A geopolitical milestone of sorts

[rconner]

I'm not sure whether they've yet figured out how to keep the electric grid running all day, but apparently there is enough of a window for me to have gotten my first known spam coming from Iraq (although the WHOIS data lists the contact as being in Berlin, and they've included no e-mail address to which SpamCop could report).

(tracking link)

-- rick

[Geek]

Hehehehe, I banned every Iraq IP I could a couple years ago... I had been getting tonnes

Cheers!

[Farelf]

Hmm ... if asked nicely (Queried whois.ripe.net with "-B 95.159.68.15"...)

inetnum: 95.159.64.0 - 95.159.95.255

...

person: Kiyam Kadir

...

changed: kiyam[at]gorannet.net 20090408

Not exactly begging for contact and (of course) nothing registered with abuse.net, also gorannet.net runs a catch-all on e-mail addresses so there's no telling whether current and actually read.

Looks like this /19 is reasonably well-known to SC (composite list):

Other hosts in this "neighborhood" with spam reports

95.159.64.206 95.159.68.10 95.159.68.15 95.159.68.18 95.159.68.32 95.159.68.37 95.159.68.42 95.159.68.72 95.159.68.73 95.159.68.82 95.159.68.92 95.159.68.114 95.159.68.135 95.159.68.151 95.159.68.173 95.159.68.192 95.159.70.76 95.159.70.107 95.159.71.18 95.159.71.19 95.159.71.29 95.159.71.33 95.159.71.38 95.159.71.46 95.159.71.51 95.159.71.62 95.159.71.73 95.159.71.95 95.159.71.97 95.159.71.100 95.159.71.103 95.159.71.104 95.159.71.113 95.159.71.116 95.159.71.119 95.159.71.140 95.159.71.141 95.159.71.144 95.159.71.165 95.159.71.171 95.159.71.172 95.159.71.178 95.159.71.191 95.159.71.199 95.159.71.219 95.159.71.238 95.159.71.246 95.159.72.85 95.159.72.150 95.159.72.199 95.159.72.220 95.159.73.39 95.159.73.98 95.159.73.156 95.159.73.169 95.159.73.172 95.159.73.186 95.159.73.196 95.159.73.206 95.159.74.179 95.159.74.198 95.159.75.179 95.159.76.4 95.159.76.44 95.159.76.78 95.159.76.82 95.159.76.86 95.159.76.94 95.159.76.106 95.159.76.108 95.159.76.137 95.159.76.157 95.159.76.170 95.159.76.185 95.159.76.191 95.159.76.202 95.159.76.244 95.159.77.1 95.159.77.3 95.159.77.6 95.159.77.15 95.159.78.40 95.159.77.42 95.159.77.45 95.159.77.53 95.159.77.63 95.159.77.66 95.159.77.69 95.159.77.83 95.159.77.86 95.159.77.100 95.159.77.102 95.159.77.109 95.159.77.112 95.159.77.143 95.159.77.154 95.159.77.158 95.159.77.201 95.159.77.202 95.159.77.204 95.159.77.240 95.159.78.22 95.159.78.204 95.159.79.83 95.159.79.128 95.159.79.176 95.159.80.20 95.159.80.27 95.159.80.28 95.159.80.37 95.159.80.38 95.159.80.39 95.159.80.50 95.159.80.59 95.159.80.77 95.159.80.81 95.159.80.154 95.159.80.165 95.159.80.177 95.159.80.187 95.159.80.205 95.159.80.211 95.159.81.30 95.159.81.43 95.159.81.49 95.159.81.85 95.159.81.90 95.159.81.103 95.159.81.122 95.159.81.125 95.159.81.128 95.159.81.152 95.159.81.176 95.159.81.188 95.159.81.200 95.159.81.234 95.159.82.48 95.159.82.82 95.159.82.113 95.159.82.132 95.159.82.143 95.159.82.147 95.159.82.158 95.159.82.172 95.159.82.176 95.159.82.190 95.159.82.212 95.159.82.231 95.159.82.243 95.159.83.6 95.159.83.17 95.159.83.46 95.159.83.48 95.159.83.61 95.159.83.66 95.159.83.67 95.159.83.109 95.159.83.146 95.159.83.150 95.159.83.186 95.159.83.213 95.159.83.214 95.159.84.2 95.159.88.195 95.159.89.0 95.159.89.10 95.159.89.21 95.159.89.29 95.159.89.33 95.159.89.88 95.159.89.95 95.159.89.107 95.159.89.114 95.159.89.133 95.159.89.134 95.159.89.144 95.159.89.149 95.159.89.152 95.159.89.184 95.159.89.219 95.159.89.221 95.159.89.244 95.159.90.8 95.159.90.24 95.159.90.30 95.159.90.74 95.159.90.77 95.159.90.90 95.159.90.93 95.159.90.113 95.159.90.115 95.159.90.125 95.159.90.163 95.159.90.192 95.159.90.205 95.159.90.230 95.159.90.245 95.159.90.252 95.159.91.2 95.159.91.13 95.159.91.21 95.159.91.40 95.159.91.67 95.159.91.68 95.159.91.80 95.159.91.82 95.159.91.83 95.159.91.93 95.159.91.132 95.159.91.138 95.159.91.164 95.159.91.175 95.159.91.188 95.159.91.195 95.159.91.221 95.159.91.245 95.159.91.247 95.159.91.249 95.159.92.3 95.159.92.14 95.159.92.28 95.159.92.54 95.159.92.70 95.159.92.75 95.159.92.78 95.159.92.120 95.159.92.187 95.159.92.193 95.159.92.201 95.159.92.217 95.159.92.248 95.159.93.41 95.159.93.66 95.159.93.104 95.159.93.141 95.159.93.147 95.159.93.193 95.159.93.223 95.159.94.44 95.159.94.55 95.159.94.65 95.159.94.97 95.159.94.114 95.159.94.117 95.159.94.119 95.159.94.165 95.159.94.173 95.159.94.200 95.159.94.204 95.159.94.225 95.159.94.236 95.159.94.240 95.159.94.243 95.159.94.252 95.159.95.36 95.159.95.38 95.159.95.69 95.159.95.87 95.159.95.136 95.159.95.145 95.159.95.146 95.159.95.163 95.159.95.195 95.159.95.215 95.159.95.227

So far as I can see SCbl entries always coincide with CBL entries which say something like

IP Address 95.159.95.159 is listed in the CBL. It appears to be infected with a spam sending trojan or proxy.

It was last detected at 2011-01-09 03:00 GMT (+/- 30 minutes), approximately 4 days, 29 minutes ago.

If this IP address is NOT a shared hosting IP address, this IP address is infected with/emitting spamware/spamtrojan traffic and needs to be fixed. Find and remove the virus/spamware problem then use the CBL delisting link below. ...

. Since SC spamtrap hits are also seen then presumably these really are zombies sending to spam lists. Then there's Geek's experience which seems to endorse that likelihood.

I wonder if SC might like to try the Kiyam Kadir address? Maybe not, can't think that gorannet.net is unaware of continual widespread CBL listings and very frequent SC listings.