RIPE Bulgaria, what is going on?

While we all see occasional false information used by spammers to get hosting IP Space, in an age where IPv4 addresses are scarce you always wonder when large swathes of brand new IP space are used for spamming. And in … Continue reading

Posted in Informative | Tagged , , , , | Leave a comment

SoftLayer spam increase

While every hosting company has challenges with preventing spam outbreaks, and some do better than others, we occasionally see a trend that indicates a larger issue. This could be related to a general security issue, or a systemic deficiency. And … Continue reading

Posted in Informative | Tagged , , , , , | Leave a comment

Very Large BOT activates

As of about 36 hours ago, another large bot activated in order to send spam and perform dictionary attacks. And as usual, this could have been mitigated if more ISP’s blocked port 25 outbound. This BOT was substantial enough to … Continue reading

Posted in Informative | Tagged , , , | Leave a comment

Hosting companies and spammer signups

Some hosting companies never end up on our radar, as they have systems in place to catch customers who sign-up for IP Space and VPS’s just to start spamming, but there are others who seem to constantly have problems with … Continue reading

Posted in Uncategorized | Tagged , , , , | Leave a comment

Another reason why ENZU should provide proper ‘rwhois’

So who is behind this outbreak. Of course you would expect their own monitoring systems would pick this up, before it started slamming ISP’s with bulk email… 23.245.171.126 : imfw.privatejetsvcs.com 23.245.171.128 : vfilter1.privatejetsvcs.com 23.245.171.145 : delawarekidney.telecomconnecting.com 23.245.171.146 : analab.telecomconnecting.com 23.245.171.147 … Continue reading

Posted in Informative | Tagged , , , , | Leave a comment

Why do Cel Networks leave port 25 open?

As a new trojan heads around the world attacking phones to use them to send spam, it is surprising that cel networks don’t lock down port 25 as well. Cel phones are roaming devices typically, and should use port 587 … Continue reading

Posted in Uncategorized | Leave a comment

ISP’s DYNA IP’s, blocking port 25

As another large infection spreads across the ‘Internet of Things’, it is time to ask the question again, why aren’t ISP’s and Telco’s routinely blocking outbound connections from their dynamic IP Space to port 25. Not that most spam protections … Continue reading

Posted in Uncategorized | Tagged , , , , | Leave a comment

Cloud Services – Rackspace

It seems like more and more spammers are taking advantage of ‘cloud services’ that allow you to spin up a bunch of servers, and IP(s) and a really big pipe, and they can do a lot of damage in just … Continue reading

Posted in Uncategorized | Leave a comment

New Twist on HELO Bot

Our spam auditors noticed that a variation on a previous bot that simply opened up a HELO and then quit has surfaced, similar to the ylmf-pc bot. All it does it send a HELO greeting, usually from www.randomchars.com, and then … Continue reading

Posted in Informative | Tagged , , , | Leave a comment

.eu domain spam uptick

Had a potential customer that asked about blocking all .eu domains, and of course not something we would like to recommend. However, we get it. Lately spammers (to call them email marketers might be too polite) have been aggressively using … Continue reading

Posted in Uncategorized | Leave a comment