same shit here: Dear User, We are contacting you because of unusual activity coming from your IP address towards the IT infrastructure of the European Commission. In specific, since 03/10/2016, IP addresses 95.85.45.159 & 104.236.225.19 of Digital Ocean, located in the Netherlands (NL) and the USA respectively, have submitted a significantly large number of invalid VAT number requests as compared to the total number of requests (89,59% & 89,96% respectively) towards VAT numbers from a multiple of EU member States (MS) through the VIES on the Web service (http://ec.europa.eu/taxation_customs/vies/). For more information on Invalid VAT number requests please refer to FAQ, questions 7, 11, 12, 13 and 20 of the VIES on the WEB site (http://ec.europa.eu/taxation_customs/vies/faq.html). The scope of our team is to monitor on a daily basis the performance of the VIES-on-the-Web (VoW) service in order to ensure its performance in accordance with the standards agreed upon between EU's Directorate General for Taxation and Customs Union (DG TAXUD) and the EU Member States. Our objective is to secure constant and uninterrupted availability and flow of traffic (requests for VAT validation) at all times. Under this framework, our team intervenes whenever there is out of the ordinary, unusual and potentially suspicious use of the system that violates the rules of use as they are stated in the Specific disclaimer for this service, which is available at the VoW site (http://ec.europa.eu/taxation_customs/vies/disclaimer.html). Consequently, in order to allow flawless use of the service, we were obliged to block the access to VIES on the Web for the IP address 88.198.110.130. Following our action, we would like to know if you are aware of this situation. Furthermore, your cooperation and contribution is necessary in order to determine the reason for this occurrence. Please inform us if this behaviour is normal and if such, how often it should occur; we would then take action to unblock the traffic coming from the corresponding IP address assuming you will agree to follow a set ITSM VIES/Web Team "ITSM2 is a contracted support partner for the IT Service Management of the European Commission. This e-mail is a reply to your message sent to the taxud-vies...@ec.europa.eu<mailto:taxud-vies...@ec.europa.eu> e-mail. Answers provided by the contactor are on behalf and according to policy guidelines of DG TAXUD, but not binding for the European Commission."
I am so done with it, I added ExitPolicy reject 147.67.136.103 # TAX SPAM ExitPolicy reject 147.67.136.21 # TAX SPAM ExitPolicy reject 147.67.119.103 # TAX SPAM ExitPolicy reject 147.67.119.3 # TAX SPAM ExitPolicy reject 147.67.136.3 # TAX SPAM ExitPolicy reject 147.67.119.21 # TAX SPAM Thats going on for months now and by all means, this is not free speech ... Markus. 2016-10-04 17:42 GMT+02:00 pa011 <pa...@web.de>: > Am 04.10.2016 um 16:48 schrieb krishna e bera: >> On 04/10/16 08:48 AM, pa011 wrote: >>> One of my main ISP is going mad with the number of abuses he gets from my >>> Exits (currently most on port 80). >>> He asks me to install "Intrusion Prevention System Software" or shutting >>> down the servers. >> >> You can first ask him for a copy of the complaints in order to >> understand what sort of alleged abuses are taking place. Are the >> complaints about spam or scraping or web server exploits or something else? > > I do get a copy of every complaint - they are unfortunately: > > - Http browser intrucion - > /var/log/apache2/other_vhosts_access.log:soldierx.com:80 xxx.xxx.xxx.xxx - - > [30/Sep/2016:11:14:34 -0400] "HEAD / HTTP/1.0" 302 192 "-" "Mozilla/5.0 > (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12" > > - invalid VAT number requests > > -recorded connection attempt(s) from your hosts to our honeypots > > - Issue: Source has attempted the following botnet activity: Semalt Referrer > Spam Tor Exit Bot > > - botnet drone|Description: Ramnit botnet victim connection to sinkhole > details, > > - attackers used the method/service: *imap* > >> You can change your exit policy to reduce likelihood of complaints: >> https://blog.torproject.org/blog/tips-running-exit-node > > I know, but I hardly like to block port 80 > >>> As far as I understand implementing such a software is not going together >>> with Tor - am I right? >> >> If your exit nodes tamper with traffic in any way they will be labelled >> as Bad Exit. (Tor tries to be net neutral.) >> https://trac.torproject.org/projects/tor/wiki/doc/badRelays >> >> >> _______________________________________________ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > _______________________________________________ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
