[nsp-sec] Google scam (AS 4134)
William Allen Simpson
william.allen.simpson at gmail.com
Wed Mar 3 06:34:01 EST 2010
William Allen Simpson wrote:
> Wow, Google is so generous! Imagine my surprise that they operate
> from an address in China....
>
> AS | IP | AS Name
> 4134 | 122.225.105.9 | CHINANET-BACKBONE No.31,Jin-rong Street
>
> ===
>
> Return-Path: <google_team at w.cn>
> Received: from powerconnect.co.zw ([217.74.236.254])
> by mx.google.com with ESMTP id
> e11si11738444fga.6.2010.03.02.18.36.24;
> Tue, 02 Mar 2010 18:36:28 -0800 (PST)
> Received-SPF: neutral (google.com: 217.74.236.254 is neither permitted
> nor denied by best guess record for domain of google_team at w.cn)
> client-ip=217.74.236.254;
> Authentication-Results: mx.google.com; spf=neutral (google.com:
> 217.74.236.254 is neither permitted nor denied by best guess record for
> domain of google_team at w.cn) smtp.mail=google_team at w.cn
> Received: (qmail 28957 invoked from network); 3 Mar 2010 02:19:32 -0000
> Received: from unknown (HELO localhost) ([192.168.50.241])
> (envelope-sender <google_team at w.cn>)
> by powerconnect.co.zw (qmail-ldap-1.03) with SMTP
> for <google_team at w.cn>; 3 Mar 2010 02:19:32 -0000
The spamming host probably could be added to somebody's ASN Alert:
AS | IP | AS Name
30844 | 217.74.236.254 | ECONET-ECS Econet Carrier Services AS Numbers
More information about the nsp-security
mailing list