BrianHarrison
Member
Given that a massive percentage of CC's IPs are perma-blacklisted, I'd imagine that no one who needs to send legitimate e-mail would ever consider hosting with them.
Colocrossing Achieves Top 5 Rank
- Thread starter drmike
- Start date
Unfortunately not so. Otherwise you wouldn't see the threads about people trying to send email ask for help.
DomainBop
Dormant VPSB Pathogen
The company at the top of the list Softbank would fit that description of "a real ISP" perfectly: one of the largest telecoms//mobile providers/ISPs in the world (not to mention one of the largest data center owners/operators). $64.8 billion (6.6 trillion Yen) revenue in FY2013 and projections are for $71 billion this year. They have literally over 100 million customers (they also own 80% of Sprint in the US). It's not surprising that they (or companies like China Unicom/China Telecom) would rank near the top in Spamhaus' worst list which ranks by total SBLs.
What is surprising is that a tiny little company from the sticks with a (self)projected $12 million in revenues has over 5 times more total IP addresses blacklisted than a giant like Softbank.
edited to add:
Biloh has been whining that Spamhaus doesn't understand the "commodity budget cloud VPS market bla bla bla" so here's a comparison: ColoCrossing vs Hetzner (Hetzner is a budget dedi provider that counts many VPS providers among its customers, its server prices not counting IPs are cheaper than CC, Hetzner's size makes CC look like a fleaspeck, etc.)
ColoCrossing 43 SBL's totalling 460K blacklisted IPs (oldest open SBL is from February)
Hetzner 1 SBL totalling 1 blacklisted IP http://www.spamhaus.org/sbl/listings/hetzner.de (oldest open SBL is from today.)
Last edited by a moderator:
drmike
100% Tier-1 Gogent
Same shit, different day... Shame.... You'd think they'd cut the comedy, lock down the circus clowns, nut stomp their downstream shit operations. Nah, instead they continue to shit their pants in public.
Time to change the soiled diapers on the toddlers in Buffalo.
This:
http://www.spamhaus.org/sbl/query/SBL235654
Says, in part:
"Colocrossing/VelocityServer has been for many, many months a continuous and unstoppable source of spam for massive and well-known (often ROKSO) spam operations.
We strongly invite Spamhaus users to distrust any SMTP connection coming from this and any other network allocation controlled by this entity.
The following is a transcript of one of the latest communications exchanged with this ISP, after months and months during which massive spam sources on their network have been listed, notified and claimed removed by the ISP, only to pop up again on another portion of their network.
We're reporting it here as we believe it synthesizes the problem quite clearly:"
Time to change the soiled diapers on the toddlers in Buffalo.
This:
http://www.spamhaus.org/sbl/query/SBL235654
Says, in part:
"Colocrossing/VelocityServer has been for many, many months a continuous and unstoppable source of spam for massive and well-known (often ROKSO) spam operations.
We strongly invite Spamhaus users to distrust any SMTP connection coming from this and any other network allocation controlled by this entity.
The following is a transcript of one of the latest communications exchanged with this ISP, after months and months during which massive spam sources on their network have been listed, notified and claimed removed by the ISP, only to pop up again on another portion of their network.
We're reporting it here as we believe it synthesizes the problem quite clearly:"
I had a bet with someone about the latest /17 listings. I mentioned that since the /15's went in place that we'd see an increase in spam from new ranges and sure enough, /24's, /22's, etc, have been leased out of the 192's.
They've already had spam on some very legacy space like their 75.x range (that range was fresh/virgin when Buffalo turned up since I had a /30 in there). They even had spam on some non CC owned IP space which is very iffy. I'm hoping the non CC space was just a dedi getting rooted but that's just bad luck.
Francisco
drmike
100% Tier-1 Gogent
I did notice at least ONE Spamhaus entry for ServerCentral that was due to ColoCrossing / Velocity / from IPs delegated to them.
It's so bad at CC.... (joke)... How bad is is it? It's so bad that ChicagoVPS is resorting to using ServerCentral's IPs:
From a recent shill-a-rama email sales offer:
Received: from [66.225.195.186] (port=54529 helo=www.chicagovps.net)
by 1317cc-xeon.colocrossing.com with esmtpa (Exim 4.82)
(envelope-from <[email protected]>)
whois 66.225.195.186 ?????
Code:
NetRange: 66.225.192.0 - 66.225.255.255
CIDR: 66.225.192.0/18
OriginAS:
NetName: SCN-2
NetHandle: NET-66-225-192-0-1
Parent: NET-66-0-0-0-0
NetType: Direct Allocation
RegDate: 2003-06-10
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-66-225-192-0-1
OrgName: Server Central Network
OrgId: SCN-18
Address: 111 W. Jackson Blvd.
Address: Suite 1600
City: Chicago
StateProv: IL
PostalCode: 60604
Country: US
RegDate: 2002-03-05
Updated: 2013-03-25
Ref: http://whois.arin.net/rest/org/SCN-18
ReferralServer: rwhois://rwhois.servercentral.net:4321
OrgAbuseHandle: ABUSE1669-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-312-829-1111
OrgAbuseEmail: [email protected]
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE1669-ARIN
OrgTechHandle: NETWO1779-ARIN
OrgTechName: Network Operations
OrgTechPhone: +1-312-829-1111
OrgTechEmail: [email protected]
OrgTechRef: http://whois.arin.net/rest/poc/NETWO1779-ARIN
OrgNOCHandle: NETWO1779-ARIN
OrgNOCName: Network Operations
OrgNOCPhone: +1-312-829-1111
OrgNOCEmail: [email protected]
OrgNOCRef: http://whois.arin.net/rest/poc/NETWO1779-ARIN
RTechHandle: NETWO1779-ARIN
RTechName: Network Operations
RTechPhone: +1-312-829-1111
RTechEmail: [email protected]
RTechRef: http://whois.arin.net/rest/poc/NETWO1779-ARIN
RNOCHandle: NETWO1779-ARIN
RNOCName: Network Operations
RNOCPhone: +1-312-829-1111
RNOCEmail: [email protected]
RNOCRef: http://whois.arin.net/rest/poc/NETWO1779-ARIN
RAbuseHandle: ABUSE1669-ARIN
RAbuseName: Abuse Department
RAbusePhone: +1-312-829-1111
RAbuseEmail: [email protected]
RAbuseRef: http://whois.arin.net/rest/poc/ABUSE1669-ARIN
# end
# start
NetRange: 66.225.194.0 - 66.225.195.255
CIDR: 66.225.194.0/23
OriginAS: AS36352
NetName: SCNET-66-225-194-0-23
NetHandle: NET-66-225-194-0-1
Parent: NET-66-225-192-0-1
NetType: Reallocated
RegDate: 2010-06-09
Updated: 2010-06-09
Ref: http://whois.arin.net/rest/net/NET-66-225-194-0-1
OrgName: ColoCrossing
OrgId: VGS-9
Address: 8469 Sheridan Drive
Address: ATTN: ARIN
City: Williamsville
StateProv: NY
PostalCode: 14221
Country: US
RegDate: 2005-06-20
Updated: 2012-01-10
Ref: http://whois.arin.net/rest/org/VGS-9
OrgAbuseHandle: ABUSE3246-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-800-518-9716
OrgAbuseEmail: [email protected]
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE3246-ARIN
OrgTechHandle: NETWO882-ARIN
OrgTechName: Network Operations
OrgTechPhone: +1-800-518-9716
OrgTechEmail: [email protected]
OrgTechRef: http://whois.arin.net/rest/poc/NETWO882-ARIN
OrgNOCHandle: VIALA-ARIN
OrgNOCName: Vial, Alex
OrgNOCPhone: +1-716-335-9628
OrgNOCEmail: [email protected]
OrgNOCRef: http://whois.arin.net/rest/poc/VIALA-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# http://www.arin.net/public/whoisinaccuracy/index.xhtml
#
Found a referral to rwhois.servercentral.net:4321.
%rwhois V-1.5:002080:00 rwhois.servercentral.net (Reflected::RWhoisD 0.0.2)
network:Class-Name:network
network:Auth-Area:66.225.192.0/18
network:ID:NET-66-225-194-0-1579
network:Handle:NET-66-225-194-0-1579
network:IP-Network:66.225.194.0/23
network:IP-Network-Block:66.225.194.0 - 66.225.195.255
network:Name:Velocity Servers
network:Street-Address:8185 Sheridan Dr
network:City:Williamsville
network:State:NY
network:Country-Code:US
network:Tech-Email:[email protected]
network:Tech-Phone:800-518-9716 x101
network:Abuse-Email:[email protected]
network:Abuse-Phone:800-518-9716 x101
network:Created:20090319
network:Updated:20130809I'm not sure why they'd use their own mailservers still when delivery rates are poor unless you spend the time/cash to get whitelisted.
If you push a lot of mail it's worth it to just get Amazon SES. They charge by the GB and since it's purely text you'll get a serious amount of email out for super cheap (< $10/m).
Fran
If you push a lot of mail it's worth it to just get Amazon SES. They charge by the GB and since it's purely text you'll get a serious amount of email out for super cheap (< $10/m).
Fran
DomainBop
Dormant VPSB Pathogen
That IP is clean but in the same /23 range there are Spamhaus XBL's (xbl - infected with worms, trojans, etc and part of a botnet) and barracuda blocks. http://rbls.org/66.225.195.194
edit: CVPS is sending email to their customers from a friggin' game server? There are several Google listings for various games on different ports on that IP.
drmike
100% Tier-1 Gogent
But all the young boys love Man-drill.
Unsure why Faboozle is using said upstream mail server directly. Cause I suspect something changed in July-August.
Back in July such spamtastic offers were NOT being brodcast from ServerCentral directly:
Received: from pmta05.wdc01.mailchimp.com (127.0.0.1) by mail6.wdc04.mandrillapp.com id hqrp721
Path I see simply was mailchimp through July, then suddenly these offers going via ServerCentral on IP issued to CC with no SWiP to CVPS.
Guess I should presume that's when Biloh booted Fab and started directly sending the offers out.
