Jump to content

leaseweb spam


RobiBue

Recommended Posts

for a while now I have been getting some spam from one or more leaseweb customers ([209.58.179.227], [209.58.179.237], and [209.58.179.238].)

unfortunately, there are (at least) two problems here:

  1. the IP addresses involved are listed with ARIN pointing to " search-apnic-not-arin@apnic.net " and I simply do not understand why SpamCop cannot understand the transfer mechanism and search for the abuse address within APNIC.
  2. even if it would look up APNIC, leaseweb would probably end up being /dev/nulled... (see [5.79.74.138] )

anyway, manually reporting (with my anti-spammer email address) I have, after about 5 spams and 6 back and forth messaging their abuse desk (in Singapore -- I believe), managed the following

Quote

Dear Sir/Madam,

Your abuse notification has been processed and marked as resolved by the Abuse Prevention department, after interrupting the customer services due to non compliance. LeaseWeb therefore considers this issue as concluded. Please note, once the customer informs us that he is willing to resolve the issue, the services will be restored in order for the customer to report a resolution.

Please keep in mind the nature of the services LeaseWeb provides. LeaseWeb rents servers with an internet connection to customers and resellers. LeaseWeb does not provide the web software, nor does it configure, host or maintain the websites of its customers or of their customer’s customer. LeaseWeb therefore has no dealings with the content on the servers, nor can it remove, add or change that content. The only person who will be able to do this will be the operator of the website.

Any illicit activities within a particular LeaseWeb company’s network shall be dealt with solely based on received notifications for such separate LeaseWeb company.

It is important to note that LeaseWeb is the brand name under which various independent and distinct LeaseWeb companies operate. Each of those companies is a separate and distinct corporate entity that provides services in a particular geographic area. Consequently, each separate LeaseWeb company is actually and legally not able to monitor the data its customers store on or communicate through any other LeaseWeb company’s network.

Notifications therefore must be made to the correct LeaseWeb entity. In case of new information on the facts your notification has been based on, please submit a new notification via the available abuse routes, which are found at: www.leaseweb.com/abuse-prevention

Thank you for your notification and your co-operation with us.
 

🤩

Link to comment
Share on other sites

If you have an abuse address for these IPs why not report then in "Routing / Report Address Issues" which you have done with other IPs?

The non-response response you received could well be why spam reports are /dev/nulled

Link to comment
Share on other sites

On 12/12/2018 at 1:19 PM, Lking said:

If you have an abuse address for these IPs why not report then in "Routing / Report Address Issues" which you have done with other IPs?

on 12/01/2018:

http://forum.spamcop.net/topic/31073-abuse-contact-for-209581840-20958191255

and

http://forum.spamcop.net/topic/31072-abuse-contact-for-209581760-20958183255

On 12/12/2018 at 1:19 PM, Lking said:

The non-response response you received could well be why spam reports are /dev/nulled

https://www.spamcop.net/sc?id=z6505161826z64add7cea35b443dd4f168a08a7582b8z

Quote
Tracking details

Display data:
"whois 209.58.179.237@whois.arin.net" (Getting contact from whois.arin.net )
Found AbuseEmail in whois search-apnic-not-arin@apnic.net
209.58.176.0 - 209.58.191.255:search-apnic-not-arin@apnic.net
Routing details for 209.58.179.237
I refuse to bother search-apnic-not-arin@apnic.net.

 

Using search-apnic-not-arin#apnic.net@devnull.spamcop.net for statistical tracking.

Using last resort contacts search-apnic-not-arin#apnic.net@devnull.spamcop.net

even refreshing seems not to work.

As I said, I wish SC would be able to get the abuse address from the correct registry...

which in this case is APNIC, not ARIN...

Link to comment
Share on other sites

On 12/13/2018 at 10:36 PM, RobiBue said:

even refreshing seems not to work.

As I said, I wish SC would be able to get the abuse address from the correct registry...

which in this case is APNIC, not ARIN...

I heard from the deputies, that there might be a fix in the works for this.  Hopefully it will solve the issues.

Link to comment
Share on other sites

  • 5 weeks later...
On 12/13/2018 at 10:36 PM, RobiBue said:

https://www.spamcop.net/sc?id=z6505161826z64add7cea35b443dd4f168a08a7582b8z

RobiBue, I just tried your tracking URL and it seems to be pointing properly to a leaseweb abuse address.  I think the 5.0 upgrade may have solved this issue.

Link to comment
Share on other sites

12 hours ago, gnarlymarley said:

RobiBue, I just tried your tracking URL and it seems to be pointing properly to a leaseweb abuse address.  I think the 5.0 upgrade may have solved this issue.

Thanks for checking, alas, the reason for the "correct" reporting address is:

https://www.spamcop.net/sc?action=showroute;ip=209.58.179.237;typecodes=16

1/15/2019, 3:16:28 PM -0600
[Note added by x-x-x]
Route added without comment

not the new SC version :(

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...