We've summarized here the information we consider relevant to help other networks to respond more effectively to the actions that our users might originate, intentionally or not. We also provide information about the measures we apply in order to reduce the amount of incidents that are against our terms of service.
Mail Servers
The mail servers that comprise the Cantv.net's mail platform, operate from IP addresses in the range 200.44.32/23. All of our mail servers have names such as:
rs??s??.datacenter.??.cantv.net.
Each server has an inverse record (IN PTR) pointing to its real name (left hand side of the IN A corresponding record).
Our servers are operated within the recommendations given in all applicable RFCs, specially RFC-2821 and RFC-2822, with the possible exception of the maximum queue time, due to the high volume of messages we handle every day.
Destinations showing a significant number of outgoing messages stuck in our queues, are treated specially in order to reduce the impact from our users in such destinations' platforms.
All messages sent by our users through our servers, are verified with an up-to-date anti-virus, to avoid the spreading of email-borne viruses and worms.
Dynamic IP Space
The dynamic IP space managed by Cantv.net is sent to the following mail filtering lists, each time significant changes in the assignment occur:
This allows other networks to discard direct SMTP connections comming out of our dynamic IP space, just as we do. For those networks that cannot use any of the above lists, our dynamic IP space is reproduced below in CIDR notation.
| 161.196.44/22 | 161.196.89/24 | 161.196.112/24 |
| 161.196.114/23 | 161.196.116/23 | 161.196.122/23 |
| 161.196.124/22 | 161.196.164/22 | 161.196.178/23 |
| 161.196.213.0/25 | 161.196.218/24 | 161.196.234.128/25 |
| 161.196.236/24 | 161.196.239/24 | 161.196.240/24 |
| 161.196.242/23 | 161.196.244/24 | 161.196.246/23 |
| 161.196.250/24 | 200.11.128/20 | 200.11.148/22 |
| 200.11.152/21 | 200.11.160/21 | 200.11.208/20 |
| 200.11.224/21 | 200.11.240/23 | 200.11.242/22 |
| 200.11.246/23 | 200.11.248/24 | 200.11.249/23 |
| 200.11.251/24 | 200.11.252/22 | 200.44.0/19 |
| 200.44.64/19 | 200.84.0/21 | 200.84.8/22 |
| 200.84.16/20 | 200.84.32/20 | 200.84.48/21 |
| 200.84.56/22 | 200.84.60/23 | 200.84.63/24 |
| 200.84.64/20 | 200.84.80/21 | 200.84.88/22 |
| 200.84.95/24 | 200.84.96/20 | 200.84.112/21 |
| 200.84.120/22 | 200.84.124/24 | 200.84.127/24 |
| 200.90.0/20 | 200.90.32/22 | 200.90.64/20 |
| 200.90.80/21 | 200.90.88/22 | 200.90.96/19 |
| 200.93.0/17 | 200.109.0/19 | 200.109.32/22 |
| 200.109.36/23 | 200.109.40/21 | 200.109.48/21 |
| 200.109.56/23 | 200.109.60/23 | 200.109.112/21 |
| 200.109.128/18 | 200.109.192/19 | 200.109.224/20 |
| 201.248/16 | 201.249.0/18 |
The rest of our IP space, is statically assigned and can be obtained by consulting the global BGP routing tables or using the WHOIS service. Please check this page periodically for updates and changes in the assignment of our IP space.
Anti Viral protection in our messaging platform
Cantv.net's email servers use the Clamav anti-virus to filter all inbound and outbound email, reducing the chances of infections to or from our users.
Additionally, Cantv.net restricts the traffic associated to inappropiate uses, such as exploiting vulnerabilities in operating systems like Microsoft® Windows. In some cases, the users can disable such restrictions at will.
SMTP (tcp/25) port restrictions
All users of our dialup services, are subject to blocking of outgoing traffic directed to the SMTP port (tcp/25). This avoids that computers infected with virus or worms that include their own SMTP engine, deliver their malicious payload.
All message deliveries must go through our servers, where a thorough anti virus check is performed.
Users of our ABA broadband services, are subject by default to the same rule. However, these users can disable this "Protección ABA" through the management interface we provide at http://oficina.cantv.net/.
Active vulnerability scans
Cantv.net, without additional cost to its users, continuously performs various security tests on its networks, to identify and notify vulnerabilities that might be exploited by third parties, against our customers.
For security reasons, Cantv.net does not divulge the sources of these random checks. However, our abuse management area will let you know in case any weaknesses are detected in your network.
Vulnerabilities found and notified by Cantv.net, are followed up on. If after a prudential time span the customer has not closed said vulnerabilities, Cantv.net will establish additional protective measures that prevent the abuse of the customer's resources, until the problem is properly resolved.
Security tests are restricted to direct customer of our access services. In no case Cantv.net will perform such checks against networks we do not provide connectivity for.
Incident Response
Cantv.net has a very strict position regarding abusive actions by its users. We only require your reports to contain the relevant information in an easy to manipulate format, as well as the necessary documentation.
Abuse complaints must be directed to abuse@cantv.net. We appreciate avoiding the use of HTML-encrypted email. You must include in your abuse reports, the logs associated to the incident you're reporting, along accurate date and time stamps.
In case or reports about spam originated within our networks, please send us the complete spam, with full, intact headers. It is acceptable that you remove from the headers, any information that might help single out the sender of the abuse report, as long as you keep the intact original message and are willing to present it as documentation in case Cantv.net so requests. Cantv.net does not believe in listwashing, so no single identifying data will be provided to the sender of the unwanted email.
Since abuse@cantv.net is protected by an anti-viral system, you may omit the virus or worm from the body of the abuse report, replacing it with the logs from your anti-virus tool.
As a bare minimum, users associated with the violation of our terms of service, receive a warning whose text is similar to the following (in spanish, our official language). Most users in this situation are unplugged from the network until the problem that caused the report is solved. Web resources and other services used to or in connection with spam, are also disconnected.
[...] El grupo de manejo de abuso ha recibido información que indica que el acceso a Internet que le suministramos o alguno de sus servicios conexos como las páginas web personales, servicios de hospedaje u otros, han sido usado de formas que violan las "Condiciones Generales de Uso" de Cantv.net (en adelante, CGU) o las políticas de uso aceptable de algún otro sitio en Internet. [...] El cumplimiento con nuestras CGU es obligatorio para todos los usuarios. Las CGU reflejan lo que hoy en día se consideran las mejores prácticas de la industria. Para fines de este indidente, puede asumir que los otros nodos de Internet con los que se comunica, tienen políticas similares. [...] Específicamente, debe asegurarse de no incurrir en ninguna conducta inapropiada de acuerdo a las CGU. Algunos ejemplos comunes de éstas conductas o actividades inapropiadas, se listan a continuación, aunque estas no son las únicas. * Actividad de origen viral: Consiste en [...] * Envío de mensajes masivos no solicitados: Consiste en [...] * Proxies públicos: Consiste en [...] * Búsqueda o explotación de vulnerabilidades: Se refiere a [...] [...] Ninguno de los productos o servicios que Cantv.net le proporciona, debe estar conectado a estas conductas. Por ejemplo, es una infracción de las CGU que el contenido servido desde su página web personal, forme parte o sea anunciado a través de spam. Entendemos que para algunos usuarios puede resultar difícil cumplir con su responsabilidad en la gestión apropiada de computadores que se conectan a Internet. Las medidas más efectivas con que puede contar para su protección, son las que siguen: [... Many useful recommendations ommited for space reasons ...] Dependiendo de la naturaleza y gravedad del incidente que nos fue reportado, es posible que su conexión a Internet u otro de los servicios que le prestamos, haya sido suspendida como medida para evitar que aumente el impacto causado por el incidente detectado. [...] En el caso de páginas web personales u otros servicios de hospedaje, el contenido puede haber sido removido para darle la oportunidad de revisarlo y volver a publicarlo, sin que éste incurra en las conductas violatorias de nuestras CGU que se mencionaron anteriormente. [...] SI UD. OPERA UN CYBER-CAFE, PUNTO DE CONEXION PUBLICO A INTERNET o RED LOCAL, debe saber que es responsable por lo que sus usuarios hacen con su conexión a Internet, al igual que Cantv.net de cierta forma lo es por lo que hacen todos sus usuarios. Por ello, debe asegurarse de contar con los controles necesarios para garantizar que desde ninguno de sus equipos se incurra en conductas contrarias a nuestras CGU. |
Since most users are reported because of involuntary infections, Cantv.net rarely terminates its relationship with these users immediately. However, when reincidence is found or a publically documented record exists, this situation is very carefully verified, on a case by case basis.
Local regulations forbid us from disclosing specific information about our users, including the cases in which they are involved in violations of the policies of other Internet nodes.
Public mail filtering lists
Cantv.net uses for its normal operation, a number of public mail filtering lists. This allows the rejection of email coming from sources questionable according to our own policies or the level of complaints caused among our users.
While we do not disclose explicitly which lists do we use and beside, we reserve the right to change them at any time, we have listed some of what we consider to be the most applicable lists, in no particular order.
DSBL - Distributed Server Boycott List
ORDB - Open Relay Database
Spamhaus - The Spamhaus Project
SORBS - Spam and Open Relay Blocking System
SPEWS - Spam Prevention Early Warning System
MAPS - Mail Abuse Prevention System
This does not mean that Cantv.net uses these lists in particular or not. However, our error messages usually show the specific list that caused the rejection.
