Re: [mailop] State of the Union - Update due to activity..
On 8/30/2022, Michael Peddemors via mailop wrote: Normally, we could simply post this on a blog, but the traffic is significant enough that other mail operators might be interested.. Last couple of days a LOT of new IP Address abuse from the same actors using throwaway domains, on the typical suspect hosting providers, but the sheer volume should be noticible. Of course, this actor is pretty spammy in nature, and decent filtering should be catching it anyways, but it is worth noting his methods given the sheer volume. Sampling of Activity (Sorry for the long scroll) I've only glanced at this, but it smells like PredictLabs to me. SgtChains ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] State of the Union - Update due to activity..
On Tue, Aug 30, 2022 at 05:36:16PM -0500, Jarland Donnell via mailop wrote: > That subdomain style, I've been eyeballing that trend for a while. > This guy got super mad at me for identifying that trend on a network > that hadn't yet started sending spam: > https://forum.directadmin.com/threads/rbl_dns_list-suggestion.64780/post-350740 LOL. That network (212.192.216.0/22) was assigned by Serverion to "voldeta-mnt" (Des Capital B.V., AS213035) on 2022-06-04T10:45:44Z. This is what came up first for me when I googled that business name: https://scamalytics.com/ip/isp/des-capital-b-v The spam started a week later. It was a 419. On July 1-2, there was a massive spam run that rivalled the monthly output of some minor ESPs in the same recipient mailboxes. All your basic kinds of garbage affiliate spam. I get the impression plonking AS213035 in a router's null-route list might amount to lossless compression. The list of networks that this AS advertises is 67 lines long even after doing the CIDR math to show it in its most compact form, and they're everywhere, AfriNIC, RIPE, ARIN and APNIC ranges are all present in that list. Best regards, -- Atro Tossavainen, Founder, Partner Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635) Tallinn, Estonia tel. +372-5883-4269, http://www.koliloks.eu/ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] State of the Union - Update due to activity..
Over 250,000 IPs look like candidates .. On 2022-08-30 15:36, Jarland Donnell via mailop wrote: That subdomain style, I've been eyeballing that trend for a while. This guy got super mad at me for identifying that trend on a network that hadn't yet started sending spam: https://forum.directadmin.com/threads/rbl_dns_list-suggestion.64780/post-350740 But you see the trend here: https://bgp.he.net/net/5.183.96.0/22#_dns Ex: 5.183.97.2 pwit.castlerockcompany.org.uk 5.183.97.3 ctran.expeditiondevelopment.org.uk 5.183.97.4 fscanf.acadiainternational.org.uk 5.183.97.5 souvi.acadiainternational.org.uk 5.183.97.6 ahmal.acadiainternational.org.uk And you see at one of the web pages, this same page gets around a lot on domains that look like those: http://castlerockcompany.org.uk I wonder if this is a bunch of different actors sharing tools and methods, or if it's a single string running through a metric fuck ton of networks. On 2022-08-30 14:16, Michael Peddemors via mailop wrote: Normally, we could simply post this on a blog, but the traffic is significant enough that other mail operators might be interested.. Last couple of days a LOT of new IP Address abuse from the same actors using throwaway domains, on the typical suspect hosting providers, but the sheer volume should be noticible. Of course, this actor is pretty spammy in nature, and decent filtering should be catching it anyways, but it is worth noting his methods given the sheer volume. Sampling of Activity (Sorry for the long scroll) 23.19.140.69 (RS) 3 stay.ernaline.com 23.19.140.86 (RS) 3 dirty.ernaline.com 104.148.33.87 (M) 1 hikids.foolation.com 104.148.33.96 (M) 1 rayane.fronstionsequal.com 104.148.33.102 (M,RS) 1 oduesp.fronstionsequal.com 104.148.33.113 (M) 1 fastmo.siderigheidl.com 104.148.33.120 (M) 1 guida.siderigheidl.com 103.198.26.9 2 ce-multiavantages.com 103.198.26.81 3 ce-multiavantages.com 103.198.26.88 2 planetbmx.com 103.198.26.92 3 123bizlisting.com 104.237.200.118 x1 tarsel.whernis.com 104.237.200.119 x3 delner.whernis.com 104.237.200.120 x1 izar.whernis.com 104.237.200.123 x1 dreuz.whernis.com 107.179.20.17 x1 volven.marilamei.com 107.179.20.18 x1 mongo.marilamei.com 107.179.20.20 x1 pixmag.marilamei.com 107.6.208.14 x5 ulinzi.stereometricalls.com 108.166.214.27 x2 ungear.donsitide.net 108.166.214.29 x2 ammri.donsitide.net 154.16.171.159 x1 oortap.meteorographicals.com 162.253.215.163 x2 zarkos.toatip.com 162.253.215.164 x9 geoffj.toatip.com 162.253.215.165 x4 clipy.toatip.com 162.253.215.166 x6 ammi.toatip.com 173.208.184.122 x72 sonato.treinamentospro.com 173.208.184.124 x61 senolo.treinamentoparaempresa.com 173.82.144.164 x56 obegivicance.com 173.82.144.165 x73 fasloc.obegivicance.com 173.82.144.166 x61 ktur.obegivicance.com 173.82.144.167 x173 entoil.obegivicance.com 173.82.144.168 x153 voeung.obegivicance.com 173.82.48.93 x17 vntut.faminitory.com 173.82.48.94 x47 bippo.faminitory.com 173.82.48.95 x31 igen.faminitory.com 173.82.48.96 x43 gidyea.faminitory.com 176.119.25.25 x2 urbis.automechadnism.com 176.119.25.26 x4 qikan.automechadnism.com 176.119.25.27 x16 cague.automechadnism.com 176.119.25.28 x8 matsen.automechadnism.com 178.239.161.100 x6 zobec.microchiroptera.com 178.239.161.101 x11 macjoe.microchiroptera.com 178.239.161.102 x8 flyman.microchiroptera.com 178.239.161.103 x10 gaobie.microchiroptera.com 185.136.206.170 x4 uuduue.neverely.com 185.136.206.171 x8 guishi.neverely.com 185.136.206.172 x6 mattim.neverely.com 185.136.206.173 x7 escapo.neverely.com 185.136.206.174 x5 fendel.neverely.com 185.136.206.175 x5 dabbah.neverely.com 185.136.206.177 x10 lyrone.neverely.com 185.136.206.178 x7 amoh.neverely.com 185.136.206.179 x20 nenyo.neverely.com 185.136.206.180 x11 webcam.neverely.com 185.136.206.181 x14 msgid.neverely.com 185.26.145.100 x11 peell.uncompetitiveness.com 185.26.145.101 x9 varby.uncompetitiveness.com 185.26.145.102 x19 franga.uncompetitiveness.com 185.26.145.103 x19 kotko.uncompetitiveness.com 185.26.145.104 x14 cdir.uncompetitiveness.com 185.26.145.105 x9 omiru.uncompetitiveness.com 185.26.145.106 x7 rrnb.uncompetitiveness.com 185.26.145.107 x19 nchr.uncompetitiveness.com 185.26.145.108 x13 cet.uncompetitiveness.com 185.26.145.109 x17 walpe.uncompetitiveness.com 185.26.145.110 x8 smwall.uncompetitiveness.com 185.26.145.99 x8 bunl.uncompetitiveness.com 188.125.169.3 x2 ishara.soverich.biz 188.125.169.5 x2 symn.soverich.biz
Re: [mailop] State of the Union - Update due to activity..
That subdomain style, I've been eyeballing that trend for a while. This guy got super mad at me for identifying that trend on a network that hadn't yet started sending spam: https://forum.directadmin.com/threads/rbl_dns_list-suggestion.64780/post-350740 But you see the trend here: https://bgp.he.net/net/5.183.96.0/22#_dns Ex: 5.183.97.2 pwit.castlerockcompany.org.uk 5.183.97.3 ctran.expeditiondevelopment.org.uk 5.183.97.4 fscanf.acadiainternational.org.uk 5.183.97.5 souvi.acadiainternational.org.uk 5.183.97.6 ahmal.acadiainternational.org.uk And you see at one of the web pages, this same page gets around a lot on domains that look like those: http://castlerockcompany.org.uk I wonder if this is a bunch of different actors sharing tools and methods, or if it's a single string running through a metric fuck ton of networks. On 2022-08-30 14:16, Michael Peddemors via mailop wrote: Normally, we could simply post this on a blog, but the traffic is significant enough that other mail operators might be interested.. Last couple of days a LOT of new IP Address abuse from the same actors using throwaway domains, on the typical suspect hosting providers, but the sheer volume should be noticible. Of course, this actor is pretty spammy in nature, and decent filtering should be catching it anyways, but it is worth noting his methods given the sheer volume. Sampling of Activity (Sorry for the long scroll) 23.19.140.69(RS) 3 stay.ernaline.com 23.19.140.86 (RS) 3 dirty.ernaline.com 104.148.33.87 (M) 1 hikids.foolation.com 104.148.33.96(M) 1 rayane.fronstionsequal.com 104.148.33.102 (M,RS)1 oduesp.fronstionsequal.com 104.148.33.113 (M) 1 fastmo.siderigheidl.com 104.148.33.120 (M) 1 guida.siderigheidl.com 103.198.26.9 2 ce-multiavantages.com 103.198.26.81 3 ce-multiavantages.com 103.198.26.88 2 planetbmx.com 103.198.26.92 3 123bizlisting.com 104.237.200.118 x1 tarsel.whernis.com 104.237.200.119 x3 delner.whernis.com 104.237.200.120 x1 izar.whernis.com 104.237.200.123 x1 dreuz.whernis.com 107.179.20.17 x1 volven.marilamei.com 107.179.20.18 x1 mongo.marilamei.com 107.179.20.20 x1 pixmag.marilamei.com 107.6.208.14x5 ulinzi.stereometricalls.com 108.166.214.27 x2 ungear.donsitide.net 108.166.214.29 x2 ammri.donsitide.net 154.16.171.159 x1 oortap.meteorographicals.com 162.253.215.163 x2 zarkos.toatip.com 162.253.215.164 x9 geoffj.toatip.com 162.253.215.165 x4 clipy.toatip.com 162.253.215.166 x6 ammi.toatip.com 173.208.184.122 x72 sonato.treinamentospro.com 173.208.184.124 x61 senolo.treinamentoparaempresa.com 173.82.144.164 x56 obegivicance.com 173.82.144.165 x73 fasloc.obegivicance.com 173.82.144.166 x61 ktur.obegivicance.com 173.82.144.167 x173entoil.obegivicance.com 173.82.144.168 x153voeung.obegivicance.com 173.82.48.93x17 vntut.faminitory.com 173.82.48.94x47 bippo.faminitory.com 173.82.48.95x31 igen.faminitory.com 173.82.48.96x43 gidyea.faminitory.com 176.119.25.25 x2 urbis.automechadnism.com 176.119.25.26 x4 qikan.automechadnism.com 176.119.25.27 x16 cague.automechadnism.com 176.119.25.28 x8 matsen.automechadnism.com 178.239.161.100 x6 zobec.microchiroptera.com 178.239.161.101 x11 macjoe.microchiroptera.com 178.239.161.102 x8 flyman.microchiroptera.com 178.239.161.103 x10 gaobie.microchiroptera.com 185.136.206.170 x4 uuduue.neverely.com 185.136.206.171 x8 guishi.neverely.com 185.136.206.172 x6 mattim.neverely.com 185.136.206.173 x7 escapo.neverely.com 185.136.206.174 x5 fendel.neverely.com 185.136.206.175 x5 dabbah.neverely.com 185.136.206.177 x10 lyrone.neverely.com 185.136.206.178 x7 amoh.neverely.com 185.136.206.179 x20 nenyo.neverely.com 185.136.206.180 x11 webcam.neverely.com 185.136.206.181 x14 msgid.neverely.com 185.26.145.100 x11 peell.uncompetitiveness.com 185.26.145.101 x9 varby.uncompetitiveness.com 185.26.145.102 x19 franga.uncompetitiveness.com 185.26.145.103 x19 kotko.uncompetitiveness.com 185.26.145.104 x14 cdir.uncompetitiveness.com 185.26.145.105 x9 omiru.uncompetitiveness.com 185.26.145.106 x7 rrnb.uncompetitiveness.com 185.26.145.107 x19 nchr.uncompetitiveness.com 185.26.145.108 x13 cet.uncompetitiveness.com 185.26.145.109 x17 walpe.uncompetitiveness.com 185.26.145.110 x8 smwall.uncompetitiveness.com 185.26.145.99 x8 bunl.uncompetitiveness.com 188.125.169.3 x2 ishara.soverich.biz 188.125.169.5 x2 symn.soverich.biz 194.102.39.129 x18 ysv.hishationgla.com 194.102.39.13 x11 kahkai.omoplatoscopy.com 194.102.39.130 x12 sch
Re: [mailop] State of the Union - Update due to activity..
It's just amazing what a simple Shodan query can give you.. (Caveat, not vetted for false positives, but gives you a clue) See attached Image: On 2022-08-30 12:16, Michael Peddemors via mailop wrote: Normally, we could simply post this on a blog, but the traffic is significant enough that other mail operators might be interested.. Last couple of days a LOT of new IP Address abuse from the same actors using throwaway domains, on the typical suspect hosting providers, but the sheer volume should be noticible. Of course, this actor is pretty spammy in nature, and decent filtering should be catching it anyways, but it is worth noting his methods given the sheer volume. Sampling of Activity (Sorry for the long scroll) 23.19.140.69 (RS) 3 stay.ernaline.com 23.19.140.86 (RS) 3 dirty.ernaline.com 104.148.33.87 (M) 1 hikids.foolation.com 104.148.33.96 (M) 1 rayane.fronstionsequal.com 104.148.33.102 (M,RS) 1 oduesp.fronstionsequal.com 104.148.33.113 (M) 1 fastmo.siderigheidl.com 104.148.33.120 (M) 1 guida.siderigheidl.com 103.198.26.9 2 ce-multiavantages.com 103.198.26.81 3 ce-multiavantages.com 103.198.26.88 2 planetbmx.com 103.198.26.92 3 123bizlisting.com 104.237.200.118 x1 tarsel.whernis.com 104.237.200.119 x3 delner.whernis.com 104.237.200.120 x1 izar.whernis.com 104.237.200.123 x1 dreuz.whernis.com 107.179.20.17 x1 volven.marilamei.com 107.179.20.18 x1 mongo.marilamei.com 107.179.20.20 x1 pixmag.marilamei.com 107.6.208.14 x5 ulinzi.stereometricalls.com 108.166.214.27 x2 ungear.donsitide.net 108.166.214.29 x2 ammri.donsitide.net 154.16.171.159 x1 oortap.meteorographicals.com 162.253.215.163 x2 zarkos.toatip.com 162.253.215.164 x9 geoffj.toatip.com 162.253.215.165 x4 clipy.toatip.com 162.253.215.166 x6 ammi.toatip.com 173.208.184.122 x72 sonato.treinamentospro.com 173.208.184.124 x61 senolo.treinamentoparaempresa.com 173.82.144.164 x56 obegivicance.com 173.82.144.165 x73 fasloc.obegivicance.com 173.82.144.166 x61 ktur.obegivicance.com 173.82.144.167 x173 entoil.obegivicance.com 173.82.144.168 x153 voeung.obegivicance.com 173.82.48.93 x17 vntut.faminitory.com 173.82.48.94 x47 bippo.faminitory.com 173.82.48.95 x31 igen.faminitory.com 173.82.48.96 x43 gidyea.faminitory.com 176.119.25.25 x2 urbis.automechadnism.com 176.119.25.26 x4 qikan.automechadnism.com 176.119.25.27 x16 cague.automechadnism.com 176.119.25.28 x8 matsen.automechadnism.com 178.239.161.100 x6 zobec.microchiroptera.com 178.239.161.101 x11 macjoe.microchiroptera.com 178.239.161.102 x8 flyman.microchiroptera.com 178.239.161.103 x10 gaobie.microchiroptera.com 185.136.206.170 x4 uuduue.neverely.com 185.136.206.171 x8 guishi.neverely.com 185.136.206.172 x6 mattim.neverely.com 185.136.206.173 x7 escapo.neverely.com 185.136.206.174 x5 fendel.neverely.com 185.136.206.175 x5 dabbah.neverely.com 185.136.206.177 x10 lyrone.neverely.com 185.136.206.178 x7 amoh.neverely.com 185.136.206.179 x20 nenyo.neverely.com 185.136.206.180 x11 webcam.neverely.com 185.136.206.181 x14 msgid.neverely.com 185.26.145.100 x11 peell.uncompetitiveness.com 185.26.145.101 x9 varby.uncompetitiveness.com 185.26.145.102 x19 franga.uncompetitiveness.com 185.26.145.103 x19 kotko.uncompetitiveness.com 185.26.145.104 x14 cdir.uncompetitiveness.com 185.26.145.105 x9 omiru.uncompetitiveness.com 185.26.145.106 x7 rrnb.uncompetitiveness.com 185.26.145.107 x19 nchr.uncompetitiveness.com 185.26.145.108 x13 cet.uncompetitiveness.com 185.26.145.109 x17 walpe.uncompetitiveness.com 185.26.145.110 x8 smwall.uncompetitiveness.com 185.26.145.99 x8 bunl.uncompetitiveness.com 188.125.169.3 x2 ishara.soverich.biz 188.125.169.5 x2 symn.soverich.biz 194.102.39.129 x18 ysv.hishationgla.com 194.102.39.13 x11 kahkai.omoplatoscopy.com 194.102.39.130 x12 schaug.omoplatoscopy.com 194.102.39.131 x24 hatman.omoplatoscopy.com 194.102.39.132 x15 bundli.omoplatoscopy.com 195.146.2.38 x13 mahers.behavings.com 195.231.23.145 x4 disproportionnation.com 195.231.23.146 x62 gonten.disproportionnation.com 195.231.23.147 x68 gmanck.disproportionnation.com 198.148.108.18 x227 nortugust.com 198.148.108.19 x869 mpbse.nortugust.com 198.148.108.20 x677 donez.nortugust.com 198.148.108.21 x855 domes.nortugust.com 198.148.108.22 x706 dwds.nortugust.com 204.10.89.195 x180 bruxe.sympatholician.com 204.10.89.196 x81 boucan.sympatholician.com 204.10.89.197 x86 puz
Re: [mailop] State of the Union - Update due to activity..
Dňa 30. augusta 2022 20:58:07 UTC používateľ Hans-Martin Mosner via mailop napísal: >I do. Gmail addresses need whitelisting now. It's **really** gotten so bad. While i didn't block gmail exactly, it got so bad reputation (DKIM, ASN, ipnet... as counted by rspamd), that particular addresses requires WL here too, otherwise they ends at least in Junk folder. Hopefuly, my users doesn't talk with gmail people often, thus it is only small list. regards -- Slavko ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] State of the Union - Update due to activity..
Am 30.08.22 um 22:49 schrieb Michael Peddemors via mailop: On 2022-08-30 13:33, Hans-Martin Mosner via mailop wrote: I just checked a few samples, really can't be bothered to do it for all of them. NameCheap (registrar-servers.com) DNS all over the place (in fact didn't find one that had another registrar). It's gotten so bad that I refuse all traffic from domains with such DNS unless they are explicitly whitelisted. I get the frustation.. Should point out they 'have' been getting better and more pro-active on addressing abusive domains.. But if we adopted that policy (It's gotten so bad..) we would be blocking Gmail by now *toungue in cheek* I do. Gmail addresses need whitelisting now. It's **really** gotten so bad. Cheers, Hans-Martin ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] State of the Union - Update due to activity..
On 2022-08-30 13:33, Hans-Martin Mosner via mailop wrote: I just checked a few samples, really can't be bothered to do it for all of them. NameCheap (registrar-servers.com) DNS all over the place (in fact didn't find one that had another registrar). It's gotten so bad that I refuse all traffic from domains with such DNS unless they are explicitly whitelisted. I get the frustation.. Should point out they 'have' been getting better and more pro-active on addressing abusive domains.. But if we adopted that policy (It's gotten so bad..) we would be blocking Gmail by now *toungue in cheek* The real problem is not the registrar, it is the networks that allow those operators to find a home.. The problem is that people are more worried about margins than the effects on their fellow man.. Its about being reactive vs proactive.. Its... (uhoh, Michael in Rant mode.. Take the keyboard away nurse) -- "Catch the Magic of Linux..." Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd. 604-682-0300 Beautiful British Columbia, Canada This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] State of the Union - Update due to activity..
I just checked a few samples, really can't be bothered to do it for all of them. NameCheap (registrar-servers.com) DNS all over the place (in fact didn't find one that had another registrar). It's gotten so bad that I refuse all traffic from domains with such DNS unless they are explicitly whitelisted. Cheers, Hans-Martin ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] State of the Union - Update due to activity..
On Tue, Aug 30, 2022 at 01:11:20PM -0700, Michael Peddemors via mailop wrote: > Hehehe... > > No, I meant who are behind these.. https://emailable.com/abuse/ > Is AWS alright with this.. I suppose the answer is yes. Getting any kind of answer to any question out of them is beyond difficult, so this may be simply by implication. > Trouble is how to tell good email validators from bad ones.. > Even, what is a good validator vs a bad one.. The good email validators don't show up on your mail servers. They do stuff on their own, based on DNS and other things that don't require turning into a woodpecker. > And how about transparency? Technically, I don't see the reasoning > why to do this, and if you need to do it, not be transparent about > it.. Yes. I didn't write this https://www.spamhaus.org/news/article/722/on-the-dubious-merits-of-email-verification-services and I have nothing to do with the folks who did, but it's hard to disagree with anything in it. > Now, if there was only some method to see if you really have > permission to use an email address.. ;) Interested in buying a bridge in southern NYC? ;-) -- Atro Tossavainen, Chairman of the Board Infinite Mho Oy, Helsinki, Finland tel. +358-44-5000 600, http://www.infinitemho.fi/ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] State of the Union - Update due to activity..
Hehehe... No, I meant who are behind these.. Is AWS alright with this.. Trouble is how to tell good email validators from bad ones.. Even, what is a good validator vs a bad one.. And how about transparency? Technically, I don't see the reasoning why to do this, and if you need to do it, not be transparent about it.. However, hearing more and more reports of big name companies using 'list washing services', and sometimes you can't use their services if your email address doesn't validate . 'Invalid Email Address'. Even ran into myself, but no clue what service they were using.. Now, if there was only some method to see if you really have permission to use an email address.. ;) On 2022-08-30 12:48, Atro Tossavainen via mailop wrote: In other news.. Any comments about these guys on AWS? 3.217.146.99 1 mx25.herpderpderpderp.com 3.223.197.220 1 mx2.emailablev.com 3.226.89.155(RS) 2 va1.mx-check.com Sure. [root@mail ~]# egrep 'herpderp|emailablev|mx-check' /etc/postfix/helo_access.pcre /emailablev\.com/ REJECT Spam list cleaners are welcome to take a hike /herpderpderpderp\.com/ REJECT Spam list cleaners are welcome to take a hike [root@mail ~]# egrep 'herpderp|emailablev|mx-check' /etc/postfix/helo_access mx-check.com REJECT Spam list cleaners are welcome to take a hike -- "Catch the Magic of Linux..." Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd. 604-682-0300 Beautiful British Columbia, Canada This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] State of the Union - Update due to activity..
> In other news.. Any comments about these guys on AWS? > > 3.217.146.99 1 mx25.herpderpderpderp.com > 3.223.197.220 1 mx2.emailablev.com > 3.226.89.155(RS) 2 va1.mx-check.com Sure. [root@mail ~]# egrep 'herpderp|emailablev|mx-check' /etc/postfix/helo_access.pcre /emailablev\.com/ REJECT Spam list cleaners are welcome to take a hike /herpderpderpderp\.com/ REJECT Spam list cleaners are welcome to take a hike [root@mail ~]# egrep 'herpderp|emailablev|mx-check' /etc/postfix/helo_access mx-check.com REJECT Spam list cleaners are welcome to take a hike -- Atro Tossavainen, Chairman of the Board Infinite Mho Oy, Helsinki, Finland tel. +358-44-5000 600, http://www.infinitemho.fi/ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
