
> >
> > .250.109.25 resolved to 222-250-109-25.cm.dynamic.apol.com.tw
> >
> > descr:      ETHome
> > origin:     AS9415
> > notify:     rradmin at apol.com.tw
> > mnt-by:     MAINT-AS17709
> > changed:    corey at apol.com.tw 20030221
> > source:     RADB
> >
> > It seems this MAY route through apol.com.tw, so SC should add
> > spam at apol.com.tw, no ?
> >
> > More notes in .routing but I thought this lookup erroe was serious.
>
> You are right in this case, but be careful when you're relying on
> reverse lookups. The owner of the netblock can point the PTR record to
> wherever they want. They could just as easily point it to
> www.microsoft.com as they can to 222-250-109-25.cm.dynamic.apol.com.tw.
>
> This is why SC can't rely on PTR records for routing.
>
> The miss-routing wouldn't happen if the address space was properly
> swipped as it's supposed to be.
>
> -- 

I am NOT relying on the reverse lookup, that was just a footnote.

SC looked up the larger Netblock and got ENTIRELY the wrong ISP and useless
reporting info as a result. If you look up the AS numbers you will see that
I am correct as to the owner of the Netblock...

I also looked over the routing as noted and it does appear to pass through
apol..tw.net, but I am not proficient enough with BGP tools to be certain.

I mention it so Ellen (or Richard) might have a look when they get around to
it.