Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English

Ironport's list of Top spam sources

Ironport's list of Top spam sources

  • Comments 5

Ironport has a list, updated daily, of the top spam sources from around the world.  I meandered on over today to take a look and one thing jumped out at me which I have highlighted below.

image

If you can't read that, it is IP address 66.207.164.167.  The hostname is mail.fiedom.org, and the network owner is ColoGuys.

ColoGuys?  What?  As in Colorado Guys?  Or maybe it's McColo Guys, the guys who ran McColo?

The WHOIS information says that the domain was registered on March 15, 2009 (three days ago).  The contact information is protected (usually a bad sign), the admin address is a PO Box and it was registered in a location in The Netherlands.

I'm not saying that this means that these are the same guys who got shut down four months ago, but from where I am sitting and typing, it sure looks suspicious.

Leave a Comment
  • Please add 7 and 8 and type the answer here:
  • Post
  • PingBack from http://dsecure.net/blog/?p=2364

  • "Colo" is far too generic a term to make that link with any confidence.

    Plus, with very few exceptions, McColo didn't send spam directly - they were just the C&C for the botnets that did.

  • COLOGUYS SEND SPAM!

    COLOGUYS SEND SCAM EMAILS!

    Tons of it. And they also send scam emails posing as Equifax!

  • cologuys is colocation/dedicated server provider in dallas, tx

    they host servers, they have nothing to do with the spam really

    you could send an email to their abuse line to get the source shut down

  • You should double check things before posting.

    The domain last renewed jun-21-2009.

    It was registered jul-20-2001.

    They are a hosting company that has been around for almost a decade with very little spam reports/complaints as compared to other hosting companies their size.

    I know how much you like spam, nothing like having someone tell someone else to spam the innocent so they recieve more!

    Are you a spammer ? You are telling people to send mail and scams.

Page 1 of 1 (5 items)