Forum: >>> Magnum BBS <<<

138.59.144.0/22 is a spam factory

From Sam@21:1/5 to All on Thu Sep 24 09:28:35 2020

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.
The Internet standard for MIME PGP messages, RFC 2015, was published in 1996. To open this message correctly you will need to install E-mail or Usenet software that supports modern Internet standards.

Received: from mm146-37.iavo32.com (mm146-37.iavo32.com [::ffff:138.59.146.37]) (TLS: TLSv1.2,256bits,ECDHE-RSA-AES256-GCM-SHA384) by www.email-scan.com with ESMTPS id 00000000002C0014.000000005F6C0D18.0000FB73; Wed, 23 Sep 2020 23:05:58 -0400

138.59.144.0/22's outward appearance is some dinky Brazilian telco.

However:

telnet mail.wiidtelecom.com.br. 25
Trying 131.100.24.199…
Connected to mail.wiidtelecom.com.br..
Escape character is '^]'.
220 mail.midiamail.com.br ESMTP Postfix (Debian/GNU)

http://midiamail.com.br makes it clear that this is a spam factory, and the traceroute to 138.59.146.37 shows that it's in Florida.

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEMWrVnbBKLOeG9ifkazpiviedvyUFAl9snwMACgkQazpivied vyUQLA/8CKEYoyKISUCnMKWg2UEWQeK8f5cSbU/HrldXCsigXxbeC0u7QZHgu0qU f3MYYU3aKHLiEl8CxDNIROKAnIgeVMXXj4+A+xg4cFnUHwB8jdW/vV8yRQXLeSXH 6tv2lcDOUvCMcaq2YuVYXjA0j/5L9epBKsLpHTlg/R3XIeD+G3zxKVp3BsHwmDlv jNsJXPTxO3/7JBCnSccDWvpZBNWA3jeBrKJrBuTSq/+Oe2wt2Syy7RNrNNmQMf1a PejXrTHJAWRLqMMDrp8jpYqGk9SGZSOE30SdI3P6kByiafeq2R9jjOmn0oTjNccO Vp5OQPqizhu1r2SBAqabfcepBA++CvOMwg18x5vWa6eyfcFRyGcazQmKLat4kTWD e9aJUA8vtvUvVrlozdiUg9yvr6CESkGtAKhOndQSIg0e1vJDXEpUjVrcfbiF3ojX +XlNRgNRdT0piPVsfhuilq2bsZei+FLVRxLM+GtnHDoz/Qx1PI1WcTRRwVZl6mLD 76jdthgCUTLg0G8cjRCh8GCExSFKsCGNCSGbnbngCx5QZQXGU5XBcJCLSzGv6HlK 8ZWHAK/QI2l+zLAii6FlRVjQOuk4ZchFErG9cbxt+vztP7RyvyKwYIxqN1jQowUf vyC5kAWfaElorMXlNQe5RZqgdo9jWnpcJ6wXPHD4xqkMJBuFI0o=
=tes0
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Scott Dorsey@21:1/5 to sam@email-scan.com on Thu Sep 24 23:12:11 2020

Sam <sam@email-scan.com> wrote:

telnet mail.wiidtelecom.com.br. 25
Trying 131.100.24.199=E2=80=A6
Connected to mail.wiidtelecom.com.br..
Escape character is '^]'.
220 mail.midiamail.com.br ESMTP Postfix (Debian/GNU)

http://midiamail.com.br makes it clear that this is a spam factory, and t=
he =20
traceroute to 138.59.146.37 shows that it's in Florida.

Complain to netrouting.net but do not fail to complain to mail-abuse@cert.br for Brazillian spammers operating offshore.
--scott

--
"C'est un Nagra. C'est suisse, et tres, tres precis."

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Who's Online
Recent Visitors
- Michal Wronka
  Wed Apr 24 14:13:57 2024
  from Wroclaw, Poland via SSH
- Michal Wronka
  Wed Apr 24 14:02:51 2024
  from Wroclaw, Poland via SSH
- Michal Wronka
  Thu Apr 25 14:02:21 2024
  from Wroclaw, Poland via SSH
- Bob Worm
  Thu Apr 25 11:52:12 2024
  from Wales, Uk via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	296
Nodes:	16 (2 / 14)
Uptime:	53:40:18
Calls:	6,650
Calls today:	2
Files:	12,200
Messages:	5,330,494

138.59.144.0/22 is a spam factory

Who's Online

Recent Visitors

System Info