Jump to content
Snowbat

40.78.83.67 - "Using rdns to route to correct Microsoft department" but reports go to the spammer

Recommended Posts

40.74.0.0 - 40.125.127.255 is Microsoft but SpamCop reports 40.78.83.67 directly to the spammer. I've seen similar misreporting for other Microsoft-hosted spammers.

https://www.spamcop.net/sc?id=z6642045732zc34f39654039de5566045cb551a1d653z

Tracking message source: 40.78.83.67:

Routing details for 40.78.83.67
[refresh/show] Cached whois for 40.78.83.67 : abuse@microsoft.com
Using best contacts abuse@microsoft.com
Using rdns to route to correct Microsoft department
host 40.78.83.67 = fim5.lotesecasasparafamilia.com. (cached)
abuse net fim5.lotesecasasparafamilia.com = postmaster@lotesecasasparafamilia.com, postmaster@fim5.lotesecasasparafamilia.com

Share this post


Link to post
Share on other sites

I had a similar one but it seems the rdns redirect is bouncing, so mine went back to hotmail.  It appears the idea behind this might be so SpamCop can sent to the related abuse department.  It appears that SpamCop may have worked directly with the Microsoft abuse department on this part of the code.

Tracking URL: https://www.spamcop.net/sc?id=z6640795915z6babc4f58dd1fd8e9d6265ff6ca18ce3z
 

Quote

Tracking message source: 157.56.9.192:
Routing details for 157.56.9.192
[refresh/show] Cached whois for 157.56.9.192 : abuse@microsoft.com
Using best contacts abuse@microsoft.com
Using rdns to route to correct Microsoft department
host 157.56.9.192 (getting name) no name
failed, using default abuse@hotmail.com
abuse@hotmail.com redirects to report_spam@hotmail.com

 

Share this post


Link to post
Share on other sites

Could be. While reporting some spam to Microsoft myself, if it's hosted on Azure, I get a reply saying they've forwarded it to their CERT team for review and action but if it's a 365/Exchange Online tenant, they tell me to report it to junk@office365.microsoft.com myself. Needless to say, I don't bother. A trillion dollar tech company should be able to forward their own e-mail internally or organize their ARIN WHOIS entries to point to the correct abuse reporting mailboxes.

Edited by Snowbat

Share this post


Link to post
Share on other sites
1 hour ago, Snowbat said:

Could be. While reporting some spam to Microsoft myself, if it's hosted on Azure, I get a reply saying they've forwarded it to their CERT team for review and action but if it's a 365/Exchange Online tenant, they tell me to report it to junk@office365.microsoft.com myself. Needless to say, I don't bother. A trillion dollar tech company should be able to forward their own e-mail internally or organize their ARIN WHOIS entries to point to the correct abuse reporting mailboxes.

Azure are doing the "free" offer spammers love these. Microsoft of knows nor learns nothing, spam from Azure has been flooding the world now for years!
Need to sign up with a valid credit card warning each spam complaint will be charged $100. a reply below took over a month for one.
Please note for reports involving activity from Windows Azure: Windows Azure provides a cloud computing platform in which customers can deploy their own software applications. Customers, not Microsoft, control what applications are uploaded and run in their Windows Azure account. 
 

Share this post


Link to post
Share on other sites
1 hour ago, petzl said:

Need to sign up with a valid credit card warning each spam complaint will be charged $100. a reply below took over a month for one.

As much as I agree with this, I remember a company called "America OnLine" (AOL) who has sent out floppies and later CDs in the 1990s.  You could use their free month, but they required a valid credit card.  I didn't feel like giving it to them, so I never used the free month.  My guess is that maybe why they didn't get the customer base they desired.

I do not have a good replacement scheme for your suggestion and it appears it would stop the spammers.

Share this post


Link to post
Share on other sites
15 minutes ago, gnarlymarley said:

As much as I agree with this, I remember a company called "America OnLine" (AOL) who has sent out floppies and later CDs in the 1990s.  You could use their free month, but they required a valid credit card.  I didn't feel like giving it to them, so I never used the free month.  My guess is that maybe why they didn't get the customer base they desired.

I do not have a good replacement scheme for your suggestion and it appears it would stop the spammers.

In Australia what shut AOL down was competition, more  and more Internet providers.
AOL was a good family provider limited Internet acces to only what they approved.
Now spammers are shutting down student exams by giving bomb threats
https://www.abc.net.au/news/2020-10-27/sydney-schools-evacuated-after-threatening-emails/12819106

Edited by petzl

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×