First, while your frustration is understandable, LQ is not the place for foul language and creative workarounds. Would you please edit your post to clean it it up.
By the title of your post, 'yes, it belonged in security', I assume you are referring to your other post
that was moved to networking? If so, would you please elaborate on the connection between these issues? At first glance they do not appear to be related, unless for some reason your traffic from T-Mobile is being blocked.
With respect to this post, and your t-mobile account, the first thing that you need to determine is if the IP in question, 220.127.116.11, is a static or dynamic IP. If it is dynamic, it is possible that the 'report' is not caused by your system or activity, in which case they will likely wind up with a rolling set of IP addresses being blocked. Second, keep in mind that mobile providers are a common resource used by those who wish to perform ill deeds which means that you are more likely to experience false positives.
Is the machine in question a server of some form? If so, and especially if it does have a static IP address you need to perform an investigation into whether or not your system IS responsible for the bot net traffic, which could be an indication of a potential compromise. One advantage to performing an analysis and information gathering investigation is that it would build evidence that you can use if you are not at fault.
With the above in mind, would you please elaborate on your situation, and provide details as to exactly what it is that is happening, how many machines are being effected and what their function is, etc. We can certainly help you resolve the issue, but you need to work calmly and methodically.