Good idea. I will forward one of the emails to that email address (abuse@ioflood.com) and explain what is going on. Will contact back with results.

From: Mirimir
Sent: Sunday, June 10, 2018 8:52 PM
To: tor-relays@lists.torproject.org
Subject: Re: [tor-relays] Fwd: Tor Guard Relay

 

On 06/10/2018 03:58 PM, grarpamp wrote:

> Horny Rose wants to marry and exploit many people, lol.

>

> Assuming culprit is a stupid nontargeting subscribed address,

> list manager does have a way to expose it, users may gripe

> though, because even if found, reported, and nuked at the source,

> they'll likely just sign up again.

>

> Readers should just filter locally. And mark them as spam

> if they want to risk letting the cloud deal with it in some

> secret and flaky way.

>

> Not posting headers because it's a waste of time.

>

> This saves many people a lot of time...

> https://neomutt.org/

 

I've looked at known spam, and they all come from either

m111.bytekeys.com (104.161.37.109) or us27.axiobyte.com

(104.161.37.152). Both are hosted on mellowhost.com by Input Output

Flood LLC. Funny name, no? The abuse contact is Gabriel Ramuglia

(abuse@ioflood.com). I suggest that we all file abuse reports.

 

Here's the supporting data.

 

from https://ipinfo.io/

 

ip: "104.161.37.109"

hostname: "m111.bytekeys.com"

city: "Dhaka"

region: "Dhaka Division"

country: "BD"

loc: "23.7231,90.4086"

postal: "1000"

asn: Object

asn: "AS53755"

name: "Input Output Flood LLC"

domain: "ioflood.com"

route: "104.161.32.0/20"

type: "hosting"

company: Object

name: "Mellowhost"

domain: "mellowhost.com"

type: "hosting"

 

ip: "104.161.37.152"

hostname: "us27.axiobyte.com"

city: "Dhaka"

region: "Dhaka Division"

country: "BD"

loc: "23.7231,90.4086"

postal: "1000"

asn: Object

asn: "AS53755"

name: "Input Output Flood LLC"

domain: "ioflood.com"

route: "104.161.32.0/20"

type: "hosting"

company: Object

name: "Mellowhost"

domain: "mellowhost.com"

type: "hosting"

 

 

from https://myip.ms/info/whois/104.161.37.109

 

Whois Original Data on IP 104.161.37.109

NetRange:        104.161.0.0 - 104.161.255.255

CIDR:    104.161.0.0/16

NetName:        IOFLOOD

NetHandle:       NET-104-161-0-0-1

Parent:              NET104 (NET-104-0-0-0-0)

NetType:           Direct Allocation

OriginAS:           AS53755

Organization:   Input Output Flood LLC (IOFL)

RegDate:          2014-07-28

Updated:          2014-07-28

Comment:        http://www.ioflood.com

Ref:      https://whois.arin.net/rest/net/NET-104-161-0-0-1

OrgName:        Input Output Flood LLC

OrgId:  IOFL

Address:            3402 E University Dr. #6

City:      Phoenix

StateProv:        AZ

PostalCode:     85034

Country:            US

RegDate:          2011-05-02

Updated:          2017-01-28

Comment:        http://www.ioflood.com

Ref:      https://whois.arin.net/rest/org/IOFL

OrgAbuseHandle:         RAMUG-ARIN

OrgAbuseName:           Ramuglia, Gabriel

OrgAbusePhone:           +1-702-482-8064

OrgAbuseEmail:            abuse@ioflood.com

 

 

from https://myip.ms/info/whois/104.161.37.152

 

Whois IP Live Results for 104.161.37.152

IP Address:       104.161.37.152

IP Location:      USA,    Nevada,    Mesquite

IP Reverse DNS (Host):             us27.axiobyte.com

IP Owner:         Input Output Flood Llc

Owner IP Range:          104.161.0.0 - 104.161.255.255    (65,536 ip)

Owner Address:           3402 E University Dr. #6, Phoenix, AZ, 85034, US

Owner Country:           USA

Owner Phone:              +1-702-482-8064

Owner Website:           ioflood.com

Owner CIDR:    104.161.0.0/16

Whois Record Created:            28 Jul 2014

Whois Record Updated:          28 Jan 2017

 

 

 

<SNIP>

_______________________________________________

tor-relays mailing list

tor-relays@lists.torproject.org

https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays