Return to Level1Techs.com

Are Uceprotect and whitelisted.org trying to extort me or what?

I started getting notified via MXToolbox (I had it set up years ago, offers single IP free monitoring) that my static home IP is blacklisted on Uceprotect level2.

There is a link to check out what to do about it, and there it says my IP is not directly involved in any spamming, but they still put the whole block on a blacklist if there is a single spammer sending out crap.

The thing is it’s a big-ass block, 65536 IPs if my math is correct (xxx.xxx.xxx.xxx/16). Provider does not give a crap, naturally.

But being nice people they are, they will whitelist my IP if it’s whitelisted on whitelisted.org, as it’s not my fault but some other asshole on my block. They however want to get paid, and get paid a lot - 25CHF/month.

This just feels like an extortion attempt, sort of like “You are going to prison because someone in your neighborhood is a criminal. Unless you pay us. Monthly.”.

Should I take any action, or just ignore them? I didn’t observe any email send/receive issues from the home server.

DDoS the hub

Call a lawyer

That sounds like it’s going to take up a lot of my time… and money :slight_smile:
Get a lawyer in home country → sue some German company trying to get money trough a Swiss company. And my ISP is basically a monopoly so they are more-less untouchable.

DDoS it is, can I borrow someones botnet please?

Anyone who is using blacklists that are throwing away entire /16s arguably no longer has a functional internet connection. I doubt many places are implementing whatever list you’re on, or if they are, they were just using it to monitor more closely and not outright block. I wouldn’t worry about it unless you experience actual service problems.

It also occurs to me that blacklisting a block that large might be geographical. In either case, you could get around it for under 25CHF (swiss franc?) by using a VPS as a reverse proxy.

2 Likes

Yeah, I’ll probably just ignore them. @Jari suggested to contact their support, but what I found was very unprofessional, and I would argue illegal.

YOU ARE LOSING YOUR RIGHT TO EXPRESSDELIST YOUR NET IF YOU ARE STUPID AND CLAIMING THIS WOULD BE BLACKMAIL, EXTORTION, SCAM OR SIMILAR BULLSHIT.

https://www.uceprotect.net/en/index.php?m=7&s=7

And when you run a query you get this if your IP block is blacklisted, even if your specific IP is not the offending one:

We never make exceptions. Requests to us are futile. Only your provider can fix this problem.

It sure does feel like blackmail, extortion or similar bullshit…

2 Likes

Have a word higher up the chain. Here’s the relevant portion of a whois query:

[email protected]: whois uceprotect.net
Domain Name: UCEPROTECT.NET
Registry Domain ID: 97889633_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.psi-usa.info
Registrar URL: http://www.psi-usa.info
Updated Date: 2021-01-26T12:14:59Z
Creation Date: 2003-05-14T13:34:00Z
Registry Expiry Date: 2021-05-14T13:34:00Z
Registrar: PSI-USA, Inc. dba Domain Robot
Registrar IANA ID: 151
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +49.94159559482
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: GUSS.NS.CLOUDFLARE.COM
Name Server: KAMI.NS.CLOUDFLARE.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
Last update of whois database: 2021-02-22T18:27:21Z <<<

HTH!

Do you have dkim entries setup, are you still having issues?

Yeah, I had someone setup DKIM and SPF (i think?), and It looks like there is no issues so far, it’s just that every Monday MXToolbox monitoring wold send an email that says something along the lines of “Everything is fine, IP has not been blacklisted anywhere for x amount of time”, but these last few weeks, emails come at any time and notify that I landed on a Ucprotect level2 black list, and they always leave instructions where to check for delisting.

They (MXToolbox) monitor a lot of blacklists for you, but l don’t get why would they be on a lookout for Ucprotect if they obviously extort people, unless some security systems actually use it.

Microsoft domains blacklist my entire range because it’s a VPS. All mail is rejected.

The system is rigged.

1 Like