Is your ‘rwhois’ server running?

It’s always amazing when looking at large providers who have a referral to an ‘rwhois’ server at ARIN, when that server is not functioning. Makes it hard to identify who operates the server where the spam is originating.

For example..
Found a referral to
getaddrinfo( Name or service not known

This is for spam originating from:
Received: from (HELO (
Needless to say, the operator has access to DNS, but has no website with contact information.. sending from Return-Path:

Este informativo é enviado de acordo com o “Guia de Boas Maneiras” para e-mail marketing da ABEMD – Associação Brasileira de Marketing Direto.

Needless to say, the activity would break many Anti-Spam laws.

This entry was posted in Uncategorized and tagged , . Bookmark the permalink.

Leave a Reply