New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
HXServers Los Angeles Outages?
This discussion has been closed.
Comments
The problem with is that meaning to do it isn't good enough, you actually need to do it - and to understand it in the first place - which means, one needs to have a working brain and some relevant content in it.
But I'm sure @hxservers meant to have it done. Probably by his former employee who, according to hxservers, is the one who f_cked up everything.
So, you mean a big provider who simply doesn't need to play such games, did not play such games and hxservers lied yet again? Oh my! Whouddave thought that?
Oh, come on, be a bit more generous. Of course hxservers didn't mean to lie - again - to us, it just somehow happened.I tell you, he's totally 100.5% innocent - well, at least he meant to be innocent!
Oh, and: thank you for your feedback *g
Thank you @emgh.
With your feedback we have embraced RFC1918 protocols. This means we're going to start making bubbles with copper and chlorine.
We appreciate your feed back but sit back, and just take a nice whiff
Have you checked this one?
There was non-stop spam from Chris ips.
Spamhaus lists for 3 days, 3*20=60 o_o
No idea, how they scored 20, how need to send spam
Some IPs are still listed, so the suspension occurred like 3 days ago.
If Chris ignored all that stuff, then no surprise they recalled IPs.
Hey people, ex-Chris clients, go to @contabo_m
Doctor Boeing allows to fly. Take off //
PS possible explanation, Spamhaus shows reports for both 2 months (In the last month means 2), so 60 = 2 month = every day was listed.
WHAT THE F-
Decided to challenge spamhaus?
You may be very surprised who is behind them
Can confirm. Here's just a preview of it: https://mxbin.io/xgHgT7
For as much spam as they sent, from as many IPs, and for being only one threat actor (notice same local part in each sender address), that this sample goes from 10/30 to 11/25 can't possibly mean that time wasn't given to act on abuse complaints. More likely they were ignored or dealt with lazily/incompetently for a fair amount of time (or even worse, the abuse was allowed)
I'm assuming 165.140.8.0/24 was @hxservers but be aware that I'm basing that solely on the fact that I'm replying to content about that IP range in this thread, I've done zero research on hxserver IPs or the ownership/delegation of 165.140.8.0/24.
So, HXservers could prevent all of this with blocked 25/tcp by default...
Am I too late for the drama?
Yup. Never allow random clients to use port 25 on IPs you don’t own. Exceptions can be made for clients that you for a fact know are legit. Companies paying more than $5 a month that is.
Why do you think this is spam? Those are perfectly fine domains!
All From addresses have amz@ username, probably, amazon spam?
So there was just a single client, who bought a bulk and took down Chris. Not "many clients" as Chris said.
So will hxservers.com rise from the dead?
can customer take back their own data? @hxservers
I think you should send emails to notice all your customers as soon as possible. Otherwise, hxservers will become second virmarch. and nobody would buy any other services in the future if you want to continue your vps seller role.
I don't think it is a good idea for owned IPs either. For other reasons, but at least reputation of addresses will be damaged in both cases. And I see basically zero sense in allowing risky activity, which leads to lots of abuse cases, by default.
So far I can state that requiring clients to spend X money before they are eligible to request SMTP port unlock is a wise strategy.
Thank you for your feedback
Don't worry, when your IPXO prefixes get abuse reports, they'll terminate your account too!
In this case it looks more likely that IPXO behaved appropriately.
I agree, 100%.
I’m gonna offer an unsolicited and unverified opinion. However, it’s at least rooted in experience.
The operation was only sustained by one user who purchased either bulk servers or bulk IPs. The provider could not afford to boot the abuser as they were the only reason any bills were getting paid. That decision ended poorly.
Whatever the reason was, it is fun fact that HXServers representative does not participate in this discussion. Only when someone leaked his personal information he engaged for a moment.
Hxservers needs to find dirty ips. So this is deadpool for now.
Thank you for your feedback.
It may be similar to what I sent you yesterday in PM. Was good conversation
These logs contain these unique domains
homesxiaogroup.com
offerssouavailable.com
looksnengunderstand.com
gramzkidz.com
wisjournals.com
tinlin77.com
sports61.com
nlg104.com
ofshouwithout.com
humanslangworks.com
mint-donutshop.com
tinlin11.com
hhg99r.com
tincca99.com
wve862.com
jnr540.com
wyf708.com
sgn720.com
lyh313.com
multiplethreatac.com
Most were hijacked by people (from China? As some were parked in Chinese).
He/she/it sent spam using "Mailamigos.com" or it is the provider of spam who bought from Chris
https://www.google.com/search?q="Mailamigos.com"
Look at how many similar sites exist. Most also .cn or sound similar to Chinese words
I am not an expert in this language, but sounds similar
https://www.ipxo.com/ip-reputation/
Comprehensive IP Monitoring
Our advanced monitoring system keeps a constant watch on the reputation of your IP addresses. We continuously scan various online databases, blacklists, and spam filters to identify any potential threats or negative associations.
Spam pays man. It pays so much you can furnish entire datacenters in, I dunno, Buffalo even.
Francisco