Jas0n99
commented
4 years ago http://iplists.firehol.org/?ipset=firehol_level4 About firehol_level4 An ipset made from blocklists that track attacks, but may include a large number of false positives. (includes: blocklist_net_ua botscout_30d cruzit_web_attacks cybercrime haley_ssh iblocklist_hijacked iblocklist_spyware iblocklist_webexploit ipblacklistcloud_top iw_wormlist malwaredomainlist)
The list is just a set made from other block lists (mentioned above)... You will have to dig through all of those to find your IPs and contact the individual list owners to get removed...
I looked at a few of them, and while some have individual IPs listed, I think the /14 block is coming from: iblocklist_hijacked - Hijacked IP Block(SH):5.180.0.0-5.183.255.255
Hello,
Last year we bought a new IP range 5.182.148.0/22 for our online service, but in quite short time we found out that something smells with them.They are a part of range 5.180.0.0/14 listed in firehol_level4 since 03/2019 probably as a result of illegal activities of previous owner.
Now days we are solving the issue how to delist them because it is causing us many troubles when trying to use them for email communication – receiving a feedback: RCVD_ILLEGAL_IP Received: contains illegal IP address and deliverability is bad. Due the fact they are not listed in any other official blacklist/blocklist and slowly increasing traffic on them is not helping as expected, we think the main reason is due the listing in firehol_level4.
could anybody help us to delist them? Is it possible to divide the blocked range 5.180.0.0/14 and make an exception for our range 5.182.148.0/22?
Thank you very much for any help. Ondrej