I received a spam today from [43.224.36.113] which is being routed by AS9873 - Lao Telecommunication Co Ltd.
The APNIC WHOIS record for this network indicates that [email protected] is the email address to which such incidents may be reported. In general, network operators do not act on spam reports unless and until they have actually seen the spam message in question, including all of the relevant email headers. This is both prudent and reasonable. Unfortunately, this network, and also many others, have failed to configure their abuse reporting mailboxes in a manner so as to allow the text of spam messages to be accepted via those reporting addresses. The results in such cases are predictable, and are examplified by the bounce message shown here: https://pastebin.com/raw/LX98NhcD I would like to just express my hope that, as part of its ongoing educational efforts, APNIC will work to educate its members regarding this common issue/problem. It is all well and good to have abuse reporting addresses associated with IP blocks and ASNs in the WHOIS records, but if those reporting addresses are improperly configured, then they will have limited usefulness. Regards, rfg P.S. I had to send this message to the apnic-talk list twice because the on my first attempt I included the entire text of the bounce message (which included the original spam message) directly my message to the apnic-talk list, and the anti-spam filters at apnic.net didn't like that. :-( In this instance however the SMTP 5xx rejection message I received was arguably appropriate because the apnic-talk list should not nomally be receiving messages that contain blacklisted URLs. _______________________________________________ apnic-talk mailing list [email protected] https://mailman.apnic.net/mailman/listinfo/apnic-talk
