On Mon, Mar 21, 2022 at 07:35:59AM +0100, Hans-Martin Mosner via mailop wrote:
> Hi folks,
>
> in a trustworthy Received: line of a spam I found the source IP
> 81.70.92.213. Strangely, this IP is pingable, and traceroute finds a
> way, but neither the IP whois nor the BGP looking glass show to whom
> it belongs. Not being really knowledgeable about the global routing
> mechanisms, this somehow looks like a bogon to me.
>
> Did anyone else see IPs in that vicinity and has a better explanation?
The Koli-Lõks OÜ spamtraps have a couple of spams every day from this
range. It's enough to verify that they exist, but this level of messaging
in our low four figures of domain names receiving the stuff is otherwise
utterly insignificant. It's a Tencent cloud range.
$ whois -h whois.cymru.com 81.70.92.213
[Querying whois.cymru.com]
[whois.cymru.com]
AS | IP | AS Name
45090 | 81.70.92.213 | TENCENT-NET-AP Shenzhen Tencent Computer Systems
Company Limited, CN
% [whois.apnic.net]
% Whois data copyright termshttp://www.apnic.net/db/dbcopyright.html
% Information related to '81.68.0.0 - 81.71.255.255'
% Abuse contact for '81.68.0.0 - 81.71.255.255' is 'qcloud_net_d...@tencent.com'
inetnum:81.68.0.0 - 81.71.255.255
netname:TENCENT-CN
descr: Tencent Cloud Computing (Beijing) Co., Ltd
descr: Floor 6, Yinke Building, 38 Haidian St, Haidian District
country:CN
https://en.wikipedia.org/wiki/Tencent
Best regards,
--
Atro Tossavainen, Founder, Partner
Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635)
Tallinn, Estonia
tel. +372-5883-4269, http://www.koliloks.eu/
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
