Happy New Year – ColoCrossing

Posted on January 3, 2017 by MagicMail

To all of us in the spam protection and/or spam auditing game, want to wish everyone a happy 2017. Of course, I wish I had better news and that our jobs will be easier this year, but it looks like 2017 will start off being more of the same.

It looks like trends are shifting though slightly, with compromised email accounts taking a larger role again, however the same old problems from the IoT (Internet of Things) being compromised and bad hosting company practices still a major concern.

And to start the year off, we are calling out a known trouble spot again, which is ColoCrossing, and companies that operate on that network (NewWave Connect), haven’s for spammers.

This morning report includes:

23.95.53.215 23 23-95-53-215-host.colocrossing.com
23.95.53.216 26 23-95-53-216-host.colocrossing.com
23.95.53.219 13 23-95-53-219-host.colocrossing.com
23.95.53.223 24 23-95-53-223-host.colocrossing.com

107.175.56.151 8 107-175-56-151-host.colocrossing.com
107.175.56.155 14 107-175-56-155-host.colocrossing.com
107.175.56.156 10 107-175-56-156-host.colocrossing.com
107.175.56.157 12 107-175-56-157-host.colocrossing.com
107.175.56.158 2 107-175-56-158-host.colocrossing.com
107.175.147.133 6 107-175-147-133-host.colocrossing.com

But we see large swathes of IP(s) on WowRack and Joe’s Data Centre, both North American hosting companies activated for spamming activities as well.

Maybe this is the year that regulators will target those companies as also responsible for the activity on their networks.

173.0.51.70  3 streonilli.net
 173.0.51.78  3 arach.streonilli.net
 173.0.51.81  1 ptm.kil4.homika.win
 173.0.51.98  3 ptm.kil22.homika.win
 173.0.51.99  3 ptm.kil21.homika.win
 173.0.51.111  2 a111.luxurybrandscollection.com
 173.0.51.113  4 ptm.kil18.homika.win
 173.0.51.114  3 ptm.kil17.homika.win
 173.0.51.130  2 ptm.kil30.homika.win
 173.0.51.132  70 ptm.kil29.homika.win
 173.0.51.133  69 ptm.kil28.homika.win
 173.0.51.137 72 ptm.kil27.homika.win
 173.0.51.138  68 ptm.kil26.homika.win
 173.0.51.140  71 ptm.kil25.homika.win
 173.0.51.150  67 ptm.kil24.homika.win
 173.0.51.163  67 ptm.kil23.homika.win
 173.0.51.203  62 mx1.mightylk.biz
 173.0.51.207  58 millo32.barsatinalawich.ml
 173.0.51.217  65 us-s3-mta5.smtpcampaigns.com
 173.0.51.218  62 millo31.barsatinalawich.ml
 173.0.51.227  69 abc11.1band1.xyz
 173.0.51.236  68 falait.preservevision.net
 173.0.51.237  72 isproject.preservevision.net
 173.0.51.238  69 niall.preservevision.net
 173.0.51.241  3 ptm.kil32.homika.win
 173.0.51.242  3 ptm.kil31.homika.win

Of course, those are easier to address as more and more companies simply resort to ‘blacklisting’ companies which allow, condone, or are unable to prevent such activity.

Sometimes that is the only way to elicit change in behaviors.

And again, we do hope providers this year will work on simple to fix things like operating ‘rwhois’ servers for their networks, work on PTR naming conventions that help all those involved in stopping spam, including those in the policing space.

But we all have to work together, to help honest operators secure their networks, create stronger tools for email users to prevent their accounts and servers being hacked, and lock down the Internet of Things from the ability to spread the worst of the spam used to deliver ransom ware, virus’s, scams, phishing, and other very serious threats to the average user.

And making the world a safer place, is why we continue to work on the front lines battling these threats.

Have a safe and happy new year.

PS, this is a great time for those other email marketing companies to look at cleaning up their marketing databases, surprised how many big companies databases have so many invalid email address entries that they continue to send to.

 

 

This entry was posted in Uncategorized and tagged , , , , . Bookmark the permalink.

Leave a Reply