HairyChick

I get spam from the IP of amazonaws.com. I email to report it and get back an unclear response. Well, clear but questionable.

Someone logs into their server and sends out spam. I’m sure server logs show the originating IP and username. I’m wondering if their server is publicly accessible. They seem to indicate that but I find it hard to believe that they allow the public access to their server. And, allowed people to send out thousands of spam emails without noticing it.

——————-——————-——————-——————-——————-——————-——————-

“ ...... Due to the frequency with which AWS public IP addresses can change ownership, we will need additional information in order to identify the responsible customer(s).

For security reasons, we do not open or accept attachments. When replying, please provide plain-text logs of the abusive activity, including the following information, in the body of your email:

* Log extracts showing the intensity and duration of the activity

For a faster response, please resubmit your report using the form at https://aws.amazon.com/forms/report-abuse

We look forward to hearing from you shortly.

Regards,
AWS Abuse

——————-——————-

On Thursday, August 23, 2018, WordPress

Event: Failed Login
Website: Blahblahblah.com
IP Address: 54.164.51.13
Reverse IP: ec2-54-164-51-13.compute-1.amazonaws.com
Date/Time: August 24, 2018 1:41 am


Message: User authentication failed: pam (I post as pam with user access only, not as the admin)

——————-——————-——————-——————-——————-——————-

Does Amazon have a public IP where anyone can get access and spam undetected?? I’d think word would get out and all lowlife spammers would use it. Logs would show the IP online there, logged in, at the tine shown.

They want “ * Log extracts showing the intensity and duration of the activity”. Uhhh, isn’t that on their logs?!? The spammer didn’t access my account; it’s their server that was utilized.

Then again, I haven’t dealt with hackers and spammers on my server in ten years. Things may have changed or my amnesia extends beyond my illness

I told Amazon most of the above and said their abuse team was lame if they thought I’d have logs or any information on this besides spam. It went to an email address that doesn’t give me full stats, I.e. which servers it went through, originating IP thorough information, etc. I had that in Eudora, my first email program.

__________________
*****************************************
Anti-Semites have Small Penis Syndrome. The only known treatment is electroshock therapy combined with cerebellum removal. Fortunately, it’s a tiny procedure.
*****************************************

freecartoonporn

if you are using google then mark email as spam.

if they are using some good software or sevice to send bulk mails, they knows who marked mail as spam, so they remove you from future mailings.

__________________

SSD Cloud Server, VPS Server, Simple Cloud Hosting | DigitalOcean

PornDiscounts-V

All your inbox is belong to us!

__________________

faperoni

Are you talking about email spam or comment spam on you website?

If it is on your website then it isn't very hard to block all Amazon AWS ip addresses, you could also safely block Google Cloud, Microsoft Azure, Rackspace and Digital Ocean from my experience this will get rid of most automated spam & crawlers.

Skype is in my sig if you need help, good luck!

__________________
Faperoni.com Fucker.com

HairyChick

It’s not gmail nor via my websites. Those are easy to block. It’s another email and I can have my host block the class c IP. But I want to know how it’s being done since Amazon says it’s a public IP.

__________________
*****************************************
Anti-Semites have Small Penis Syndrome. The only known treatment is electroshock therapy combined with cerebellum removal. Fortunately, it’s a tiny procedure.
*****************************************

sarettah

By public, AWS means the IPs NOT used by Amazon itself. The ips it assigns for its Cloud services are their Public IPs, not public in that anybody can use them but Public in that they are used by subscribers to Amazon cloud services. I think.

That make sense to you?

Because they have many subscribers to their cloud services and not so many ips available, they change out ips as needed. So, if you are hosting on their server your ip can change as needed. If your Amazon service is not actively using an ip, it can be used by someone else's Amazon service.

This is not uncommon among service providers.

So, to identify what subscriber was using an IP at a certain time the service needs to know:

1. What ip (or ips) are you seeing involved.
2. What time or (times) they were being used. The more detail the better.

So, if you had access to the incoming mail logs for youe email address, that would definitely help. If your email address is hosted on your own domain/server then those logs would be available. If you are using a third party mail service (gmail, aol, yahoo, your isp assigned email address) then you would not have access to them

The header information for the email also helps. You say you used to see the header info in Eudora. Header info is available in most email clients. In some it is harder to get to.

In Live mail, for example, you have to right click a message and go to properties and then the details tab. I think outlook is similar. In gmail (new view, I don't remember the steps in old view) you open the email message and then in the right hand dropdown you choose "show original" and it takes you to a view of the message with the full headers.

Each client or webmail service is different but most allow you to get to the headers some how.

So, what Amazon is asking is not unreasonable at all. imho of course.

What email client are you using?

.

__________________
All cookies cleared!