Godaddy IP Blocks - what the heck ?!

[ Enlarge Image ]

<< Back

Posted: 2006/08/18 by: fcruz. Industry comments.

As I said earlier, this space is used from time to time to vent my frustration, and I do hope this article does reach (someday) the proper individuals so I can get heard. Godaddy, what is the matter with your unfair ip blocks ?

As I mention on my homepage, I have a webhosting company in Costa Rica, at the time I wrote this article, we host something over 650 websites on our small datacenter on San Jose Costa Rica. As you can imagine, for a small webhosting company it is very important that our email gateways are not blocked cause basically email is a critical service for our clients.

Our company ( Admintek.net ) although small in comparison with the monsters out there, is a serious company that has invested in serious equipments for security (watchguard) , routing (cisco) , servers (dell & solaris) and we take pride on our aproach ... simply we are no cheap bastards when referring about infrastructure.

With this in mind, as you must be aware, we also battle day by day to avoid our servers getting hacked, although sometimes a small clients mistake can cause you huge headaches like a simple vulnerable mail form, we are really proactive and try to mantain all these situations to a minimum, we dont want AOL blocks ... or in this case Godaddy blocks.

Sadly enough, around a week and a half from today, a considerable amount of clients started to make complains about rejected emails when they were emailing certain addresses. After some basic checking ... guess what? godaddy had blocked us !!!

I wasnt happy .... look at the response our clients were receiving:

                                                      

                                                      unblock@godaddy.com
                                                      
    SMTP error from remote mail server after RCPT TO:<unblock@godaddy.com>:
    host smtp.secureserver.net [64.202.166.12]: 553 Attack detected from pool 196.40.83.138. <http://unblock.secureserver.net/?ip=196.40.83.*>

After seeing this I ask Godaddy the following question:

Why in the world are you people making pool blocks ? , I think is too arbitrary not to mention UNFAIR !!!

Ill explain you why. On the response above it clearly states that there was an attack detected from ip or pool 196.40.83.138, well, let me explain this to you, not all ip pools belong to the same clients !

The ip pool on question above is managed by Racsa, which in our case is our fiber optics and connectivity provider, we handle 4 different networks and one of these is the ip range that goes from 196.40.83.64 to 196.40.83.96 , just by this basic explanation I think its clear that blocking the ip pool you blocked a few days ago is totally unfair.
For example there is a huge Costa Rican pharmaceutical company called Stein Labs under the same block , so does it really make sense to punish all of us for someone elses mistake ???

NO I DONT THINK SO

To make things worse, I tried after 8 emails and 4 phone calls to rectify the situation, and you people on godaddy have the strange policy that you will only unblock an ip address where port 25 is responding, meaning that its a mail server.

I tried to explain on numerous ocasions that certain companys relay their emails using NAT (network address translation) , which means that even though my mail server might have the ip address 1.1.1.1 it might be sending its email through a gateway that could be a firewall or other device that has a different ip like 1.1.1.2

NAT ... so widely used, but it seems that for godaddy support, that remains like a hidden secret, nobody wants to understand what it is. Sadly enough our clients need to email some other people that decided to use the godaddy inexpensive services, yes your services Mr. Bob Parsons are widely used, and yes I understand how difficult it is to mantain a network clean of attackers, but blocking ip addresses from other networks in such a radical way like you are doing with ip pool blocks is extreme and like I said too unfair.

Somehow you decided that this ip pool is a dial up pool incorrectly .... IT IS NOT A DIAL UP POOL!

We have proper dns records which you can test by running a simple command like: host 196.40.83.73 to find out it points to x5000.admintekgw.com which is one of our gateways, so im puzzled, what is going on people at godaddy?

I received the following response from your support:

The block we received is wrong & unfair, and as im sure your policies seem to be so extreme, im sure a lot of other people have suffered, or are suffering from these abusive ip pool blocks.

I urge you to recheck your policies towards this, you are literally affecting innocent companies and people because of this, needless to say ive been a loyal godaddy domain buyer for years. We all face the same threats, the same battles with those damn spam bots and hackers, but the answer is not to leave the rest of the world outside your doors .... no Mr Parsons.

Today , our main gateways have been unblocked by Godaddys support staff after making an escalation of the issue, but the ip pool block remains on dozens of our ip addresses, even unused ones.

Why the panic Godaddy ?

I hope this note may reach you guys at some point.

Felipe

Share This Blog |

Trackback URL |

0 comments. Be the first!

Posted: