subject:"\[mailop\] Someone from nifty.com \/ sion.ne.jp an this list\?"

Re: [mailop] Someone from nifty.com / sion.ne.jp an this list?

2023-06-01 Thread Michael Peddemors via mailop


On 2023-05-30 06:36, Michael Peddemors via mailop wrote:

On 2023-05-29 22:36, Hans-Martin Mosner via mailop wrote:
There's been an ongoing phishing wave originating from nifty.com. I 
(and most likely others) have sent abuse reports, but the root of the 
problem apparently hasn't been found and fixed. Would you please see 
that this phishing stops? If you contact me off-list, I will provide 
you with the addresses which we've seen in case you can use that to 
pinpoint the issue.


Cheers,
Hans-Martin


106.153.226.33    1   mta-snd1.nifty.com
    106.153.226.38 1   mta-snd6.nifty.com
    106.153.226.39 1   mta-snd7.nifty.com
106.153.227.36    1   mta-snd01004.nifty.com
    106.153.227.38 1   mta-snd01006.nifty.com
    106.153.227.42 1   mta-snd01010.nifty.com
    106.153.227.43 1   mta-snd01011.nifty.com
    106.153.227.44 1   mta-snd01012.nifty.com
    106.153.227.45 1   mta-snd01013.nifty.com
106.153.228.1 2   mta-snd00101.nifty.com
    106.153.228.2  1   mta-snd00102.nifty.com
    106.153.228.3  3   mta-snd00103.nifty.com
    106.153.228.4  3   mta-snd00104.nifty.com
    106.153.228.5  3   mta-snd00105.nifty.com
    106.153.228.6  1   mta-snd00106.nifty.com
    106.153.228.33 3   mta-snd01101.nifty.com
    106.153.228.34 3   mta-snd01102.nifty.com
    106.153.228.35 4   mta-snd01103.nifty.com
    106.153.228.36 4   mta-snd01104.nifty.com
    106.153.228.37 4   mta-snd01105.nifty.com
    106.153.228.38 3   mta-snd01106.nifty.com

Going on for about a week now...

Lot of invalid users, but the ones that go through are pretty obvious..

From: Unfeigned Pharmacy-Market 
X-Priority: 1 (High)
Message-ID: <305495318.20230530150...@nifty.ne.jp>
Subject: Buy premium generic medication products here.

Right now treating like gmail spam, but if it keeps up, might have to 
get more aggressive..





Addendum:

We also see that it is a 'backscatter' issue over there..

Return-Path: <>
Received: from mta-snd00102.nifty.com (HELO osmta0018.nifty.com) 
(106.153.228.2)

by SNIPPED  (TLS_AES_256_GCM_SHA384 encrypted) ESMTPS
(16123842-0095-11ee-8143-fb3903172121); Thu, 01 Jun 2023 08:58:03 -0700
To: SNIPED
From: 
Subject: =?iso-2022-jp?B?GyRCJWEhPCVrQXc/LiUoJWkhPERMQ04bKEI=?=
Date: Fri, 2 Jun 2023 00:58:01 +0900
Message-ID: 
<20230601155801020.cagn.109110.omta01-spam-nf-airoymnf00fep...@nifty.com>


Someone should let them know that gets them blacklisted fast.. ;)



--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Someone from nifty.com / sion.ne.jp an this list?

2023-05-30 Thread Michael Peddemors via mailop


On 2023-05-29 22:36, Hans-Martin Mosner via mailop wrote:
There's been an ongoing phishing wave originating from nifty.com. I (and 
most likely others) have sent abuse reports, but the root of the problem 
apparently hasn't been found and fixed. Would you please see that this 
phishing stops? If you contact me off-list, I will provide you with the 
addresses which we've seen in case you can use that to pinpoint the issue.


Cheers,
Hans-Martin


106.153.226.331   mta-snd1.nifty.com
   106.153.226.38 1   mta-snd6.nifty.com
   106.153.226.39 1   mta-snd7.nifty.com
106.153.227.361   mta-snd01004.nifty.com
   106.153.227.38 1   mta-snd01006.nifty.com
   106.153.227.42 1   mta-snd01010.nifty.com
   106.153.227.43 1   mta-snd01011.nifty.com
   106.153.227.44 1   mta-snd01012.nifty.com
   106.153.227.45 1   mta-snd01013.nifty.com
106.153.228.1 2   mta-snd00101.nifty.com
   106.153.228.2  1   mta-snd00102.nifty.com
   106.153.228.3  3   mta-snd00103.nifty.com
   106.153.228.4  3   mta-snd00104.nifty.com
   106.153.228.5  3   mta-snd00105.nifty.com
   106.153.228.6  1   mta-snd00106.nifty.com
   106.153.228.33 3   mta-snd01101.nifty.com
   106.153.228.34 3   mta-snd01102.nifty.com
   106.153.228.35 4   mta-snd01103.nifty.com
   106.153.228.36 4   mta-snd01104.nifty.com
   106.153.228.37 4   mta-snd01105.nifty.com
   106.153.228.38 3   mta-snd01106.nifty.com

Going on for about a week now...

Lot of invalid users, but the ones that go through are pretty obvious..

From: Unfeigned Pharmacy-Market 
X-Priority: 1 (High)
Message-ID: <305495318.20230530150...@nifty.ne.jp>
Subject: Buy premium generic medication products here.

Right now treating like gmail spam, but if it keeps up, might have to 
get more aggressive..



--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Someone from nifty.com / sion.ne.jp an this list?

2023-05-30 Thread Konstantin Filtschew / Qameta via mailop

I can provide information too. Most of the mails were recognized as Junk/Spam 
for me.
Am 30. Mai 2023 um 07:40:35, Hans-Martin Mosner via mailop (mailop@mailop.org) 
schrieb:

There's been an ongoing phishing wave originating from nifty.com. I (and most 
likely others) have sent abuse reports, 
but the root of the problem apparently hasn't been found and fixed. Would you 
please see that this phishing stops? If 
you contact me off-list, I will provide you with the addresses which we've seen 
in case you can use that to pinpoint the 
issue.

Cheers,
Hans-Martin

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] Someone from nifty.com / sion.ne.jp an this list?

2023-05-29 Thread Hans-Martin Mosner via mailop

There's been an ongoing phishing wave originating from nifty.com. I (and most likely others) have sent abuse reports, 
but the root of the problem apparently hasn't been found and fixed. Would you please see that this phishing stops? If 
you contact me off-list, I will provide you with the addresses which we've seen in case you can use that to pinpoint the 
issue.


Cheers,
Hans-Martin

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Someone from nifty.com / sion.ne.jp an this list?

Re: [mailop] Someone from nifty.com / sion.ne.jp an this list?

Re: [mailop] Someone from nifty.com / sion.ne.jp an this list?

[mailop] Someone from nifty.com / sion.ne.jp an this list?

4 matches

Site Navigation

Mail list logo

Footer information