Cleaning up (was: NANOG Spam)?
William Allen Simpson
william.allen.simpson at gmail.com
Sun Jul 9 17:56:46 UTC 2006
Given that we identified the abusive hosting, and the abusive spam source,
and sent messages to the abuse addresses, did anybody receive a response?
I did not! Three (3) days have elapsed.
It's time to clean up this particular miscreant.
It's time for the upstreams to turn off service.
These are recalcitrant hosters and spammers.
I've included the listed abuse addresses for the peers, and expect a
public response.
====
oarwind.info.
AS | IP | Registry | AS Name
6724 | 81.169.143.178 | ripencc | STRATO Strato AG
PEER_AS | IP | Registry | AS Name
1273 | 81.169.143.178 | ripencc | CW Cable _ Wireless
abuse at cw.net
<http://www.ripe.net/fcgi-bin/[email protected]&form_type=simple>
5430 | 81.169.143.178 | ripencc | FREENETDE freenet Cityline Gmb
abuse at pppool.de
====
spam sender:
AS | IP | AS Name
29119 | 84.232.124.32 | SERVIHOSTING-AS ServiHosting N
PEER_AS | IP | AS Name
6739 | 84.232.124.32 | ONO-AS Cableuropa - ONO
jesus.diaz at ono.es
====
William Allen Simpson wrote:
> Allen Parker wrote:
>> Just my .02, emails to abuse at schlund.de (HA! like i'll get a
>> response!) and abuse at servihosting.es (not expecting a response from
>> this one either) have been sent. Anybody else feel like telling these
>> folks that they've got spammers on their networks?
>>
> I sent to abuse at servihosting.es about the spam source.
>
> And also to abuse at strato.de. Also tried abuse-server at strato.de.
>
> The spam beneficiary was, of course, a US entity pretending to be from
> Germany, with a throwaway obscured Yahoo address:
>
> Domain Name:OARWIND.INFO
> ...
> Tech Name:Audrey Pokela
> Tech Organization:Audrey Pokela
> Tech Street1:2940 115 Ave NW
> Tech Street2:
> Tech Street3:
> Tech City:COON RAPIDS
> Tech State/Province:MN
> Tech Postal Code:55433
> Tech Country:US
> Tech Phone:+1.7634272392
> Tech Phone Ext.:
> Tech FAX:
> Tech FAX Ext.:
> Tech Email:kjho6emb at yahoo.com
> Name Server:NS1.RENTSHELL.INFO
> Name Server:NS2.FORTWALK.INFO
> Name Server:NS1.BUSITEEN.INFO
> Name Server:NS2.SPOLF.INFO
>
>
> oarwind.info.
> AS | IP | Registry | AS Name
> 6724 | 81.169.143.178 | ripencc | STRATO Strato AG
>
> PEER_AS | IP | Registry | AS Name
> 1273 | 81.169.143.178 | ripencc | CW Cable _ Wireless
> 5430 | 81.169.143.178 | ripencc | FREENETDE freenet Cityline Gmb
>
> inetnum: 81.169.128.0 - 81.169.143.255
> netname: STRATO-RZG-DED
> descr: Strato Rechenzentrum, Berlin
> country: DE
> admin-c: CM265-RIPE
> tech-c: XX1-RIPE
> tech-c: WB14-RIPE
> remarks: ******************************************************
> remarks: * please report spam/abuse/attaks
> mailto:abuse-server at strato.de *
> remarks: * reports to other addresses will not be processed *
> remarks: * please do not report simple portscans *
> remarks: ******************************************************
> status: ASSIGNED PA
> mnt-by: STRATO-RZG-MNT
> mnt-lower: STRATO-RZG-MNT
> mnt-routes: STRATO-RZG-MNT
>
>
More information about the NANOG
mailing list