Jump to content

A geopolitical milestone of sorts


Recommended Posts

I'm not sure whether they've yet figured out how to keep the electric grid running all day, but apparently there is enough of a window for me to have gotten my first known spam coming from Iraq (although the WHOIS data lists the contact as being in Berlin, and they've included no e-mail address to which SpamCop could report).

(tracking link)

-- rick

Link to comment
Share on other sites

Hmm ... if asked nicely (Queried whois.ripe.net with "-B"...)

inetnum: -


person: Kiyam Kadir


changed: kiyam[at]gorannet.net 20090408

Not exactly begging for contact and (of course) nothing registered with abuse.net, also gorannet.net runs a catch-all on e-mail addresses so there's no telling whether current and actually read.

Looks like this /19 is reasonably well-known to SC (composite list):

Other hosts in this "neighborhood" with spam reports

So far as I can see SCbl entries always coincide with CBL entries which say something like

IP Address is listed in the CBL. It appears to be infected with a spam sending trojan or proxy.

It was last detected at 2011-01-09 03:00 GMT (+/- 30 minutes), approximately 4 days, 29 minutes ago.

If this IP address is NOT a shared hosting IP address, this IP address is infected with/emitting spamware/spamtrojan traffic and needs to be fixed. Find and remove the virus/spamware problem then use the CBL delisting link below. ...

. Since SC spamtrap hits are also seen then presumably these really are zombies sending to spam lists. Then there's Geek's experience which seems to endorse that likelihood.

I wonder if SC might like to try the Kiyam Kadir address? Maybe not, can't think that gorannet.net is unaware of continual widespread CBL listings and very frequent SC listings.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...