So who is behind this outbreak. Of course you would expect their own monitoring systems would pick this up, before it started slamming ISP’s with bulk email…
126.96.36.199 : imfw.privatejetsvcs.com
188.8.131.52 : vfilter1.privatejetsvcs.com
184.108.40.206 : delawarekidney.telecomconnecting.com
220.127.116.11 : analab.telecomconnecting.com
18.104.22.168 : cust13538-2.telecomconnecting.com
22.214.171.124 : colo2.telecomconnecting.com
126.96.36.199 : moffattproducts.medbillingsource.com
188.8.131.52 : circlebay.medbillingsource.com
184.108.40.206 : graphicimagelabel.medbillingsource.com
220.127.116.11 : fidonfriends.medbillingsource.com
18.104.22.168 : mx0a-00106f01.kidssummerprograms.com
22.214.171.124 : cintronics.kidssummerprograms.com
126.96.36.199 : carouselrealty.kidssummerprograms.com
188.8.131.52 : outboundmail2.kidssummerprograms.com
Found a referral to rwhois.scalabledns.com:4321.
%rwhois V-1.5:003fff:00 rwhois.scalabledns.com (by Network Solutions, Inc. V-184.108.40.206)
Network:IP-Network-Block:220.127.116.11 – 18.104.22.168
Who is ORG-1889?
Lot’s of really abusive operators have found it easy to set up home on the Enzu network, and it might be they actively allow such activity, or they are simply unable to detect or stop it.
But no matter what, the sheer bulk of it shows that something needs to be addressed. While it might seem attractive to allow any use of IP space, to meet growth forecasts, and help justify new IP allocations, this type of activity causes a lot of pain for all parties involved.
And with some of the new changes being contemplated at various government levels, regarding spam activity, companies that aren’t transparent might find more onus of responsibility being directed at them, if issues like this aren’t addressed.