According to Talos it could be safe to block the whole /19 as I can't
see other senders that could be involved:
https://www.talosintelligence.com/reputation_center/lookup?search=63.250.0.0%2F19
Thousands of IPs in the block follow the same naming patterns...
According to Arin:
https://whois.arin.n
https://ipinfo.io/AS27229/63.250.0.0/19
Bob
-Original Message-
From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Al Iverson
Sent: Friday, March 9, 2018 8:47 AM
To: mailop
Subject: Re: [mailop] Hat color of list washers / validators
Wow, those IPs have really poor reputations
Wow, those IPs have really poor reputations. I'm curious to know who
this is if you end up figuring it out.
Smells like an email validation service. Very disappointing that the
domains vary and are ownership info is hidden from public view.
I've had one such vendor tell me that they don't care if
Speaking of..
Does anyone know this actor?
Is this a list washing service..
Lot's of 'invalid users' however, large amounts of email at once to
those invalid users.. Fairly big IP Space..
63.250.8.14 1 william1.expedite.scanprofile.net
63.250.8.19
On 8 March 2018 at 16:14, Laura Atkins wrote:
> On Mar 8, 2018, at 1:18 AM, Stefano Bagnara wrote:
>> PS: that trendmicro article is a bit the opposit of Laura answer I got
>> yesterday about "dealing with it offline because making it public is
>> not the way to fix the issue" ;-) I liked that ar
On Thu, Mar 8, 2018 at 10:51 AM, John Levine wrote:
> COI is a useful tool but it is not a magic bullet. People abandon
> their mailboxes and even though it doesn't bounce and nobody
> complains, nobody's reading it either. Also, companies change.
My favorite story about that is back when I wa
In article ,
Stefano Bagnara wrote:
>> No. Never. If you do that then the address is tainted and you
>> *cannot* legitimately use information as it as evidence that mail
>> sent to it was unwanted.
>
>This is not the place, but I strongly disagree (but is something very
>subjective, I admit).
>
>
> On Mar 7, 2018, at 5:42 PM, Michael Wise via mailop wrote:
>
>
> Certainly not with all spam traps, but if someone is reviewing the data, and
> trying to decide what to do with a sample, an "Open" message might get sent
> in error.
I have this weird feeling that some of the “opens are per
> On Mar 8, 2018, at 1:18 AM, Stefano Bagnara wrote:
>
>
> PS: that trendmicro article is a bit the opposit of Laura answer I got
> yesterday about "dealing with it offline because making it public is
> not the way to fix the issue" ;-) I liked that article in 2011.
I don’t believe I ever said
On 8 March 2018 at 02:43, Steve Atkins wrote:
>> On Mar 7, 2018, at 4:38 PM, Stefano Bagnara wrote:
>> Let's take into consideration that spamtrap network have to do their
>> homework to avoid being identified easily, so if they never do
>> opens/clicks they already put a big flash on them. So I
/www.microsoft.com/en-us/download/details.aspx?id=18275> ?
-Original Message-
From: mailop On Behalf Of Stefano Bagnara
Sent: Wednesday, March 7, 2018 4:39 PM
To: Aaron C. de Bruyn via mailop
Subject: Re: [mailop] Hat color of list washers / validators
On 8 March 20
> On Mar 7, 2018, at 4:38 PM, Stefano Bagnara wrote:
>
> Let's take into consideration that spamtrap network have to do their
> homework to avoid being identified easily, so if they never do
> opens/clicks they already put a big flash on them. So I think it is OK
> for a spamtrap to open/click o
> On Mar 7, 2018, at 4:38 PM, Stefano Bagnara wrote:
>
> On 8 March 2018 at 01:02, Laura Atkins wrote:
>> [...]
>> Sure, we agree. But there are folks who don’t agree with us. Some of those
>> folks run spamtrap networks that feel blocklist data. I think it’s important
>> to acknowledge that. A
On 8 March 2018 at 01:02, Laura Atkins wrote:
> [...]
> Sure, we agree. But there are folks who don’t agree with us. Some of those
> folks run spamtrap networks that feel blocklist data. I think it’s important
> to acknowledge that. At one point you could do COI and still get on a
> blocklist beca
> On Mar 7, 2018, at 3:40 PM, Stefano Bagnara wrote:
>
> On 8 March 2018 at 00:08, Laura Atkins wrote:
>> [...]
>> I don’t either, but I am not fighting language with folks.
>
> I'm sorry Laura. My mother language is not english and your "tone" is
> unexpected to me, so I probably used wrong t
On 8 March 2018 at 00:08, Laura Atkins wrote:
> [...]
> I don’t either, but I am not fighting language with folks.
I'm sorry Laura. My mother language is not english and your "tone" is
unexpected to me, so I probably used wrong translations for my
questions.
No need to fight anything.. I'm just d
On 3/7/2018 4:12 AM, Stefano Bagnara wrote:
On 2 March 2018 at 21:45, John Johnstone
wrote:
One concern with respect to hat color I was thinking about was if there
is a significant security threat from spear-phishing that is facilitated
by the validating / guessing. From what has been menti
In article <760493287b1f4d1888261519139f3...@infusionsoft.com> you write:
>In the worst examples I've seen, the domain went from a legitimate mail server
>to a trap network in the same day, with no time for bounces in between.
It's hard to believe any BL that anyone actually uses would do that.
> On Mar 7, 2018, at 2:19 PM, Stefano Bagnara wrote:
>
> On 7 March 2018 at 22:52, Laura Atkins wrote:
>
>> In other
>> cases, some compliance folks will data mine to find spamtrap domains when a
>> blacklist is telling them that they are listed due to spamtrap hits. I’m
>> pretty sure I’m not
On 7 March 2018 at 22:52, Laura Atkins wrote:
> There are companies that have commercialized spamtraps and at least 2 of the
> delivery monitoring companies will tell you when you’ve hit a trap.
Sure I know.. that's why I'm asking what is the network.
If someone sells spamtrap hits data and the s
> On Mar 7, 2018, at 12:12 PM, Stefano Bagnara wrote:
>
> On 7 March 2018 at 20:25, David Carriger
> wrote:
>> In the worst examples I've seen, the domain went from a legitimate mail
>> server to a trap network in the same day, with no time for bounces in
>> between.
>
> Are you 100% sure? Whi
Original Message-
From: mailop On Behalf Of Stefano Bagnara
Sent: Wednesday, March 7, 2018 12:12 PM
To: Aaron C. de Bruyn via mailop
Subject: Re: [mailop] Hat color of list washers / validators
On 7 March 2018 at 20:25, David Carriger
mailto:david.carri...@infusionsoft.com>> wrote:
&
On 7 March 2018 at 20:25, David Carriger
wrote:
> In the worst examples I've seen, the domain went from a legitimate mail
> server to a trap network in the same day, with no time for bounces in
> between.
Are you 100% sure? Which trap network? How did you find it was a trap?
Can you share anythin
"
> Got the Junk Mail Reporting Tool ?
>
> From: mailop On Behalf Of David Carriger
> Sent: Wednesday, March 7, 2018 11:26 AM
> To: Brett Schenker ; Aaron C. de Bruyn via mailop
>
> Subject: Re: [mailop] Hat color of list washers / validators
>
> I'm a
found out and called out on their behaviour. And it's really rather
rare that it happens with reputation providers who are widely relevant to
delivery decisions.
Cheers,
Steve
> From: mailop on behalf of Brett Schenker
>
> Sent: Wednesday, March 7, 2018 11:41:55 AM
> To:
n-us/download/details.aspx?id=18275> ?
From: mailop On Behalf Of David Carriger
Sent: Wednesday, March 7, 2018 11:26 AM
To: Brett Schenker ; Aaron C. de Bruyn via mailop
Subject: Re: [mailop] Hat color of list washers / validators
I'm a bit late to the discussion, but I've see
a good marketer who
is sending to confirmed, engaged addresses that have converted into traps
overnight?
From: mailop on behalf of Brett Schenker
Sent: Wednesday, March 7, 2018 11:41:55 AM
To: Aaron C. de Bruyn via mailop
Subject: Re: [mailop] Hat color of list
Reporting
Tool<http://www.microsoft.com/en-us/download/details.aspx?id=18275> ?
From: mailop On Behalf Of Brett Schenker
Sent: Wednesday, March 7, 2018 10:42 AM
To: Aaron C. de Bruyn via mailop
Subject: Re: [mailop] Hat color of list washers / validators
I work in the nonprofit/political s
I work in the nonprofit/political space and while I can see uses to make
sure offline email list building (think people on a corner asking you to
sign up/sign a petition) has had the addresses typed in correctly, list
washing/validating is unfortunately being used by more orgs and campaigns
as a wa
>
>> Also, if I'm not mistaking, list-validation services are mainly targeting
>> online businesses, so even if the there might be legit cases, I doubt the
>> biggest part of their revenues is.
>
> I'm not really familiar with their revenue model but I do know that for
> some of them, spammers an
On Wed, 2018-03-07 at 12:31 +, Benjamin BILLON wrote:
> Good point.
> However, things change, and this norm should evolve with the involved
> technologies; also, maybe this data quality process, if abusing third-
> parties resources (like RCPT TO: for nothing), is not an acceptable
> process.
On 7 March 2018 at 13:20, Ken O'Driscoll via mailop wrote:
> There are some industries where offline data acquisition is the norm and
> validation is seen as part of the data quality process.
"norm" is not so good as a "valid" reason:
- what's the point of *validation* for these industries?
- wha
the there might be legit cases, I doubt the
biggest part of their revenues is.
--
Benjamin Billon
-Original Message-
From: mailop [mailto:mailop-boun...@mailop.org] On Behalf Of Ken O'Driscoll via
mailop
Sent: Wednesday, 7 March, 2018 20:20
To: mailop@mailop.org
Subject: Re: [mailo
On Wed, 2018-03-07 at 11:21 +, Benjamin BILLON wrote:
> To me the list-validators are dark grey hats. Their real-time service can
> be legit. The rest, I don't see how.
There are some industries where offline data acquisition is the norm and
validation is seen as part of the data quality proce
op-boun...@mailop.org] On Behalf Of Stefano Bagnara
Sent: Wednesday, 7 March, 2018 17:13
To: mailop
Subject: Re: [mailop] Hat color of list washers / validators
On 2 March 2018 at 21:45, John Johnstone
wrote:
> [...]
> It seems somebody gave some fairly purposeful thought into coming up
>
On 2 March 2018 at 21:45, John Johnstone
wrote:
> [...]
> It seems somebody gave some fairly purposeful thought into coming up with
> the algorithms to generate these. I'm curious to know what peoples thinking
> is as to the hat color of these attempts. Particularly if there are any
> opinions o
> On Mar 2, 2018, at 12:45 PM, John Johnstone
> wrote:
>
> The list washers / validators must be doing a brisk business today. Many use
> Amazon hosting in what seems to be an attempt to evade blocking by IP. Aside
> from the simple attempts I see some that are trying things like:
>
> j...@
The list washers / validators must be doing a brisk business today.
Many use Amazon hosting in what seems to be an attempt to evade blocking
by IP. Aside from the simple attempts I see some that are trying things
like:
j...@domain.tld
john@domain.tld
jon@domain.tld
john-...@domain.tld
38 matches
Mail list logo
