On 2020-07-21 9:15 a.m., Bill Cole via mailop wrote:
On 19 Jul 2020, at 22:38, Chris via mailop wrote:
It is particularly bizarre that it infests one ISP like this. I'm
wondering if someone managed to force the infection to do IP
reallocations frequently to IP-hop. Cutwail normally has thous
On 19 Jul 2020, at 22:38, Chris via mailop wrote:
It is particularly bizarre that it infests one ISP like this. I'm
wondering if someone managed to force the infection to do IP
reallocations frequently to IP-hop. Cutwail normally has thousands of
infected IPs per campaign spread across ISPs.
I can confirm that this is cutwail. I'm showing 100% agreement in spot
checking of your list of IPs.
This particular cutwail variant, unlike the others, has been percolating
at low volumes for a long time. The other more sophisticated versions
have all pretty much gone away.
It is particul
While most of these are probably already stopped, via various RBL's and
rulesets common to most spam protection, it is worth posting..
Seeing the infection spike again, but strangely all from Chinese IP Ranges.
Note, for the one provider, it is especially a bad overnight jump.
*.adsl-pool.jlcc