@johnpoz said in My IP suddenly black listed - Who should I contact?:
I am sorry that bad people use vpns to do spam stuff.. Don't use them if you want to post on the forum is the only thing I can suggest.
When we see spammers using a known vpn network, or something that is not a normal user connection IP, like digital ocean or any other sort of hosting site - they normally get added to the block list, to prevent them or their buddies from using that network in the future to add more spam.
Tell you what - we will remove all the blocklists if you agree to watch the forums 24/7 and delete all the spam the minute its posted ;)
It sucks that we have to do this - but I don't think the typical user understands the amount of spam this site gets.. And how much more possible spam is prevented by the block list. If didn't clean it up and delete it as soon as seen or reported.. Nobody would want to use this forum, because it wouldn't be nothing but spam!
If you are having with a legit normal user ISP network, please let us know and be happy to remove the block and deal with some extra spam.. But known vpn type IPs are just spam networks.. We do not go out of our way to block them - but when we see spam coming from them, yes they are added to the block list..
I understand and agree with most that You wrote here. And appreciate the passion, customer care and patience!
But anyway, there would be more and more peoples who using true VPNs or proxy-VPNs (like CloudFlare) to secure or speed up their internet connection.
And the same time more and more spammers using cloud-based platforms like Amazon, Azure to create VPS server with spamming bots, acting thru the 3rd side VPN services/proxies, and than kill this virtual VPS server. They create hundreds of thousands in a day.
Automatically, by schedule, with help of orchestration tools like Ansible, Terraform, k8,… for a very small amount of money.
What You doing with this automated enemy giant as user forum Security Admin?
Banning all Amazon S3 public IPs? Banning all CloudFlare public IPs? Doing this day-by-day manually by tweaking Snort/Suricata paid rules?
May be better to:
cut off all non-democracy countries (like Iran, china, russia, etc…);
use Suricata/Snort payed rules;
upgrade forum engine to recognize the bots and make permanent block (even Joomla & Wordpress have a lot of extensions to automate this procedure);
Instead of banning any addresses from most famous service provider, like CloudFlare. (Here I need to note, that Netgate already have a numbers of blog post’s about integration pfSense & CloudFlare. So, this legitimate CloudFlare as trusted service for pfSense users. And of course many of them sometime starting to use WARP/WARP+ service from the CloudFlare. And…ups! Unwanted banned on official pfSense user forum…).
Is this a right way of “world's leading firewall, router, and VPN solution for network edge and cloud secure networking. With millions of installations worldwide…” as Netgate wrote in their blog?
Where am I wrong? :))
