spammer from outer space? (routing error)

• Previous message (by thread): 3561 policy meltdown overnight?
• Next message (by thread): spammer from outer space? (routing error)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I just caught this one:

2007-08-25 16:57:52 SMTP connection from [125.187.32.144]:45885 (TCP/IP connection count = 1)
2007-08-25 16:58:11 SMTP connection from [125.187.32.222]:52495 (TCP/IP connection count = 2)
2007-08-25 16:58:22 ident connection to 125.187.32.144 timed out
2007-08-25 16:58:25 no host name found for IP address 125.187.32.144

Traceroute says:

traceroute to 125.187.32.144 (125.187.32.144), 30 hops max, 40 byte packets
  1  krzach.peter-dambier.de (192.168.48.2)  1.112 ms   1.590 ms   1.774 ms
  2  * * *
  3  217.0.78.54  83.412 ms   83.446 ms   183.549 ms
  4  217.239.40.33  183.582 ms   190.061 ms   207.031 ms
  5  dt-gw.n54ny.ip.att.net (192.205.32.57)  207.000 ms * *
  6  * * *
  7  12.122.16.137  268.719 ms   275.778 ms   284.531 ms
  8  cr1.cgcil.ip.att.net (12.122.1.190)  209.032 ms   217.048 ms   223.948 ms
  9  12.122.17.130  229.927 ms   237.691 ms   245.808 ms
10  tbr1.sffca.ip.att.net (12.122.10.6)  252.838 ms   260.754 ms   269.676 ms
11  12.122.110.5  277.657 ms   576.902 ms *
12  * * *
13  * * *
14  203.255.234.221  357.076 ms   357.083 ms   372.057 ms
15  210.120.246.65  379.221 ms   395.135 ms   395.169 ms
16  210.120.117.6  410.197 ms 210.120.248.250  420.023 ms   427.029 ms
17  210.120.244.94  360.443 ms   360.451 ms 210.120.244.90  368.292 ms
18  210.120.104.146  389.240 ms 203.248.223.82  389.274 ms   746.508 ms
19  * * *
22  * * *
23  125.187.32.144(H!)  351.850 ms (H!)  359.870 ms (H!)  367.696 ms

But whois keeps telling me:

ReferralServer: whois://whois.apnic.net

NetRange:   125.0.0.0 - 125.255.255.255
CIDR:       125.0.0.0/8
NetName:    APNIC-125
NetHandle:  NET-125-0-0-0-1
Parent:
NetType:    Allocated to APNIC
Comment:    This IP address range is not registered in the ARIN database.
Comment:    For details, refer to the APNIC Whois Database via
Comment:    WHOIS.APNIC.NET or http://www.apnic.net/apnic-bin/whois2.pl
Comment:    ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment:    for the Asia Pacific region. APNIC does not operate networks
Comment:    using this IP address range and is not able to investigate
Comment:    spam or abuse reports relating to these addresses. For more
Comment:    help, refer to http://www.apnic.net/info/faq/abuse
RegDate:    2005-01-27
Updated:    2005-05-20

OrgTechHandle: AWC12-ARIN
OrgTechName:   APNIC Whois Contact
OrgTechPhone:  +61 7 3858 3100
OrgTechEmail:  search-apnic-not-arin at apnic.net


So I should never have seen a packet from them?


Kind regards
Peter and Karin
-- 
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
mail: peter at echnaton.arl.pirates
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
http://www.cesidianroot.com/

• Previous message (by thread): 3561 policy meltdown overnight?
• Next message (by thread): spammer from outer space? (routing error)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]