But you call me names.
ColoCrossing, Quick to Get Large IP Blocks Issued and Faster to Soil Them
No... spamhaus seems to have a shoot first ask questions later attitude when dealing with us.
We asked them for suggestions and methods they've found effective and they basically told us that we should block port 25 and stop accepting customers who want to send mail. Which makes about as much sense to me as shooting myself in the foot... Spam is a problem, but the solution shouldn't be turning legitimate clients away.
Actually the pressure came from our clients who want usable IP ranges. Literally it was like spamhaus flipped a switch and just decided we were evil and our networks were full of spam (prior to this month we'd had one listing in ~4 months? to my knowledge). Might also be that a few spammers decided our network was 'interesting' and started flocking to us... regardless they should be gone.
Anyway we'd like our own ranges, but it'd involve migrating everyone to new blocks which is an administrative and technical pain. We'll probably bite the bullet sometime around the end of this year.
Last edited by a moderator:
D. Strout
Resident IPv6 Proponent
Probably a good idea. It would serve several useful purposes. AFAIK, you guys are one of the few legit companies operating on CC's network. Switching to owned IP ranges would separate you from the rest of the crowd that are either shell companies or n00bs attracted by the artificially low prices. Obviously, you would benefit from being separate in the eyes of SpamHaus, and when you announce the switch you could take the opportunity to very clearly reiterate your policy as regards spammers.
Aldryic C'boas
The Pony
Your association with CC is to blame there. CC is well known for having shady 'sub companies' they rotate spammers through - so really with Spamhaus seeing you using CC IPs, it's only natural they assume that you're in on the spammer rotation as well. Blame the upstream for this one.
wlanboy
Content Contributer
Yup switching IPs is a pain and you will loose some customers because of the trouble.
But you should really get out of that mess.
DomainBop
Dormant VPSB Pathogen
Smart move but I wouldn't wait for the end of the year. .
That's due to your association with CC (i.e. you use their IPs) and because several of the spammers that rotate between a small handful of CC based providers (CVPS/123sys/HVH/ BlueVM/and CC unswiped range) have regularly been showing up in IPs assigned to you, and Spamhaus probably finds it strange that out of dozens (or is it hundreds) of providers using CC facilities almost all of the SPAM is concentrated in 4 providers.
If you want another example of why Spamhaus is cracking down on anything CC related take a look at this latest New Wave NetConnect /24 SBL. Every single usable IP in the /24 was being used for SPAM: http://www.spamhaus.org/sbl/query/SBL217391
=========
ColoCrossing CC-10 (NET-198-23-128-0-1) 198.23.128.0 - 198.23.255.255
New Wave NetConnect, LLC CC-198-23-198-0-24 (NET-198-23-198-0-1) 198.23.198.0 - 198.23.198.255
rDNS:
198.23.198.1 .
198.23.198.2 .
198.23.198.3 .
198.23.198.4 .
198.23.198.5 abduct.glaglaess.com.
198.23.198.6 abduct.yesercova.com.
198.23.198.7 ablest.glaglaess.com.
198.23.198.8 abound.glaglaess.com.
198.23.198.9 absurd.glaglaess.com.
198.23.198.10 abused.glaglaess.com.
198.23.198.11 abuser.glaglaess.com.
198.23.198.12 acetyl.glaglaess.com.
198.23.198.13 acquit.glaglaess.com.
198.23.198.14 acuity.glaglaess.com.
198.23.198.15 aculei.glaglaess.com.
198.23.198.16 acumen.glaglaess.com.
198.23.198.17 acuter.glaglaess.com.
198.23.198.18 adieux.glaglaess.com.
198.23.198.19 adjoin.glaglaess.com.
198.23.198.20 adjure.glaglaess.com.
198.23.198.21 adjust.glaglaess.com.
198.23.198.22 advent.glaglaess.com.
198.23.198.23 adverb.glaglaess.com.
198.23.198.24 advert.glaglaess.com.
198.23.198.25 advice.glaglaess.com.
198.23.198.26 advise.glaglaess.com.
198.23.198.27 afield.glaglaess.com.
198.23.198.28 agnize.glaglaess.com.
198.23.198.29 agonic.glaglaess.com.
198.23.198.30 aguish.glaglaess.com.
198.23.198.31 akimbo.glaglaess.com.
198.23.198.32 albino.glaglaess.com.
198.23.198.33 albite.glaglaess.com.
198.23.198.34 alcove.glaglaess.com.
198.23.198.35 alexin.glaglaess.com.
198.23.198.36 algoid.glaglaess.com.
198.23.198.37 alined.glaglaess.com.
198.23.198.38 almond.glaglaess.com.
198.23.198.39 almost.glaglaess.com.
198.23.198.40 ambush.glaglaess.com.
198.23.198.41 amebic.glaglaess.com.
198.23.198.42 amidst.glaglaess.com.
198.23.198.43 ampule.glaglaess.com.
198.23.198.44 amulet.glaglaess.com.
198.23.198.45 amused.glaglaess.com.
198.23.198.46 anemic.glaglaess.com.
198.23.198.47 anodic.glaglaess.com.
198.23.198.48 anomic.glaglaess.com.
198.23.198.49 anomie.glaglaess.com.
198.23.198.50 anthem.glaglaess.com.
198.23.198.51 anther.glaglaess.com.
198.23.198.52 anyhow.glaglaess.com.
198.23.198.53 apercu.glaglaess.com.
198.23.198.54 aplite.glaglaess.com.
198.23.198.55 aplomb.glaglaess.com.
198.23.198.56 arched.glaglaess.com.
198.23.198.57 arcing.glaglaess.com.
198.23.198.58 ardent.glaglaess.com.
198.23.198.59 argent.glaglaess.com.
198.23.198.60 argued.glaglaess.com.
198.23.198.61 argufy.glaglaess.com.
198.23.198.62 argyle.glaglaess.com.
198.23.198.63 arisen.glaglaess.com.
198.23.198.64 arming.glaglaess.com.
198.23.198.65 around.ostisniar.com.
198.23.198.66 arouse.ostisniar.com.
198.23.198.67 arpent.ostisniar.com.
198.23.198.68 artful.ostisniar.com.
198.23.198.69 ashore.ostisniar.com.
198.23.198.70 aspect.ostisniar.com.
198.23.198.71 aspire.ostisniar.com.
198.23.198.72 atonic.ostisniar.com.
198.23.198.73 atopic.ostisniar.com.
198.23.198.74 audile.ostisniar.com.
198.23.198.75 auklet.ostisniar.com.
198.23.198.76 auntie.ostisniar.com.
198.23.198.77 author.ostisniar.com.
198.23.198.78 autism.ostisniar.com.
198.23.198.79 avouch.ostisniar.com.
198.23.198.80 avowed.ostisniar.com.
198.23.198.81 aweigh.ostisniar.com.
198.23.198.82 awhile.ostisniar.com.
198.23.198.83 backed.ostisniar.com.
198.23.198.84 badger.ostisniar.com.
198.23.198.85 badmen.ostisniar.com.
198.23.198.86 bagmen.ostisniar.com.
198.23.198.87 bagnio.ostisniar.com.
198.23.198.88 bailed.ostisniar.com.
198.23.198.89 baited.ostisniar.com.
198.23.198.90 baling.ostisniar.com.
198.23.198.91 baling.ostisniar.com.
198.23.198.92 banged.ostisniar.com.
198.23.198.93 banged.ostisniar.com.
198.23.198.94 banger.ostisniar.com.
198.23.198.95 bangle.ostisniar.com.
198.23.198.96 banker.ostisniar.com.
198.23.198.97 banter.ostisniar.com.
198.23.198.98 bardic.ostisniar.com.
198.23.198.99 barged.ostisniar.com.
198.23.198.100 baring.ostisniar.com.
198.23.198.101 barite.ostisniar.com.
198.23.198.102 barmen.ostisniar.com.
198.23.198.103 barong.ostisniar.com.
198.23.198.104 barony.ostisniar.com.
198.23.198.105 barque.ostisniar.com.
198.23.198.106 baryon.ostisniar.com.
198.23.198.107 bashed.ostisniar.com.
198.23.198.108 basted.ostisniar.com.
198.23.198.109 bating.ostisniar.com.
198.23.198.110 batmen.ostisniar.com.
198.23.198.111 bawdry.ostisniar.com.
198.23.198.112 beachy.ostisniar.com.
198.23.198.113 beacon.ostisniar.com.
198.23.198.114 becalm.ostisniar.com.
198.23.198.115 beduin.ostisniar.com.
198.23.198.116 befoul.ostisniar.com.
198.23.198.117 behalf.ostisniar.com.
198.23.198.118 beluga.ostisniar.com.
198.23.198.119 berlin.ostisniar.com.
198.23.198.120 bestir.ostisniar.com.
198.23.198.121 bewail.ostisniar.com.
198.23.198.122 bezoar.ostisniar.com.
198.23.198.123 bicker.ostisniar.com.
198.23.198.124 bifold.ostisniar.com.
198.23.198.125 biform.ostisniar.com.
198.23.198.126 bijoux.ostisniar.com.
198.23.198.127 .
198.23.198.128 .
198.23.198.129 abduct.wariteawn.com.
198.23.198.130 abjure.wariteawn.com.
198.23.198.131 ablest.wariteawn.com.
198.23.198.132 abound.wariteawn.com.
198.23.198.133 absurd.wariteawn.com.
198.23.198.134 abused.wariteawn.com.
198.23.198.135 abuser.wariteawn.com.
198.23.198.136 acetyl.wariteawn.com.
198.23.198.137 acquit.wariteawn.com.
198.23.198.138 acuity.wariteawn.com.
198.23.198.139 aculei.wariteawn.com.
198.23.198.140 acumen.wariteawn.com.
198.23.198.141 acuter.wariteawn.com.
198.23.198.142 adieux.wariteawn.com.
198.23.198.143 adjoin.wariteawn.com.
198.23.198.144 adjure.wariteawn.com.
198.23.198.145 adjust.wariteawn.com.
198.23.198.146 advent.wariteawn.com.
198.23.198.147 adverb.wariteawn.com.
198.23.198.148 advert.wariteawn.com.
198.23.198.149 advice.wariteawn.com.
198.23.198.150 advise.wariteawn.com.
198.23.198.151 afield.wariteawn.com.
198.23.198.152 agnize.wariteawn.com.
198.23.198.153 agonic.wariteawn.com.
198.23.198.154 aguish.wariteawn.com.
198.23.198.155 akimbo.wariteawn.com.
198.23.198.156 albino.wariteawn.com.
198.23.198.157 albite.wariteawn.com.
198.23.198.158 alcove.wariteawn.com.
198.23.198.159 alexin.wariteawn.com.
198.23.198.160 algoid.wariteawn.com.
198.23.198.161 alined.wariteawn.com.
198.23.198.162 almond.wariteawn.com.
198.23.198.163 almost.wariteawn.com.
198.23.198.164 ambush.wariteawn.com.
198.23.198.165 amebic.wariteawn.com.
198.23.198.166 amidst.wariteawn.com.
198.23.198.167 ampule.wariteawn.com.
198.23.198.168 amulet.wariteawn.com.
198.23.198.169 amused.wariteawn.com.
198.23.198.170 anodic.yesercova.com.
198.23.198.171 anomic.yesercova.com.
198.23.198.172 anomie.yesercova.com.
198.23.198.173 anthem.yesercova.com.
198.23.198.174 anther.yesercova.com.
198.23.198.175 anyhow.yesercova.com.
198.23.198.176 apercu.yesercova.com.
198.23.198.177 aplite.yesercova.com.
198.23.198.178 aplomb.yesercova.com.
198.23.198.179 arched.yesercova.com.
198.23.198.180 arched.yesercova.com.
198.23.198.181 arcing.yesercova.com.
198.23.198.182 ardent.yesercova.com.
198.23.198.183 argent.yesercova.com.
198.23.198.184 argued.yesercova.com.
198.23.198.185 argufy.yesercova.com.
198.23.198.186 argyle.yesercova.com.
198.23.198.187 arisen.yesercova.com.
198.23.198.188 arming.yesercova.com.
198.23.198.189 armlet.yesercova.com.
198.23.198.190 around.yesercova.com.
198.23.198.191 arouse.yesercova.com.
198.23.198.192 arpent.yesercova.com.
198.23.198.193 artful.yesercova.com.
198.23.198.194 ashore.yesercova.com.
198.23.198.195 aspect.yesercova.com.
198.23.198.196 aspire.yesercova.com.
198.23.198.197 atonic.yesercova.com.
198.23.198.198 atopic.yesercova.com.
198.23.198.199 audile.yesercova.com.
198.23.198.200 auklet.yesercova.com.
198.23.198.201 auntie.yesercova.com.
198.23.198.202 author.yesercova.com.
198.23.198.203 autism.yesercova.com.
198.23.198.204 avouch.yesercova.com.
198.23.198.205 avowed.yesercova.com.
198.23.198.206 aweigh.yesercova.com.
198.23.198.207 awhile.yesercova.com.
198.23.198.208 backed.yesercova.com.
198.23.198.209 badger.yesercova.com.
198.23.198.210 badmen.yesercova.com.
198.23.198.211 bagmen.yesercova.com.
198.23.198.212 bailed.diorriait.com.
198.23.198.213 baited.diorriait.com.
198.23.198.214 baling.diorriait.com.
198.23.198.215 balked.diorriait.com.
198.23.198.216 banged.diorriait.com.
198.23.198.217 banger.diorriait.com.
198.23.198.218 bangle.diorriait.com.
198.23.198.219 banker.diorriait.com.
198.23.198.220 banter.diorriait.com.
198.23.198.221 bardic.diorriait.com.
198.23.198.222 barged.diorriait.com.
198.23.198.223 baring.diorriait.com.
198.23.198.224 barite.diorriait.com.
198.23.198.225 barmen.diorriait.com.
198.23.198.226 barong.diorriait.com.
198.23.198.227 barony.diorriait.com.
198.23.198.228 barque.diorriait.com.
198.23.198.229 baryon.diorriait.com.
198.23.198.230 bashed.diorriait.com.
198.23.198.231 basted.diorriait.com.
198.23.198.232 bating.diorriait.com.
198.23.198.233 batmen.diorriait.com.
198.23.198.234 bawdry.diorriait.com.
198.23.198.235 beachy.diorriait.com.
198.23.198.236 beacon.diorriait.com.
198.23.198.237 becalm.diorriait.com.
198.23.198.238 beduin.diorriait.com.
198.23.198.239 befoul.diorriait.com.
198.23.198.240 behalf.diorriait.com.
198.23.198.241 beluga.diorriait.com.
198.23.198.242 bestir.diorriait.com.
198.23.198.243 bewail.diorriait.com.
198.23.198.244 .
198.23.198.245 bewail.diorriait.com.
198.23.198.246 bezoar.diorriait.com.
198.23.198.247 bicker.diorriait.com.
198.23.198.248 bifold.diorriait.com.
198.23.198.249 biform.diorriait.com.
198.23.198.250 bijoux.diorriait.com.
198.23.198.251 bilked.diorriait.com.
198.23.198.252 binder.diorriait.com.
198.23.198.253 binged.diorriait.com.
198.23.198.254 biopsy.diorriait.com.
@DomainBop
What it sounds like to me is that they have constant RDNS pulls coming off CC's nameservers.
They likely have their own mailtraps but I know when I wrote my RDNS scraper it was hitting
just tons of huge subnets sold for that purpose. There was multiple full /20's sold for
spam and it was obvious.
Francisco
What it sounds like to me is that they have constant RDNS pulls coming off CC's nameservers.
They likely have their own mailtraps but I know when I wrote my RDNS scraper it was hitting
just tons of huge subnets sold for that purpose. There was multiple full /20's sold for
spam and it was obvious.
Francisco
Last edited by a moderator:
drmike
100% Tier-1 Gogent
I feel for BlueVM... Simple solution in theory is just doing what cPanel and other shared hosting does, but at a VPS / upper level -- iptables perhaps? and limit the number of SMTP outbound operations per hour.
By doing such, won't be appealing to mass spam operations and damages will be capped at threshold per interval (example: 100 sends per hour)
By doing such, won't be appealing to mass spam operations and damages will be capped at threshold per interval (example: 100 sends per hour)
flvhosting
New Member
A year old thread and I get BluVM spam ALLL the time and from colocrossing. From sites just set up with email programs
Received: from essessoverseas.net (HELO server.essessoverseas.net) (192.210.214.32)X-PHP-Originating-Script: 0:email.php
what needs to happen is the peering needs petitioned to cut them off from the web entirely
Munzy
Active Member
That is why someone built this lovely app for nulling there whole asn. https://www.enjen.net/asn-blocklist/index.php?asn=AS36352&type=ipblackhole Enjoy!