Recently I deleted all my spam. After about a week I had 16,000 spam messages. Really.
I just deleted it all again and typed a two line email, after which I had three new spam messages.
What is this stuff? I have a hunch.
All the messages are coming from different emails but this name: iLovePfizer
They are to random email addresses on my domain. (I could turn this off but I find it a bit fascinating.)
What if someone started tracking the source of all this spam? Would it lead to botnet servers or user machines infected with malware? I doubt, based on the distribution of IPs, that it is coming from a single organization hosting all these email addresses I'm getting mail from...it could be a spammer searching for live mailboxes, but I kind of doubt that due to the content. I wonder if it is something completely different...think about it.
Here are a random sampling of IPs in messages received since I started writing this post...and it seems to have stopped now.
inetnum: 165.228.0.0 - 165.228.255.255
netname: TELSTRAINTERNET14-AU
descr: Telstra Internet
descr: Locked Bag 5744
descr: Canberra
descr: ACT 2601
country: AU
inetnum: 190.92.64/19
status: allocated
aut-num: N/A
owner: CABLECOLOR S.A.
ownerid: HN-CASA-LACNIC
responsible: Masson Romeo Chacon Aldana
address: Cl Principal Colonia Miramontes Ed. Cont, --, 2do. Nivel
address: 4780 - TEGUCIGALPA -
country: HN
phone: +50 4 2630000 []
owner-c: MRA
tech-c: MRA
abuse-c: MRA
inetrev: 190.92.94/24
nserver: NS1.CABLECOLOR.HN
| NetRange | 72.224.0.0 - 72.231.255.255 |
| CIDR | 72.224.0.0/13 |
| Name | RRNY |
| Handle | NET-72-224-0-0-1 |
| Parent | NET72 (NET-72-0-0-0-0) |
| Net Type | Direct Allocation |
| Origin AS | |
| Organization | Time Warner Cable Internet LLC (RRNY) |
inetnum: 200.92.0/17
status: allocated
aut-num: N/A
owner: Mega Cable, S.A. de C.V.
ownerid: MX-MSCV17-LACNIC
responsible: Orencio Meza
address: Av. Lazaro Cardenas, 1694, Del Fresno
address: 44900 - Guadalajara - JA
country: MX
phone: +52 3337500020 []
owner-c: NIT
| NetRange | 173.16.0.0 - 173.31.255.255 |
| CIDR | 173.16.0.0/12 |
| Name | MEDIACOM-RESIDENTIAL-CUST |
| Handle | NET-173-16-0-0-1 |
| Parent | NET173 (NET-173-0-0-0-0) |
| Net Type | Direct Allocation |
| Origin AS | |
| Organization | Mediacom Communications Corp (MCC-244) |
inetnum: 122.176.0.0 - 122.183.255.255
netname: BHARTI-IN
descr: BHARTI Airtel Ltd.
descr: ISP Division ,AES - Carrier
descr: 234 , Okhala Phase III
descr: NEW DELHI
descr: INDIA
inetnum: 177.136.192/21
aut-num: AS53050
abuse-c: AMJ445
owner: Super Cabo TV Caratinga Ltda
ownerid: 064.388.762/0001-90
responsible: Anibal Martins Julião Jr.
country: BR
owner-c: AMJ445
tech-c: AMJ445
created: 20130826
changed: 20130826
nic-hdl-br: AMJ445
person: Anibal Martins Juliao Junior
e-mail: supercabotv@supercabotv.com.br
inetnum: 87.0.0.0 - 87.15.255.255
netname: TELECOM-ADSL-7
descr: Telecom Italia S.p.A. TIN EASY LITE
country: IT
admin-c: BS104-RIPE
tech-c: BS104-RIPE
status: ASSIGNED PA
mnt-by: tiws-mnt
mnt-lower: tiws-mnt
mnt-routes: tiws-mnt
source: RIPE # Filtered
person: BBBEASYIP STAFF
address: Via Val Cannuta, 250
address: 00166 Roma
address: Italy
phone: +39 06 36881
nic-hdl: BS104-RIPE
mnt-by: TIWS-MNT
source: RIPE # Filtered
inetnum: 118.71.112.0 - 118.71.127.255
netname: FPTDYNAMICIP-NET
country: vn
descr: FPT Telecom Company
descr: 2nd floor FPT Building, Pham Hung Road, Cau Giay District, Hanoi
admin-c: TTH19-AP
tech-c: NOC21-AP
status: ALLOCATED NON-PORTABLE
remarks: For spamming matters, mail to abuse@fpt.vn
changed: hm-changed@vnnic.net.vn 20120809
mnt-by: MAINT-VN-FPT
mnt-irt: IRT-VNNIC-AP
source: APNIC
inetnum: 186.78/15
status: allocated
aut-num: N/A
owner: TELEFÓNICA CHILE S.A.
ownerid: CL-TCSA41-LACNIC
responsible: Technical Contact Telefonica Chile S.A.
address: AVENIDA PROVIDENCIA, 111, COMUNA DE PROVIDENCIA
address: 7500775 - SANTIAGO - RM
country: CL
phone: +56 2 3306932 []
| NetRange | 66.214.144.0 - 66.214.191.255 |
| CIDR | 66.214.144.0/20 66.214.160.0/19 |
| Name | CH-LA-66-214-144-191 |
| Handle | NET-66-214-144-0-1 |
| Parent | CHARWR-02 (NET-66-214-0-0-1) |
| Net Type | Reallocated |
| Origin AS | |
| Organization | Charter Communications (CC04) |
inetnum: 201.231.0/17
status: allocated
aut-num: N/A
owner: CABLEVISION S.A.
ownerid: AR-CASA10-LACNIC
responsible: Santiago Zuccarello
address: Aguero, 3440,
address: 1605 - Munro - BA
country: AR
phone: +54 11 51996100 []
owner-c: NEA
inetnum: 79.52.128.0 - 79.52.255.255
netname: TELECOM-ADSL-POOL
descr: NAS DHCP Pool Pisa
country: IT
admin-c: BS104-RIPE
tech-c: BS104-RIPE
status: ASSIGNED PA
remarks: INFRA-AW
mnt-by: TIWS-MNT
mnt-lower: TIWS-MNT
mnt-routes: TIWS-MNT
source: RIPE # Filtered
inetnum: 202.70.224.0 - 202.70.255.255 netname: ONI descr: OKAYAMA NETWORK INC. descr: 1-1-18,Shinyashiki-cho,Okayama-City country: JP admin-c: JNIC1-AP tech-c: JNIC1-AP status: ALLOCATED PORTABLE remarks: Email address for spam or abuse complaints : oni-tech@oni.co.jp mnt-by: MAINT-JPNIC mnt-lower: MAINT-JPNIC changed: hm-changed@apnic.net 20040527 source: APNIC
role: Japan Network Information Center address: Urbannet-Kanda Bldg 4F address: 3-6-2 Uchi-Kanda address: Chiyoda-ku, Tokyo 101-0047,Japan country: JP phone: +81-3-5297-2311 fax-no: +81-3-5297-2312
inetnum: 62.117.160.0 - 62.117.191.255
netname: ONO
descr: ONO
country: ES
admin-c: OIM1-RIPE
tech-c: OIM1-RIPE
status: ASSIGNED PA
mnt-by: ONO-MNT
source: RIPE # Filtered
role: ONO IP MANAGER
address: C/ Basauri, 5
address: Urbanizacion La Florida
address: E-28023 Aravaca, Madrid
address: SPAIN
phone: +34911809300
fax-no: +34911809245
admin-c: OIM1-RIPE
tech-c: OIM1-RIPE
nic-hdl: OIM1-RIPE
mnt-by: ONO-MNT
source: RIPE # Filtered
inetnum: 91.99.0.0 - 91.99.63.255
netname: PARSONLINE-DYNAMIC-DSL
descr: Dynamic-Pool-R2
country: IR
admin-c: PNOC5-RIPE
tech-c: PNOC5-RIPE
status: ASSIGNED PA
mnt-by: PARSONLINE-MNT
mnt-lower: PARSONLINE-MNT
mnt-domains: PARSONLINE-MNT
source: RIPE # Filtered
role: ParsOnline Network Operations Center
address: 224 Khoramshahr ave., No. 6C
address: Tehran 15337
address: Iran
phone: +98 21 8220 8333
fax-no: +98 21 8874 9505
abuse-mailbox: abuse@parsonline.net
admin-c: AE551-RIPE
tech-c: AE551-RIPE
nic-hdl: PNOC5-RIPE
mnt-by: PARSONLINE-MNT
source: RIPE # Filtered
inetnum: 190.230.254/23
status: reallocated
owner: Apolo -Gold-Telecom-Per
ownerid: AR-APGO-LACNIC
responsible: Aseguramiento de Datos
address: Dorrego, 2520, piso 3°
address: 1425 - Capital Federal -
country: AR
phone: +54 11 4968-7975 []
owner-c: ADA
tech-c: ADA
abuse-c: ADA
created: 20090617
changed: 20090617
inetnum-up: 190.228/14
nic-hdl: ADA
person: Administrador Abuse
e-mail: abuse@TA.TELECOM.COM.AR
address: Alicia Moreau de Justo, 50, -
address: 1107 - Ciudad Autónoma de Buenos Aires -
country: AR
phone: +54 11 49684000 []
created: 20030211
changed: 20110316
inetnum: 120.56.0.0 - 120.63.255.255 netname: MTNLISP descr: MTNL CAT B ISP country: IN admin-c: MT152-AP tech-c: MT152-AP remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+ remarks: This object can only be updated by APNIC hostmasters. remarks: To update this object, please contact APNIC remarks: hostmasters and include your organisation's account remarks: name in the subject line. remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+ mnt-irt: IRT-MTNL-IN changed: hm-changed@apnic.net 20080319 mnt-by: APNIC-HM mnt-routes: MAINT-IN-MTNL mnt-lower: MAINT-IN-MTNL status: ALLOCATED PORTABLE changed: hm-changed@apnic.net 20081030 source: APNIC
irt: IRT-MTNL-IN address: Jeevan Bharati Building address: Tower 1, 12th Floor, 124, Connaught Circus, New Delhi e-mail: sdenw@bol.net.in abuse-mailbox: networkabuse@bol.net.in
person: BBBEASYIP STAFF
address: Via Val Cannuta, 250
address: 00166 Roma
address: Italy
phone: +39 06 36881
nic-hdl: BS104-RIPE
mnt-by: TIWS-MNT
source: RIPE # Filtered
irt: IRT-VNNIC-AP
address: Ha Noi, VietNam
phone: +84-4-35564944
fax-no: +84-4-37821462
e-mail: hm-changed@vnnic.net.vn
abuse-mailbox: hm-changed@vnnic.net.vn
| NetRange | 23.31.96.0 - 23.31.111.255 |
| CIDR | 23.31.96.0/20 |
| Name | CBC-RICHMOND-24 |
| Handle | NET-23-31-96-0-1 |
| Parent | CBC-CM-4 (NET-23-30-0-0-1) |
| Net Type | Reallocated |