I do not understand how this company is NOT listed on The Register of Known Spam Operations (ROKSO)
How does one get listed on ROKSO?
ROKSO is a “3 strikes” register. We do not list first-time, inadvertent spammers or inexperienced marketing departments spamming ‘by mistake’. To get to 3 strikes (3 terminations for spam offences such as emailing spam, hosting spammers, selling spamware) requires a very determined spam outfit.Being thrown off an ISP (newtork, provider or webhost) takes a lot of doing, very few customers are thrown off an ISP without having been given warnings or chances to stop violating the ISPs Terms of Service. Being thrown off ISPs *twice* for spam offences means the spammer is determined, knows the consequences, and has actually signed up to a new ISP with the specific intention of breaking the ISPs Terms of Service. Being thrown off *three* ISPs for spam offences means the spammer is a committed hard-line spam operation that regards ISPs as simply throwaway resources.
A termination (strike) is assigned to a spam operation when any account for Internet services used by the spam operation or any entity acting on behalf of or in concert with it is terminated for abuse by the host or upstream provider.
Update May 13, 2015
inetnum: 188.166.0.0 – 188.166.255.255
netname: EU-DIGITALOCEAN-20090605
descr: Digital Ocean, Inc.
country: NL
Update April 4 2015
spammers in this range at DigitalOcean
45.55.166.0/24
Update April 4 2015
Digitalocean again…
45.55.0.0/16
Update October 3 2014
NL DigitalOcean large attachment spam
178.62.128.0-178.62.255.255
Update July 17, 2014
Ok, so I sent a lot of spam with headers to abuse a got a lot of responses back:
Thank you for submitting your abuse complaint. One of our support engineers has picked it up and assigned it to the customer in question and it will be resolved as soon as possible.
Thanks so much,
DigitalOcean
However after reports and responses the same ranges are still spewing spam so Back to Black!
Too many ip ranges have been reported and re-reported over the past week.
———–
Update July 15, 2014
I am trying to report spam from these IP ranges to abuse.
So far I have only received 1 (one) make that 3 responses from the abuse address.
I actually UNblocked these today so responses could reach me… and have received spams since that time.
I have added a higher spam score to these ranges.
An update to this post: Published on: Jul 2, 2014
So far these are the players in the polluted Digital Ocean that I am blocking:
162.243.0.0-162.243.255.255
104.131.0.0-104.131.255.255
128.199.0.0-128.199.255.255
146.185.184.0-146.185.191.255
188.226.192.0-188.226.255.255
95.85.48.0-95.85.55.255
107.170.0.0/16
5.101.96.0-5.101.103.255
178.62.0.0 – 178.62.127.255
Previous post: (July 2, 2014)
I hope this type of post assists others when doing searches for new players as spam hosts to validate bad players is the field.
This past few days I have been blocking more and more from this company called Digital Ocean
DIGITALOCEAN-7, DIGITALOCEAN-9, DIGITALOCEAN-AMS-3
NetRange: 162.243.0.0 – 162.243.255.255
CIDR: 162.243.0.0/16
OriginAS: AS14061, AS62567, AS46652
NetName: DIGITALOCEAN-7
NetHandle: NET-162-243-0-0-1
Parent: NET-162-0-0-0-0
NetType: Direct Allocation
Comment: http://www.digitalocean.com
Comment: Simple Cloud Hosting
RegDate: 2013-09-06
Updated: 2013-09-06
Ref: http://whois.arin.net/rest/net/NET-162-243-0-0-1
OrgName: Digital Ocean, Inc.
OrgId: DO-13
Address: 270 Lafayette St
Address: Suite 1206
City: New York
StateProv: NY
PostalCode: 10012
Country: US
RegDate: 2012-05-14
Updated: 2012-10-05
Ref: http://whois.arin.net/rest/org/DO-13
NetRange: 104.131.0.0 – 104.131.255.255
CIDR: 104.131.0.0/16
OriginAS: AS393406, AS14061, AS62567, AS46652
NetName: DIGITALOCEAN-9
NetHandle: NET-104-131-0-0-1
Parent: NET-104-0-0-0-0
NetType: Direct Allocation
Comment: http://www.digitalocean.com
Comment: Simple Cloud Hosting
RegDate: 2014-06-02
Updated: 2014-06-02
Ref: http://whois.arin.net/rest/net/NET-104-131-0-0-1
OrgName: Digital Ocean, Inc.
OrgId: DO-13
Address: 270 Lafayette St
Address: Suite 1105
City: New York
StateProv: NY
PostalCode: 10012
Country: US
RegDate: 2012-05-14
Updated: 2013-12-12
Ref: http://whois.arin.net/rest/org/DO-13
OrgTechHandle: URETS-ARIN
OrgTechName: Uretsky, Ben
OrgTechPhone: +1-646-397-8051
OrgTechEmail: abuse@digitalocean.com
OrgTechRef: http://whois.arin.net/rest/poc/URETS-ARIN
OrgAbuseHandle: URETS-ARIN
OrgAbuseName: Uretsky, Ben
OrgAbusePhone: +1-646-397-8051
OrgAbuseEmail: abuse@digitalocean.com
OrgAbuseRef: http://whois.arin.net/rest/poc/URETS-ARIN
inetnum: 128.199.0.0 – 128.199.255.255
netname: DOPI1
descr: DigitalOcean Cloud
country: SG
admin-c: BU332-RIPE
tech-c: BU332-RIPE
status: LEGACY
remarks: For information on “status:” attribute read https://www.ripe.net/data-tools/db/faq/faq-status-values-legacy-resources
mnt-by: digitalocean
mnt-domains: digitalocean
mnt-routes: digitalocean
source: RIPE # Filtered
org: ORG-DOI2-RIPE
organisation: ORG-DOI2-RIPE
org-name: Digital Ocean, Inc.
org-type: LIR
address: Digital Ocean, Inc.
address: Ben Uretsky
address: 270 Lafayette St, #1105
address: New York
address: 10012
address: UNITED STATES
phone: +16463978051
fax-no: +18669768752
mnt-ref: digitalocean
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-mailbox: abuse@digitalocean.com
abuse-c: AD10778-RIPE
source: RIPE # Filtered
person: Ben Uretsky
address: 270 Lafayette St
address: New York, NY 10012
phone: +16463978051
nic-hdl: BU332-RIPE
mnt-by: digitalocean
source: RIPE # Filtered
MORE
Information related to ‘146.185.184.0 – 146.185.191.255’
% Abuse contact for ‘146.185.184.0 – 146.185.191.255’ is ‘abuse@digitalocean.com’
inetnum: 146.185.184.0 – 146.185.191.255
netname: DIGITALOCEAN-AMS-3
descr: Digital Ocean, Inc.
country: NL
admin-c: BU332-RIPE
tech-c: BU332-RIPE
status: ASSIGNED PA
mnt-by: digitalocean
mnt-lower: digitalocean
mnt-routes: digitalocean
source: RIPE # Filtered
person: Ben Uretsky
address: 270 Lafayette St
address: New York, NY 10012
phone: +16463978051
nic-hdl: BU332-RIPE
mnt-by: digitalocean
source: RIPE # Filtered
Blocked October 14 2013
NetRange: 107.170.0.0 – 107.170.255.255
CIDR: 107.170.0.0/16
OriginAS: AS14061, AS62567, AS46652
NetName: DIGITALOCEAN-8
NetHandle: NET-107-170-0-0-1
Parent: NET-107-0-0-0-0
NetType: Direct Allocation
Comment: http://www.digitalocean.com
Comment: Simple Cloud Hosting
RegDate: 2013-12-30
Updated: 2013-12-30
Ref: http://whois.arin.net/rest/net/NET-107-170-0-0-1
Russian relay
NetRange: 162.243.0.0 – 162.243.255.255
CIDR: 162.243.0.0/16
OriginAS: AS14061, AS62567, AS46652
NetName: DIGITALOCEAN-7
NetHandle: NET-162-243-0-0-1
Parent: NET-162-0-0-0-0
NetType: Direct Allocation
Comment: http://www.digitalocean.com
Comment: Simple Cloud Hosting
RegDate: 2013-09-06
Updated: 2013-09-06
Ref: http://whois.arin.net/rest/net/NET-162-243-0-0-1
inetnum: 188.226.192.0 – 188.226.255.255
netname: DIGITALOCEAN-AMS-4
descr: Digital Ocean, Inc.
country: NL
admin-c: BU332-RIPE
tech-c: BU332-RIPE
status: ASSIGNED PA
mnt-by: digitalocean
mnt-lower: digitalocean
mnt-routes: digitalocean
source: RIPE # Filtered
person: Ben Uretsky
address: 270 Lafayette St
address: New York, NY 10012
phone: +16463978051
nic-hdl: BU332-RIPE
mnt-by: digitalocean
source: RIPE # Filtered
OrgName: Digital Ocean, Inc.
OrgId: DO-13
Address: 270 Lafayette St
Address: Suite 1206
City: New York
StateProv: NY
PostalCode: 10012
Country: US
RegDate: 2012-05-14
Updated: 2012-10-05
Ref: http://whois.arin.net/rest/org/DO-13
NetRange: 104.131.0.0 – 104.131.255.255
CIDR: 104.131.0.0/16
OriginAS: AS393406, AS14061, AS62567, AS46652
NetName: DIGITALOCEAN-9
NetHandle: NET-104-131-0-0-1
Parent: NET-104-0-0-0-0
NetType: Direct Allocation
Comment: http://www.digitalocean.com
Comment: Simple Cloud Hosting
RegDate: 2014-06-02
Updated: 2014-06-02
Ref: http://whois.arin.net/rest/net/NET-104-131-0-0-1
OrgName: Digital Ocean, Inc.
OrgId: DO-13
Address: 270 Lafayette St
Address: Suite 1105
City: New York
StateProv: NY
PostalCode: 10012
Country: US
RegDate: 2012-05-14
Updated: 2013-12-12
Ref: http://whois.arin.net/rest/org/DO-13
OrgTechHandle: URETS-ARIN
OrgTechName: Uretsky, Ben
OrgTechPhone: +1-646-397-8051
OrgTechEmail: abuse@digitalocean.com
OrgTechRef: http://whois.arin.net/rest/poc/URETS-ARIN
OrgAbuseHandle: URETS-ARIN
OrgAbuseName: Uretsky, Ben
OrgAbusePhone: +1-646-397-8051
OrgAbuseEmail: abuse@digitalocean.com
OrgAbuseRef: http://whois.arin.net/rest/poc/URETS-ARIN
inetnum: 128.199.0.0 – 128.199.255.255
netname: DOPI1
descr: DigitalOcean Cloud
country: SG
admin-c: BU332-RIPE
tech-c: BU332-RIPE
status: LEGACY
remarks: For information on “status:” attribute read https://www.ripe.net/data-tools/db/faq/faq-status-values-legacy-resources
mnt-by: digitalocean
mnt-domains: digitalocean
mnt-routes: digitalocean
source: RIPE # Filtered
org: ORG-DOI2-RIPE
organisation: ORG-DOI2-RIPE
org-name: Digital Ocean, Inc.
org-type: LIR
address: Digital Ocean, Inc.
address: Ben Uretsky
address: 270 Lafayette St, #1105
address: New York
address: 10012
address: UNITED STATES
phone: +16463978051
fax-no: +18669768752
mnt-ref: digitalocean
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-mailbox: abuse@digitalocean.com
abuse-c: AD10778-RIPE
source: RIPE # Filtered
person: Ben Uretsky
address: 270 Lafayette St
address: New York, NY 10012
phone: +16463978051
nic-hdl: BU332-RIPE
mnt-by: digitalocean
source: RIPE # Filtered
MORE
Information related to ‘146.185.184.0 – 146.185.191.255’
% Abuse contact for ‘146.185.184.0 – 146.185.191.255’ is ‘abuse@digitalocean.com’
inetnum: 146.185.184.0 – 146.185.191.255
netname: DIGITALOCEAN-AMS-3
descr: Digital Ocean, Inc.
country: NL
admin-c: BU332-RIPE
tech-c: BU332-RIPE
status: ASSIGNED PA
mnt-by: digitalocean
mnt-lower: digitalocean
mnt-routes: digitalocean
source: RIPE # Filtered
person: Ben Uretsky
address: 270 Lafayette St
address: New York, NY 10012
phone: +16463978051
nic-hdl: BU332-RIPE
mnt-by: digitalocean
source: RIPE # Filtered
I can confirm DO (Digital Ocean) has been negligent in stopping exploited/known spam hosts for some time. I admin some domain names which are 15+ years old and routinely see DO spam traffic. Here is my CIDR list. This may be helpful for Sendmail/Postfix MTA administrators who wish to block them quickly.:
## CIDR block list
162.243.0.0/16 REJECT # CIDR Digital Ocean
104.131.0.0/16 REJECT # CIDR Digital Ocean
128.199.0.0/16 REJECT # CIDR Digital Ocean
146.185.184.0/21 REJECT # CIDR Digital Ocean
188.226.192.0/18 REJECT # CIDR Digital Ocean
188.166.0.0/18 REJECT # CIDR Digital Ocean
95.85.48.0/21 REJECT # CIDR Digital Ocean
107.170.0.0/16 REJECT # CIDR Digital Ocean
5.101.96.0/21 REJECT # CIDR Digital Ocean
178.62.0.0/17 REJECT # CIDR Digital Ocean
107.170.0.0/16 REJECT # CIDR Digital Ocean
Thanks for your post. Hopefully by shaming them, it motivates them to control their network.
One would hope but even contacting Ben Uretsky directly – or so it appeared – via LinkedIn and communicating with someone supposedly who was in charge of their network had zero impact. In fact he said they really cared and spent a LOT of time making sure they were not listed in spamhaus ROSKO. I wondered after the tenth bad block why DO was not listed – and they still are not! and yet the spam continues.
SO yes – shame on them!
: )