[SpamCop-List] Likely hijacked IP?
test at mailandnews.com
Mon Aug 16 17:11:08 EDT 2004
Tracking message source: 22.214.171.124:
"whois 126.96.36.199 at whois.arin.net" (Getting contact from whois.arin.net )
Redirect to apnic:
"whois 188.8.131.52 at whois.apnic.net" (Getting contact from
whois.apnic.net redirects to krnic
"whois 184.108.40.206 at whois.krnic.net" (Getting contact from
whois.krnic.net) - not found
host 220.127.116.11 (getting name) no name
Falling back on IP addressing:firstname.lastname@example.org
18.104.22.168 is an open proxy
and no name:
NS Lookup: 22.214.171.124/A/126.96.36.199/Emulate = false
<-- Name UNAVAIL -->
<-- Non-Auth -->
<-- Complete -->
Domain = 253.61.in-addr.arpa
Authority = a.dns.kr
I have never seen addressing like "email@example.com"
do anything other than bounce so I have no idea why SpamCop bothers to do it
in cases like this.
The REAL contact person in this case would probably more appropriately be
hostmaster at nic.or.kr since the whois data seems to indicate nobody should
have this address in the first place, no?
KRNIC is not a ISP but a National Internet Registry similar to APNIC.
The IPv4 address is allocated from APNIC to KRNIC.
KRNIC is holding the IPv4 address for further allocation to its member ISPs
in the furture. If you have any question with the IPv4 address,
Please contact at hostmaster at nic.or.kr
Have seen ARIN take hijacked IPs out of the database entirely - Wonder if
this might be KRNIC's version of the same?
More information about the SpamCop-List