North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Cleaning up (was: NANOG Spam)?
- From: William Allen Simpson
- Date: Sun Jul 09 13:57:41 2006
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=OCwIPRZlGU08/DYWggCMAjPrHXp2cR/AhWMTyycDHmYtIG73ayHm4LuJV4+A74ia17+TR0J86OMCAgAXTdHEsGUib7xS7Nh/6K7L3ijQ9wL7v+ZXyBtsYSutjaJAc5mBbitDbmdAEX2g3DDtpmLBPpYZbBrv4s2iLqaH02HpmLw=
Given that we identified the abusive hosting, and the abusive spam source,
and sent messages to the abuse addresses, did anybody receive a response?
I did not! Three (3) days have elapsed.
It's time to clean up this particular miscreant.
It's time for the upstreams to turn off service.
These are recalcitrant hosters and spammers.
I've included the listed abuse addresses for the peers, and expect a
public response.
====
oarwind.info.
AS | IP | Registry | AS Name
6724 | 81.169.143.178 | ripencc | STRATO Strato AG
PEER_AS | IP | Registry | AS Name
1273 | 81.169.143.178 | ripencc | CW Cable _ Wireless
[email protected]
<http://www.ripe.net/fcgi-bin/[email protected]&form_type=simple>
5430 | 81.169.143.178 | ripencc | FREENETDE freenet Cityline Gmb
[email protected]
====
spam sender:
AS | IP | AS Name
29119 | 84.232.124.32 | SERVIHOSTING-AS ServiHosting N
PEER_AS | IP | AS Name
6739 | 84.232.124.32 | ONO-AS Cableuropa - ONO
[email protected]
====
William Allen Simpson wrote:
Allen Parker wrote:
Just my .02, emails to [email protected] (HA! like i'll get a
response!) and [email protected] (not expecting a response from
this one either) have been sent. Anybody else feel like telling these
folks that they've got spammers on their networks?
I sent to [email protected] about the spam source.
And also to [email protected] Also tried [email protected]
The spam beneficiary was, of course, a US entity pretending to be from
Germany, with a throwaway obscured Yahoo address:
Domain Name:OARWIND.INFO
...
Tech Name:Audrey Pokela
Tech Organization:Audrey Pokela
Tech Street1:2940 115 Ave NW
Tech Street2:
Tech Street3:
Tech City:COON RAPIDS
Tech State/Province:MN
Tech Postal Code:55433
Tech Country:US
Tech Phone:+1.7634272392
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:[email protected]
Name Server:NS1.RENTSHELL.INFO
Name Server:NS2.FORTWALK.INFO
Name Server:NS1.BUSITEEN.INFO
Name Server:NS2.SPOLF.INFO
oarwind.info.
AS | IP | Registry | AS Name
6724 | 81.169.143.178 | ripencc | STRATO Strato AG
PEER_AS | IP | Registry | AS Name
1273 | 81.169.143.178 | ripencc | CW Cable _ Wireless
5430 | 81.169.143.178 | ripencc | FREENETDE freenet Cityline Gmb
inetnum: 81.169.128.0 - 81.169.143.255
netname: STRATO-RZG-DED
descr: Strato Rechenzentrum, Berlin
country: DE
admin-c: CM265-RIPE
tech-c: XX1-RIPE
tech-c: WB14-RIPE
remarks: ******************************************************
remarks: * please report spam/abuse/attaks
mailto:[email protected] *
remarks: * reports to other addresses will not be processed *
remarks: * please do not report simple portscans *
remarks: ******************************************************
status: ASSIGNED PA
mnt-by: STRATO-RZG-MNT
mnt-lower: STRATO-RZG-MNT
mnt-routes: STRATO-RZG-MNT
|