HaitiBrother
New Member
*laughs*
ColoCrossing, Quick to Get Large IP Blocks Issued and Faster to Soil Them
peterw
New Member
They're not as big but do cheat more about justification.
DomainBop
Dormant VPSB Pathogen
If you or anyone you know get sick, please call Dr. Jessie Feng, MD
new /24 ROKSO today, IP range SWIPed to the pride of Kohl's
new /24 ROKSO today, IP range SWIPed to the pride of Kohl's
lbft
New Member
http://www.spamhaus.org/sbl/query/SBL214220
So much for GVH-Jon's pleas, they doubled it in size to a /15.
So much for GVH-Jon's pleas, they doubled it in size to a /15.
Kris
New Member
Ouch.
15 open incidents and 1 known ROSKO. They seem more angry about the lack of SWIP on blocks larger than /29 though.
From this morning's listings in the comments:
No SWIP for this range which is larger than /29 and required by ARIN.
Due to no SWIPs, the minimum size SBL listings for ColoCrossing from now on will be /24 or larger.
If you are their customer and are being blocked due to this, ask them to add SWIPs.
15 open incidents and 1 known ROSKO. They seem more angry about the lack of SWIP on blocks larger than /29 though.
From this morning's listings in the comments:
No SWIP for this range which is larger than /29 and required by ARIN.
Due to no SWIPs, the minimum size SBL listings for ColoCrossing from now on will be /24 or larger.
If you are their customer and are being blocked due to this, ask them to add SWIPs.
drmike
100% Tier-1 Gogent
It's clear what the business model at CC is and in this IP accumulation game:
CC gets these big IP blocks to sell to spammers as virgin unsoiled IP space. They charge the spammers per IP beyond what legit folks pay. So they are getting oh, $5+ an IP from the spammers.
Spam churns IPs with lists like this. So that $5 is multiplied by IPs issued and multiplied by how many times they need new IPs a month.
/29 = 6 IPs = $30+ every time the spammer has to bounce to a new range. This *could* be a daily or multiple time per day incident.
Long term, yeah they are banking on the IPs in mass being valuable, but until then they are profiting grossly for enabling SHIT behavior.
CC gets these big IP blocks to sell to spammers as virgin unsoiled IP space. They charge the spammers per IP beyond what legit folks pay. So they are getting oh, $5+ an IP from the spammers.
Spam churns IPs with lists like this. So that $5 is multiplied by IPs issued and multiplied by how many times they need new IPs a month.
/29 = 6 IPs = $30+ every time the spammer has to bounce to a new range. This *could* be a daily or multiple time per day incident.
Long term, yeah they are banking on the IPs in mass being valuable, but until then they are profiting grossly for enabling SHIT behavior.
Last edited by a moderator:
DomainBop
Dormant VPSB Pathogen
Spamhaus comment on an IP that is swipped to CVPS (the majority of the new SBL's with SWIPs are either CVPS or 123sys):
The cheap VPS servers comment is humorous, but the comment that domains with private WHOIS aren't "legitimate mail server domains" and shouldn't be used to send email should be a warning to any business that is using private WHOIS.
staticsafe
New Member
It is a matter of opinion, but legitimate businesses that send e-mails shouldn't be using WHOIS privacy services, at least on domains that send e-mails. That behaviour just looks suspicious to any mail administrator looking at traffic.
wlanboy
Content Contributer
Yuo - a legal business does have to publish a lot of information so why should someone use private WHOIS on a domain when everything that is hidden is written on the homepage?
DomainBop
Dormant VPSB Pathogen
The US and EU differ on corporate information disclosure. In some US states it is possible for a business, and the people behind it to remain virtually anonymous: a lookup on a state corporate search in some states like Wyoming will give you the name of the business and the name/address of the registered agent service they're using but no info on the company directors or even the street address of the business. There are no requirements for US businesses to publish their address on their websites like there are in the UK, Germany, etc.
GVH-Jon
Banned
The blacklist of ColoCrossing's /15 did not affect us as far as I am aware of. Check your PM.
Oh? K, because at some point you said that but I figure you didn't check the exact IP's and just assumed it hit all of CC or something.
Soon
Francisco
GVH-Jon
Banned
It affected one of our customers who looks suspiciously like a spammer so his block would have been blacklisted either way. I was still pretty upset though at the blacklisting.
GVH-Jon
Banned
We charge a $200 spam cleanup administrative fee if found intentionally guilty of spamming. If we're convinced it's a resold service we waive the fee.
And what percentage of customers just up and leave without paying that?
But not all domains that send emails are businesses. Lotsa individuals have vanity domains - expecting them to put their full contact info in whois is not reasonable.
The percentage same as uptime guarantee.