Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[rpd] Mass Hijacking of AFRINIC IPv4 Space by U.S.A. Spammers

Ronald F. Guilmette rfg at
Fri Nov 18 06:47:31 UTC 2016

In message <1a79e588-e349-1668-4852-811a3f4a869a at>, 
Frank Habicht <geier at> wrote:

>Hi again,
>On 11/17/2016 11:11 PM, Ronald F. Guilmette wrote:
>> You say this as if you actually *do* know exactly who *is* causing the
>> problem.  If so, please tell me and then we'll both know.
>*You* mentioned earlier "by American snowshoe spammers".

Well, yes, but as someone else already noted, those crooked American
spammers have also, apparently, been materially aided and abetted by
the helpful Afrinic, which has delegated reverse DNS responsibility
for large swaths of IPv4 space to the pair of name servers known as
ns{3,4} as shown here:

And those name servers appear to belong to a company in the Afrinic
region... one which I believe may perhaps be an Afrinic authorized

And the spammers in this case want and need proper reverse DNS, so
Afrinic, along with this African company is helping materially to
make this all possible in a way that suits the business goals of
the crooked American spammers.

Has MTN really got letters from all of the legitimate registrants for
all of the /24 "C blocks" listed in the above file, permitting them
to make use of all this space?

Oh.  sorry.  Nevermind.  I'm not allowed to ask.


P.s.  And by the way, does anybody have even the vaguest idea who owns
the domain, which is also featured prominently in the
the file linkled to above?

All of the C blocks associated with that are all chock full of snowshoe
spammers too, as are all of the ones with the funny pairs of name severs
in the range from 163.198.80 to 163.198.239.  (But I already know who
is associated with the latter group.  That is an old U.S.A. spammer and
convicted drug dealer named Steve Slota.  But the question is:  How did
he get all that reverse DNS that he craves?)

More information about the RPD mailing list