Is your ‘rwhois’ server running?

It’s always amazing when looking at large providers who have a referral to an ‘rwhois’ server at ARIN, when that server is not functioning. Makes it hard to identify who operates the server where the spam is originating.

For example..
Found a referral to rwhois.hostnoc.net:4321.
getaddrinfo(rwhois.hostnoc.net): Name or service not known

This is for spam originating from:
Received: from serv54.buscalead.info (HELO serv54.buscalead.info) (184.22.164.54)
Needless to say, the operator has access to DNS, but has no website with contact information.. sending from Return-Path:

Este informativo é enviado de acordo com o “Guia de Boas Maneiras” para e-mail marketing da ABEMD – Associação Brasileira de Marketing Direto.

Needless to say, the activity would break many Anti-Spam laws.

This entry was posted in Uncategorized and tagged rwhois, spam. Bookmark the permalink.

Search

The Spam Auditor Blog: The information nexus for the anti-spam community.

Is your ‘rwhois’ server running?

Leave a Reply Cancel reply

Recent Entries

Monthly Archives

The Spam Auditor Blog: The information nexus for the anti-spam community.

Is your ‘rwhois’ server running?

Leave a Reply Cancel reply

Recent Entries

Monthly Archives

Tag Cloud