[mailop] Another 'Verified Email' service on AWS EC2

Tue, 18 Jun 2024 10:24:08 -0700

Jun 18 09:58:03 be msd[1959712]: CONN: 34.229.185.73 -> 25 GeoIP = [US] PTR = ec2-34-229-185-73.compute-1.amazonaws.com OS = Linux 2.2.x-3.x 
Jun 18 09:58:04 be msd[1959712]: HELO command received, args: [127.0.0.1]
Jun 18 09:58:04 be msd[1959712]: RSET command received, args:
Jun 18 09:58:04 be msd[1959712]: MAIL command received, args: FROM:<verify-no-re...@thrust.io> 

* No custom PTR record
* HELO is obviously bad..


Love the link on their website, trusted by professionals at Amazon, 
Cisco, Adobe..



Fortunately our spam auditing team's DRE (Dynamic Rule Engine) and DFS 
(Distributed Feedback Systems) find these IPs, so they can be shared 
with the community at large.. Of course, our systems don't actually let 
those systems do any email scraping or verification ..


Just another trend on Amazon's EC2 that is getting really old really fast.

....


On another note, not putting up a full state of the union this week, but 
of course Google/o365 fake procurement is still high on the lists..



Digital Ocean IP Space continues to see more types of attacks, from 
spammers, phishing, #BEC attacks, WordPress attacks etc.. The line to 
'Bullet Proof' hoster is getting very blurry, and our threat teams are 
getting more aggressive.



If you have no customers using Digital Ocean, we strongly recommend 
blocking all authentications from their IP space..



For the record, stay tuned.. our teams are looking to make more of our 
threat data publicly available.. to the general public. Stay tuned.



--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Reg. TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop






















					Reply via email to