After BURST.NET, who does not like more than 20 abuse reports per day and complainant (as written some days before), we have noticed that OVERSEE.COM’s abuse department (AS33626 | SiteVet | Google SafeBrowsing) doesn’t like any abuse complaints regarding drive-by-downloads and malware hosted in their network:
This is the mail system at host mx.oversee.net.
I’m sorry to have to inform you that your message could not
be delivered to one or more recipients. It’s attached below.
For further assistance, please send mail to postmaster.
If you do so, please include this problem report. You can
delete your own text from the attached returned message.
The mail system
<firstname.lastname@example.org> (expanded from
fijiexchange.corp.oversee.net[10.1.1.73] said: 554 5.1.0 Sender Denied (in
reply to MAIL FROM command)
Reporting-MTA: dns; mx.oversee.net
X-Postfix-Sender: rfc822; email@example.com
Arrival-Date: Sat, 18 Feb 2012 01:20:48 -0800 (PST)
Final-Recipient: rfc822; firstname.lastname@example.org
Remote-MTA: dns; fijiexchange.corp.oversee.net
Diagnostic-Code: smtp; 554 5.1.0 Sender DeniedFrom: cyscon GmbH – SIRT <email@example.com>Date: 18. Februar 2012 10:23:12 MEZSubject: [SIRT#0000???????] Malware hosted in your network!Reply-To: firstname.lastname@example.org
It seems that those guys have blacklisted us. Great job, OVERSEE.COM! Does this mean, that you guys are a bullet proof host?
We know that you guys have a problem (currently the over all leader of tracked incidents in our statistics), but as you know it will not solve the issue if you simple reject abuse complaints giving you an idea, where the problem is located … you have to work with those complaints and delete the stuff. Otherwise you will not prevent all those internet users outside, surfing on internet/web presences, getting infected with a piece of malware, that is hosted and spreeded in/out of your network!