ColoCrossing, Quick to Get Large IP Blocks Issued and Faster to Soil Them

[HaitiBrother]

We're pushing for ColoCrossing to get this resolved ASAP .. it's affecting one of our customers as well and we aren't even spammer-friendly.

*laughs*

 

[VPSCorey]

They were one of the top 10 recipients of IP addresses last year which is amazing considering their company was Amazon, AT&T, Comcast, Verizon, Verizon Wireless, MicroSoft, Google, Facebook.  Telling me they're as big as these companies?

 

[peterw]

They were one of the top 10 recipients of IP addresses last year which is amazing considering their company was Amazon, AT&T, Comcast, Verizon, Verizon Wireless, MicroSoft, Google, Facebook.  Telling me they're as big as these companies?

They're not as big but do cheat more about justification.

 

[DomainBop]

If you or anyone you know get sick, please call Dr. Jessie Feng, MD 

new /24 ROKSO today, IP range SWIPed to the pride of Kohl's

 

[lbft]

http://www.spamhaus.org/sbl/query/SBL214220

So much for GVH-Jon's pleas, they doubled it in size to a /15.

 

[Kris]

Ouch. 

15 open incidents and 1 known ROSKO.  They seem more angry about the lack of SWIP on blocks larger than /29 though. 

From this morning's listings in the comments: 

No SWIP for this range which is larger than /29 and required by ARIN.

Due to no SWIPs, the minimum size SBL listings for ColoCrossing from now on will be /24 or larger.

If you are their customer and are being blocked due to this, ask them to add SWIPs.

 

[drmike]

It's clear what the business model at CC is and in this IP accumulation game:

CC gets these big IP blocks to sell to spammers as virgin unsoiled IP space.  They charge the spammers per IP beyond what legit folks pay.  So they are getting oh, $5+ an IP from the spammers.  

Spam churns IPs with lists like this.  So that $5 is multiplied by IPs issued and multiplied by how many times they need new IPs a month.

/29 = 6 IPs = $30+  every time the spammer has to bounce to a new range.  This *could* be a daily or multiple time per day incident.

Long term, yeah they are banking on the IPs in mass being valuable, but until then they are profiting grossly for enabling SHIT behavior.

 

[DomainBop]

Spamhaus comment on an IP that is swipped to CVPS (the majority of the new SBL's with SWIPs are either CVPS or 123sys):

Snowshoe spam operation hitting spamtraps from random IPs at cheap VPS servers. Domain shadesleader4.com is registered with Whoisguard Whois cloaking service, so is not legitimate mailserver domain. These IPs should send no email at all to public Internet email addresses..

The cheap VPS servers comment is humorous, but the comment that domains with private WHOIS aren't "legitimate mail server domains" and shouldn't be used to send email should be a warning to any business that is using private WHOIS.

 

[staticsafe]

Spamhaus comment on an IP that is swipped to CVPS (the majority of the new SBL's with SWIPs are either CVPS or 123sys):

The cheap VPS servers comment is humorous, but the comment that domains with private WHOIS aren't "legitimate mail server domains" and shouldn't be used to send email should be a warning to any business that is using private WHOIS.

It is a matter of opinion, but legitimate businesses that send e-mails shouldn't be using WHOIS privacy services, at least on domains that send e-mails. That behaviour just looks suspicious to any mail administrator looking at traffic. 

 

[wlanboy]

It is a matter of opinion, but legitimate businesses that send e-mails shouldn't be using WHOIS privacy services, at least on domains that send e-mails. That behaviour just looks suspicious to any mail administrator looking at traffic. 

Yuo - a legal business does have to publish a lot of information so why should someone use private WHOIS on a domain when everything that is hidden is written on the homepage?

 

[DomainBop]

Yuo - a legal business does have to publish a lot of information so why should someone use private WHOIS on a domain when everything that is hidden is written on the homepage?

The US and EU differ on corporate information disclosure. In some US states it is possible for a business, and the people behind it to remain virtually anonymous: a lookup on a state corporate search in some states like Wyoming will give you the name of the business and the name/address of the registered agent service they're using but no info on the company directors or even the street address of the business.  There are no requirements for US businesses to publish their address on their websites like there are in the UK, Germany, etc. 

 

[Francisco]

@GVH-Jon have you had much luck yet?

They've not said anything in that LET thread about this very subject, but maybe they're in constant contact in tickets?

I know you're swapping IP's soon, not sure if this blacklist kinda sealed that deal or what.

Francisco

 

[GVH-Jon]

@GVH-Jon have you had much luck yet?


They've not said anything in that LET thread about this very subject, but maybe they're in constant contact in tickets?


I know you're swapping IP's soon, not sure if this blacklist kinda sealed that deal or what.


Francisco

The blacklist of ColoCrossing's /15 did not affect us as far as I am aware of. Check your PM.

 

[Francisco]

The blacklist of ColoCrossing's /15 did not affect us as far as I am aware of. Check your PM.

Oh? K, because at some point you said that but I figure you didn't check the exact IP's and just assumed it hit all of CC or something.

Soon

Francisco

 

[GVH-Jon]

Oh? K, because at some point you said that but I figure you didn't check the exact IP's and just assumed it hit all of CC or something.


Soon


Francisco

It affected one of our customers who looks suspiciously like a spammer so his block would have been blacklisted either way. I was still pretty upset though at the blacklisting.

 

[Nett]

Do you charge blacklisting removal fees?

 

[GVH-Jon]

Do you charge blacklisting removal fees?

We charge a $200 spam cleanup administrative fee if found intentionally guilty of spamming. If we're convinced it's a resold service we waive the fee.

 

[MannDude]

We charge a $200 spam cleanup administrative fee if found intentionally guilty of spamming. If we're convinced it's a resold service we waive the fee.

And what percentage of customers just up and leave without paying that?

 

[raindog308]

It is a matter of opinion, but legitimate businesses that send e-mails shouldn't be using WHOIS privacy services, at least on domains that send e-mails. That behaviour just looks suspicious to any mail administrator looking at traffic.

But not all domains that send emails are businesses. Lotsa individuals have vanity domains - expecting them to put their full contact info in whois is not reasonable.

 

[Nett]

And what percentage of customers just up and leave without paying that?

The percentage same as uptime guarantee.