anyone8

191.241.39.96/29 destination looks wrong

2 posts in this topic

Even after refresh:

Tracking message source: 191.241.39.98:
Routing details for 191.241.39.98
[refresh/show] Cached whois for 191.241.39.98 : tecnet.ce@hotmail.com
Using abuse net on tecnet.ce@hotmail.com
abuse net hotmail.com = abuse@outlook.com, abuse@messaging.microsoft.com, abuse@live.com
Using best contacts abuse@outlook.com abuse@messaging.microsoft.com abuse@live.com
abuse@live.com bounces (347 sent : 174 bounces)
Using abuse#live.com@devnull.spamcop.net for statistical tracking.

and

Report spam to:
Re: 191.241.39.98 (Administrator of network where email originates)
 To: abuse#live.com@devnull.spamcop.net (Notes)
 To: abuse@messaging.microsoft.com (Notes)
 To: abuse@outlook.com (Notes)

Tracking URL:

https://www.spamcop.net/sc?id=z6380314779zc01b81eef2d5f7bbd0e47780055306fez

Whois (on source IP shown above) shows 

abuse-c:     FCHSO2

When I found a whois that would track this down (http://www.geektools.com/whois.php):

nic-hdl-br: FCHSO2
person: francisco crystian horta de souza
e-mail: tecnet.ce@hotmail.com
country: BR
created: 20131104
changed: 20131104

% Security and mail abuse issues should also be addressed to
% cert.br, http://www.cert.br/ , respectivelly to cert@cert.br
% and mail-abuse@cert.br

Although I'm not sure any of those addresses are the greatest place to send spam reports to, I don't see the connection to live.com/microsoft.com/outlook.com.

Share this post


Link to post
Share on other sites

The excellent IPNetinfo from Nirsoft confirms that there is no abuse address registered for 191.241.39.98, but also agrees that,

"Security and mail abuse issues should also be addressed to
 cert.br, http://www.cert.br/ , respectivelly to cert@cert.br
 and mail-abuse@cert.br"

I could find no suggestion that Microsoft's mail service was relevant.

If cert.br don't want to be bothered with basic spam reports perhaps they should either remove their details from the LACNIC record or else lean on the Brazilian registrar to ensure fully compliant domain registration. If cert.br receive enough of these reports maybe they'll be spurred into action...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now