Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Are you getting .CYOU spam?

We already block trash domains like .CYOU, but still my server was getting thousands of .CYOU spams to block each day.

It was playing whack-a-mole with blocking subnets.

That's when I stepped in and looked at it, turns out 100% of them, ALL OF THEM are coming from one hosting company.

Eonix Corporation in Las Vegas.

I blocked their entire ASN, which is 62904, and my .CYOU spam went to zero - instantly.  This weekend I have pages and pages of green logs, no spam.

(just 2 random spams that are not related).

CYOU later, Eonix.  You are now permanently blocked from any network I am in charge of.

If anyone else is experiencing this attack, I suggest you use this as a reference: https://asn.ipinfo.app/AS62904

Or hit me up and I will try and help.



This thread was automatically locked due to age.
Parents Reply
  • Oh you'd be surprised who buys from them, haha.

    But really, the ISP is the one making the money off the ones who are renting/buying equipment and hosting trash.  They don't really seem to care anymore about their reputation, then claim absence of knowledge about it because no one complains to them.

Children