This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Are you getting .CYOU spam?

We already block trash domains like .CYOU, but still my server was getting thousands of .CYOU spams to block each day.

It was playing whack-a-mole with blocking subnets.

That's when I stepped in and looked at it, turns out 100% of them, ALL OF THEM are coming from one hosting company.

Eonix Corporation in Las Vegas.

I blocked their entire ASN, which is 62904, and my .CYOU spam went to zero - instantly.  This weekend I have pages and pages of green logs, no spam.

(just 2 random spams that are not related).

CYOU later, Eonix.  You are now permanently blocked from any network I am in charge of.

If anyone else is experiencing this attack, I suggest you use this as a reference: https://asn.ipinfo.app/AS62904

Or hit me up and I will try and help.



This thread was automatically locked due to age.
Parents Reply Children
  • Honestly, how does sending 10's of thousands of spam messages to my server, which are automatically deleted without being read, how does that profit anyone?

    The chances of me opening their crap is between zero and zero.  And even if I did, who is stupid enough to actually buy something from a spammer?

    Really, it seems like a waste of time.

  • Oh you'd be surprised who buys from them, haha.

    But really, the ISP is the one making the money off the ones who are renting/buying equipment and hosting trash.  They don't really seem to care anymore about their reputation, then claim absence of knowledge about it because no one complains to them.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)