RobiBue Posted December 12, 2018 Share Posted December 12, 2018 for a while now I have been getting some spam from one or more leaseweb customers ([209.58.179.227], [209.58.179.237], and [209.58.179.238].) unfortunately, there are (at least) two problems here: the IP addresses involved are listed with ARIN pointing to " search-apnic-not-arin@apnic.net " and I simply do not understand why SpamCop cannot understand the transfer mechanism and search for the abuse address within APNIC. even if it would look up APNIC, leaseweb would probably end up being /dev/nulled... (see [5.79.74.138] ) anyway, manually reporting (with my anti-spammer email address) I have, after about 5 spams and 6 back and forth messaging their abuse desk (in Singapore -- I believe), managed the following Quote Dear Sir/Madam, Your abuse notification has been processed and marked as resolved by the Abuse Prevention department, after interrupting the customer services due to non compliance. LeaseWeb therefore considers this issue as concluded. Please note, once the customer informs us that he is willing to resolve the issue, the services will be restored in order for the customer to report a resolution. Please keep in mind the nature of the services LeaseWeb provides. LeaseWeb rents servers with an internet connection to customers and resellers. LeaseWeb does not provide the web software, nor does it configure, host or maintain the websites of its customers or of their customer’s customer. LeaseWeb therefore has no dealings with the content on the servers, nor can it remove, add or change that content. The only person who will be able to do this will be the operator of the website. Any illicit activities within a particular LeaseWeb company’s network shall be dealt with solely based on received notifications for such separate LeaseWeb company. It is important to note that LeaseWeb is the brand name under which various independent and distinct LeaseWeb companies operate. Each of those companies is a separate and distinct corporate entity that provides services in a particular geographic area. Consequently, each separate LeaseWeb company is actually and legally not able to monitor the data its customers store on or communicate through any other LeaseWeb company’s network. Notifications therefore must be made to the correct LeaseWeb entity. In case of new information on the facts your notification has been based on, please submit a new notification via the available abuse routes, which are found at: www.leaseweb.com/abuse-prevention Thank you for your notification and your co-operation with us. 🤩 Link to comment Share on other sites More sharing options...
Lking Posted December 12, 2018 Share Posted December 12, 2018 If you have an abuse address for these IPs why not report then in "Routing / Report Address Issues" which you have done with other IPs? The non-response response you received could well be why spam reports are /dev/nulled Link to comment Share on other sites More sharing options...
RobiBue Posted December 14, 2018 Author Share Posted December 14, 2018 On 12/12/2018 at 1:19 PM, Lking said: If you have an abuse address for these IPs why not report then in "Routing / Report Address Issues" which you have done with other IPs? on 12/01/2018: http://forum.spamcop.net/topic/31073-abuse-contact-for-209581840-20958191255 and http://forum.spamcop.net/topic/31072-abuse-contact-for-209581760-20958183255 On 12/12/2018 at 1:19 PM, Lking said: The non-response response you received could well be why spam reports are /dev/nulled https://www.spamcop.net/sc?id=z6505161826z64add7cea35b443dd4f168a08a7582b8z Quote Tracking details Display data: "whois 209.58.179.237@whois.arin.net" (Getting contact from whois.arin.net ) Found AbuseEmail in whois search-apnic-not-arin@apnic.net 209.58.176.0 - 209.58.191.255:search-apnic-not-arin@apnic.netRouting details for 209.58.179.237 I refuse to bother search-apnic-not-arin@apnic.net. Using search-apnic-not-arin#apnic.net@devnull.spamcop.net for statistical tracking. Using last resort contacts search-apnic-not-arin#apnic.net@devnull.spamcop.net even refreshing seems not to work. As I said, I wish SC would be able to get the abuse address from the correct registry... which in this case is APNIC, not ARIN... Link to comment Share on other sites More sharing options...
gnarlymarley Posted December 14, 2018 Share Posted December 14, 2018 On 12/13/2018 at 10:36 PM, RobiBue said: even refreshing seems not to work. As I said, I wish SC would be able to get the abuse address from the correct registry... which in this case is APNIC, not ARIN... I heard from the deputies, that there might be a fix in the works for this. Hopefully it will solve the issues. Link to comment Share on other sites More sharing options...
RobiBue Posted December 17, 2018 Author Share Posted December 17, 2018 On 12/14/2018 at 5:21 PM, gnarlymarley said: I heard from the deputies, that there might be a fix in for this. Hopefully it will solve the issues. <sfx mode="whisper, crowd"> YAY!!! </sfx> Link to comment Share on other sites More sharing options...
gnarlymarley Posted January 16, 2019 Share Posted January 16, 2019 On 12/13/2018 at 10:36 PM, RobiBue said: https://www.spamcop.net/sc?id=z6505161826z64add7cea35b443dd4f168a08a7582b8z RobiBue, I just tried your tracking URL and it seems to be pointing properly to a leaseweb abuse address. I think the 5.0 upgrade may have solved this issue. Link to comment Share on other sites More sharing options...
RobiBue Posted January 16, 2019 Author Share Posted January 16, 2019 12 hours ago, gnarlymarley said: RobiBue, I just tried your tracking URL and it seems to be pointing properly to a leaseweb abuse address. I think the 5.0 upgrade may have solved this issue. Thanks for checking, alas, the reason for the "correct" reporting address is: https://www.spamcop.net/sc?action=showroute;ip=209.58.179.237;typecodes=16 1/15/2019, 3:16:28 PM -0600 [Note added by x-x-x] Route added without comment not the new SC version Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.