-
Recent Entries
Monthly Archives
- October 2021
- September 2021
- August 2021
- March 2021
- February 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- April 2020
- February 2020
- December 2019
- April 2019
- February 2019
- January 2019
- October 2018
- July 2018
- June 2018
- April 2018
- February 2018
- December 2017
- July 2017
- May 2017
- February 2017
- January 2017
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- April 2016
- March 2016
- February 2016
- December 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- December 2014
- November 2014
- September 2014
- August 2014
- July 2014
- May 2014
Author Archives: MagicMail
RIPE Bulgaria, what is going on?
While we all see occasional false information used by spammers to get hosting IP Space, in an age where IPv4 addresses are scarce you always wonder when large swathes of brand new IP space are used for spamming. And in … Continue reading
SoftLayer spam increase
While every hosting company has challenges with preventing spam outbreaks, and some do better than others, we occasionally see a trend that indicates a larger issue. This could be related to a general security issue, or a systemic deficiency. And … Continue reading
Very Large BOT activates
As of about 36 hours ago, another large bot activated in order to send spam and perform dictionary attacks. And as usual, this could have been mitigated if more ISP’s blocked port 25 outbound. This BOT was substantial enough to … Continue reading
Hosting companies and spammer signups
Some hosting companies never end up on our radar, as they have systems in place to catch customers who sign-up for IP Space and VPS’s just to start spamming, but there are others who seem to constantly have problems with … Continue reading
Another reason why ENZU should provide proper ‘rwhois’
So who is behind this outbreak. Of course you would expect their own monitoring systems would pick this up, before it started slamming ISP’s with bulk email… 23.245.171.126 : imfw.privatejetsvcs.com 23.245.171.128 : vfilter1.privatejetsvcs.com 23.245.171.145 : delawarekidney.telecomconnecting.com 23.245.171.146 : analab.telecomconnecting.com 23.245.171.147 … Continue reading
Why do Cel Networks leave port 25 open?
As a new trojan heads around the world attacking phones to use them to send spam, it is surprising that cel networks don’t lock down port 25 as well. Cel phones are roaming devices typically, and should use port 587 … Continue reading
Posted in Uncategorized
Leave a comment
ISP’s DYNA IP’s, blocking port 25
As another large infection spreads across the ‘Internet of Things’, it is time to ask the question again, why aren’t ISP’s and Telco’s routinely blocking outbound connections from their dynamic IP Space to port 25. Not that most spam protections … Continue reading
Cloud Services – Rackspace
It seems like more and more spammers are taking advantage of ‘cloud services’ that allow you to spin up a bunch of servers, and IP(s) and a really big pipe, and they can do a lot of damage in just … Continue reading
Posted in Uncategorized
Leave a comment
New Twist on HELO Bot
Our spam auditors noticed that a variation on a previous bot that simply opened up a HELO and then quit has surfaced, similar to the ylmf-pc bot. All it does it send a HELO greeting, usually from www.randomchars.com, and then … Continue reading
.eu domain spam uptick
Had a potential customer that asked about blocking all .eu domains, and of course not something we would like to recommend. However, we get it. Lately spammers (to call them email marketers might be too polite) have been aggressively using … Continue reading
Posted in Uncategorized
Leave a comment