Infrastructure » ovh

I finally got a response back from OVH and they say they just use the primary email address to send these notifications. That was changed in http://tracker.ceph.com/issues/18398.

We recently got a threat notification to the changed e-mail address so maybe there was just some lag in their system? Either way, I think this is taken care of.

From - Thu Apr 13 18:37:45 2017
X-Account-Key: account19
X-UIDL: 0001724d567b037b
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:                                                                                 
Return-Path: <lost-emails@support.ovh.ca>
Delivered-To: loic@dachary.org
Received: from spool.mail.gandi.net (mspool1-d.mgt.gandi.net [10.0.21.131])
    by nmboxes31.sd2.0x35.net (Postfix) with ESMTP id 650899DE
    for <loic@dachary.org>; Thu, 13 Apr 2017 18:34:39 +0200 (CEST)
Received: from smtp-3008.ovh.ca (smtp-3008.ovh.ca [8.33.137.105])
    by spool.mail.gandi.net (Postfix) with ESMTP id 3CB6C22604A
    for <ovh@dachary.org>; Thu, 13 Apr 2017 18:34:39 +0200 (CEST)
Received: from mozg-vac.ha.ovh.ca (mozg-vac.ha.ovh.ca [10.66.72.112])
    by smtp-3008.ovh.ca (Postfix) with ESMTP id 383641FC1D;
    Thu, 13 Apr 2017 12:30:27 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ovh.com; s=smtpoutca1;
    t=1492101027; bh=p5phGFezCbf3ynabtKEhAKxVC14J16NbPznrq+aQbOM=;
    h=Subject:Mime-Version:Content-Type:To:Content-Transfer-Encoding:
     From:Message-Id:Date;
    b=pVu+QBY8gIkVHsGXYAODlQzRXOMlQprGff/KX4tkc3LbQFYkZJeoMlKbMK9HTTTle
     qGsaR6qWWQZcnpmL2swEP0FZ0AV/1ERAIiWht/BIShrJQGzSPVthTwgf8OLKsO5twX
     2qRg5NajMorpdf9LbTOd7a03UOfI1Vg4xhfSvVmQ=
Received: by mozg-vac.ha.ovh.ca (Postfix, from userid 19067)
    id 7DBAC5FBA2; Thu, 13 Apr 2017 12:34:38 -0400 (EDT)
Subject: Detection of an attack on IP address 158.69.80.38
X-Ovh-Template: ip/en/addIpOnAutoMitigation.model
X-Ovh-Nic: ws43296-ovh
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-15
To: ovh@dachary.org
Content-Transfer-Encoding: 8bit
From: support@ovh.com
Message-Id: <20170413163438.7DBAC5FBA2@mozg-vac.ha.ovh.ca>
Date: Thu, 13 Apr 2017 12:34:38 -0400 (EDT)
X-Rspamd-Server: nmfilter1.prod.sd2.0x35.net
X-Rspamd-Scan-Time: 0.02
X-Rspamd-Queue-ID: 3CB6C22604A
X-Spam-Level: 

OVH 2 rue Kellermann 59100 Roubaix
Technical support:  08.99.49.87.65 (¤1.349/call + ¤0.337/min)
Commercial support: 08.20.69.87.65 (¤0.118/min)
Fax: 03.20.20.09.58
support@ovh.com

Dear Customer,

We have just detected an attack on IP address 158.69.80.38.

In order to protect your infrastructure, we vacuumed up your traffic onto our mitigation infrastructure.

The entire attack will thus be filtered by our infrastructure, and only legitimate traffic will reach your servers.

At the end of the attack, your infrastructure will be immediately withdrawn from the mitigation.

For more information on the OVH mitigation infrastructure: https://www.ovh.com/fr/anti-ddos/

Regards, 

Your OVH Customer Support  
Mon - Friday: 9am - 6pm
(020) 7357 6616 Local call rate.

Are you still getting any of these? We get them to the e-mail alias I set up occasionally.