CBL listings broken down by ISP
Chris Lewis of Nortel recently posted a breakdown of CBL listings by ISP in news.admin.net-abuse.email. Here's the top ten of his listing:
375649 chinanet.cn.net 130245 cnc-noc.net 102931 telekom.gov.tr 80936 kornet.net 67721 tpnet.pl 51671 dtag.de 47246 rain.fr 33678 interbusiness.it 33500 hananet.net 28433 hinet.net
The article itself can be found here (Message-ID <firstname.lastname@example.org>), and is worth reading for the full list.
The resulting subthread suggested that US-based ISPs are so low in the listings because many of them have blocks on outgoing port 25 connections from cablemodem and home DSL lines.
I'm a bit surprised by the list; I had no idea China was so bad (note that cnc-noc.net is Chinese), or that Turkey would be in third place. dtag.de (Deutsche Telekom) doesn't surprise me at all, as I have a number of systems that have been slammed by a large and aggressive collection of open proxies in their t-dialin.net and t-ipconnect.de domains.
How to do TCP keepalives in Python
TCP keepalives are do-nothing packets the TCP layer can send to see if a connection is still alive or if the remote end has gone unreachable (due to a machine crash, a network problem, or whatever). Keepalives are not default TCP behavior (at least not in any TCP stack that conforms to the RFCs), so you have to specifically turn them on. (There are various reasons why this is sensible.)
In Python you can do this with the
.setsockopt() socket method,
socket.SO_KEEPALIVE option and setting a value of
integer 1. The only mystery is what the level parameter should be;
despite what you might guess, it is
socket.SOL_SOCKET. So a
complete code example is:
import socketdef setkeepalives(sck): sck.setsockopt(socket.SOL_SOCKET, \ socket.SO_KEEPALIVE, 1)
Various sources recommend turning keepalives on as soon as possible after you have the socket.
(Keepalives are only applicable to TCP sockets, so one might expect
SOL_TCP or at least
SOL_IP, but no; they are a generic socket
level option. Go figure.)
On Linux, you can control various bits of keepalive behavior by
setting the additional
SOL_TCP integer parameters
defines them all in the
socket module. See the tcp(7) manpage for
details. The default values are found in
/proc/sys/net/ipv4 in the
tcp_keepalive_probes, and are fairly large.