Re: [mailop] Intuit directly spaming

Dňa 5. marca 2023 23:52:22 UTC používateľ Michael Rathbun via mailop napísal: >On Sun, 05 Mar 2023 21:48:46 +, Slavko via mailop >wrote: >>mdr@LUSZ ~ $ host whois.pwhois.org >>whois.pwhois.org is an alias for global.pwhois.org. >>global.pwhois.org has address 208.74.248.120

Re: [mailop] Intuit directly spaming

On Sun, 05 Mar 2023 21:48:46 +, Slavko via mailop wrote: >This looks very nice, i installed and tried it, but i got no output, >after quick check it uses by default whois.pwhois.org, which >returns NXDOMAIN. Please, which whois server are you using? I appear to be using the default. From

Re: [mailop] Intuit directly spaming

Dňa 5. marca 2023 21:12:22 UTC používateľ Michael Rathbun via mailop napísal: >Then there's stuff like > >>mdr@LUSZ ~ $ whob 167.89.99.112 >>IP: 167.89.99.112 >>Origin-AS: 11377 >>Prefix: 167.89.96.0/20 This looks very nice, i installed and tried it, but i got no output, after quick check it

Re: [mailop] Intuit directly spaming

On Sat, 04 Mar 2023 22:58:23 +, MRob via mailop wrote: >Thanks you Atro, is there popular tool for to do that in real time? This works for me: >mdr@LUSZ ~ $ whois AS11377 >% IANA WHOIS server >% for more information on IANA, visit http://www.iana.org >% This query returned 1 object >

Re: [mailop] Intuit directly spaming

John Levine via mailop skrev den 2023-03-05 03:22: $ host -t txt 1.1.89.167.asn.routeviews.org 1.1.89.167.asn.routeviews.org descriptive text "11377" "167.89.0.0" "18" or free as in free, with ip2location sqlitedb created with a single php code loader, then anorher php to find results for

Re: [mailop] Intuit directly spaming

On 2023-03-04 22:58:23 +, MRob via mailop wrote: Thanks you Atro, is there popular tool for to do that in real time? There's also https://bgp.tools/, made by a friend and former colleague. -- Alex ___ mailop mailing list mailop@mailop.org

Re: [mailop] Intuit directly spaming

It appears that MRob via mailop said: >On 2023-02-27 23:53, Atro Tossavainen via mailop wrote: >>> > harder to give due suspision on sendgrid because they give full >> >> It's actually kind of easy. >> >> Is the IP announced by AS11377? >> >> Yes? -> SendGrid. > >Thanks you Atro, is there

Re: [mailop] Intuit directly spaming

I'm not sure if they have an API, but I've used Hurricane Electric's BGP toolkit   to look up AS' frequently. If you want API integration, BGPview is quite useful. On 3/4/2023 4:58 PM, MRob via mailop

Re: [mailop] Intuit directly spaming

On 2023-02-27 23:53, Atro Tossavainen via mailop wrote: > harder to give due suspision on sendgrid because they give full It's actually kind of easy. Is the IP announced by AS11377? Yes? -> SendGrid. Thanks you Atro, is there popular tool for to do that in real time?

Re: [mailop] Intuit directly spaming

> > harder to give due suspision on sendgrid because they give full It's actually kind of easy. Is the IP announced by AS11377? Yes? -> SendGrid. -- Atro Tossavainen, Founder, Partner Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635) Tallinn, Estonia tel. +372-5883-4269,

Re: [mailop] Intuit directly spaming

> Interesting to me Atro said this is sendgrid. I saw sendgrid format > sender address but headers do no show any sendgrid. So now its > harder to give due suspision on sendgrid because they give full > infrastructure to rent for other domain like intuit? Yes. Full headers (munged of course) and

Re: [mailop] Intuit directly spaming

On Mon, Feb 27, 2023 at 08:05:31PM +0100, Faisal Misle via mailop wrote: > I wonder if its the similar MO as PayPal, where they use Quickbooks accounts > to send fake invoices... so it uses the legitimate QB stream Right on the money, that is exactly what it is. -- Atro Tossavainen, Founder,

Re: [mailop] Intuit directly spaming

The examples I have received are indeed doing that, using a real QB account to send invoices with fraudulent payloads. -Original Message- From: mailop On Behalf Of Faisal Misle via mailop Sent: Monday, February 27, 2023 2:06 PM To: mailop List Subject: Re: [mailop] Intuit directly