Вообще до уровня тупизны еще возникать на такие абузы опустились токо испрайм и hqhost:) причем в ряде случаев абуз был на домены вообще находящиеся на тех же днсах что и мои
This is an automated notification from Smart Network Data Services
(https://postmaster.live.com/snds) to inform you that the IP address,
тут был ip, has been reported to be involved with hosting malware.
The URL found to be hosting the malware was
http://тутбыл урл
and it was most recently detected as such at Sep 6 2006 2:26PM PST.
Similar to the publicly announced Strider HoneyMonkey research project,
Microsoft operates a system which actively scans websites for ones hosting
malware. A honeymonkey is a computer or a virtual PC that actively mimics
the actions of a user surfing the Web. A series of monkey programs, which
drive a browser in a manner similar to that of a human user, run on
virtual machines in order to detect exploit sites. The browsers can be
configured to run with fully updated software, or without specific updates
in order to look for exploit sites that target specific vulnerabilities.
In this manner, attacks likely to impact customers can be analyzed and
detected. When this system detects that a given IP is associated with
hosting malware, it sends notications to parties known to be associated
with that IP.
The IP may be associated with the URL in one of two ways. First, it may
be one of the IPs hosting the URL itself, which is described in technical
terms as an "A record" for the hostname contained in the URL. Second, it
may be one of the DNS servers servicing queries for that hostname, known
in technical terms as an "NS record" for the zone. It's important to take
the extra step of reporting on the DNS servers because they're often
compromised or "rogue" in the same way that the web servers themselves can
be, even though this can cause "false positive" reports on IPs which
aren't compromised. Keep in mind, however, that malware authors are known
to rotate the IPs used to host both of the above types of servers above,
so while it may not still be hosting requests it's still worth
investigating.
This email is only intended to be a suggestion to investigate, confirm or
deny, and even remedy the situation with the IP address--it is entirely at
the recipient's discretion that any action is taken and the recipient
accepts all responsibilty for the consequences thereof. This information
is intended solely for the recipient, should not be disclosed unless
necessary, and all disclosure and actions should be in accordance with
local law.
Smart Network Data Services is a brand new way to fight spam and other
maladies of the Internet. By providing data on these to IP block owners,
organizations are empowered to prevent spam from originating from their IP
space. If you are receiving this email, then you could be automatically
authorized to view a broad range of data on your IP space by going to
https://postmaster.live.com/snds/addnetwork.aspx. Together, we can all do
our part to take back email from the spammers. For more details, please
see our Frequently Asked Questions page at
https://postmaster.live.com/snds/faq.aspx.
If you do not wish to receive further mails from Smart Network Data
Services, please forward this email to
nocmail@microsoft.com with your
request. If you have questions about our privacy policy, please read our
privacy statement available at
http://privacy.live.com.
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA
(c)2006 Microsoft Corporation. All rights reserved. Microsoft, MSN, the
MSN logo, and Hotmail are either registered trademarks or trademarks of
the Microsoft Corporation in the United States and/or other countries.
