Jump to content

20.90.82.75 - "Using rdns to route to correct Microsoft department" but reports go to spammer


Recommended Posts

20.33.0.0 - 20.128.255.255 is Microsoft but SpamCop reports 20.90.82.75 directly to the spammer. I've seen similar misreporting for other Microsoft-hosted spammers.
 

 

Tracking message source: 20.90.82.75:

Routing details for 20.90.82.75
[refresh/show] Cached whois for 20.90.82.75 : abuse@microsoft.com
Using best contacts abuse@microsoft.com
Using rdns to route to correct Microsoft department
host 20.90.82.75 = descontosapp108.confiraseusdescontosepontos.com. (cached)
abuse net confiraseusdescontosepontos.com = postmaster@confiraseusdescontosepontos.com

 

If reported today, reports would be sent to:

Re: 20.90.82.75 (Administrator of network where email originates)

postmaster@confiraseusdescontosepontos.com

 

Link to comment
Share on other sites

just want to say that the address it "would" report to is dead (does not exist)

you'd get a bounce.

see: https://www.spamcop.net/sc?track=postmaster%40confiraseusdescontosepontos.com

 
Parsing input: postmaster@confiraseusdescontosepontos.com

Cannot find an MX for confiraseusdescontosepontos.com
Host confiraseusdescontosepontos.com (checking ip) IP not found ; confiraseusdescontosepontos.com discarded as fake.
No mail exchanger. Email to this address would bounce.
Cannot resolve postmaster@confiraseusdescontosepontos.com
No valid email addresses found, sorry!
 
Link to comment
Share on other sites

Some SMTP mailers could try to send it to the A record if no MX.  But then it appears there is no A record either.

C:\>nslookup confiraseusdescontosepontos.com
Server:         192.168.1.1
Address:        192.168.1.1#53

** server can't find confiraseusdescontosepontos.com: NXDOMAIN


C:\>

 

Link to comment
Share on other sites

  • 6 months later...
On 4/23/2021 at 7:25 AM, Snowbat said:

is Microsoft but SpamCop reports 20.90.82.75 directly to the spammer

I suspect the reason for this is Microsoft thinks the cloud issues need to be sent to the company's administrator.  This could be a problem of cloud computing where a large company who wants to deal with their spam from their own employees want to get it directly.  The downside is that smaller companies of say one individual that is the sole sender then also gets the reports.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...