[skip nav] www.ackadia.com
ant worker
  • Recent Blog entries:

    Fixing a site
    Helping someone turn their holiday review site around and improve their Adsense revenue

    More code fixes
    Improving the search engine optimisation for a travel site
  • Alexa
  • Free IQ
    the Marketplace For Ideas!
    Currently in beta, this site has to potential to be the next 'big thing' since YouTube!

» Stop Spam - News and views from 2004 «

Introduction, news and views : 2004

[ 2002 ]     [ 2003 ]     [ 2004 ]     [ 2005 ]    

October


Tied up with revising the website so I've put a kill list to my email to free my time. Use the contact link on the menu if you want to reach me, because nothing unapproved is coming anywhere near Ackadia!

As soon as I have this place looking something like finished I will start putting in the news and gossip I'm hearing. Might me as late as November mind.

- Paul



Filtered Spam statistics for the year

[Δ]


The links in the list below show the daily fluctuations over the past nine months and are included for passing interest. If you can't access the images and want the individual figures, just ask and I'll sort it. The figures give the total and average Spam counts for each month.


I personally believe the systems compromised by the MyDoom virus in January and onwards are being used by Spammers, resulting in the exponential increase in Spam we are all now experiencing. By the time March came I'd had enough and tightened my own filtered to the point in September where, unless you are approved, you are wasting your time trying to email be because nothing not whitelisted will get through the blockade.

Nearly all the Spam I get now (August 2004) is for pirate software, and that's only because I don't target them...   It gives a measure of the amount of Spam for dodgy software though when, even after heavy filtering I get up to 200 of them a month!

Addenda October 2004:
I did have few other graphs but to be honest test showed the staggering fact that my filters are now blocking an estimated 15 Spam A MINUTE, which kind of renders any figures pretty much meaningless!



Recommended Reading

[Δ]

September 2004

[Δ]


I really do have too much typing and reading to do to be doing with Spammers for a while so I've reset the filters to whitelist mode. Anything I haven't specifically approved will disappear, never to return.


It isn't just me having a bad time of it. Everyone I know with email is buckling under the torrent of Spam. Here is what another website had to say on the matter:

[ From Tom Van Vleck ]
In August 2004, I got over 542,000 mail messages, 99% spam or virus, and the percentage is rising
A graph there puts it into perspective and indeed parallels my own thoughts.



August 2004

[Δ]


CanSpam - but not if it affects corporate profits...

Here's a thing...
I notice more Spam passing from the range 69.42.xxx.xxx than anything else.
Now, the main offender is:

Media Dream Land Inc.
5546 Camino Al Norte #2 - 278
North Las Vegas
NV
89031
US
(NetRange: 69.42.96.0 - 69.42.127.255 )

Clearly the FTC are aware of these cowboys - but do nothing, it appears.
It comes as absolutely no surprise to me that the register selling them all the domains is none other than [ Bulkregister.com ] who have clearly demonstrated to me that they are happy to support and continue supplying any Spammer that pays the bills on time.

And the person / company apparently bankrolling the last pile of junk attempting to fill my mailbox?

Dell!

Note to self. Never, ever buy from nor recommend Dell to anyone again. (Read to the bottom mind). Any company that needs to employ Spammers to shift stuff it clearly unconscionable.

Here's an extract:

(I've stripped out identifiers)


[ Skip following blockquote of html code ]
X-POP3-From: andressloan@batipel.justmaster.com
Return-path: <andressloan@batipel.justmaster.com>
Envelope-to: (me)
Delivery-date: Wed, 01 Sep 2004 00:08:45 +0100
Received: from port-114-101.verygoodoffer.com ([69.42.114.101])
by (my server) with smtp (Exim 3.36 #1)
id 1C2Hk5-0001JB-00
for (me); Wed, 01 Sep 2004 00:08:45 +0100
From: "Incentive Program" <andressloan@batipel.justmaster.com>
To: (me) Subject: -Get a Dell Laptop Computer Free!
Date: Tue, 31 Aug 2004 16:08:56 -0800
MIME-Version: 1.0
Content-type: text/html; charset="ISO-8859-1"
Content-transfer-encoding: 7bit
Message-Id: <...@batipel.justmaster.com>

<html>
</head>
<body>
<p align="center">
<a href="http: // thule.securegirl.com/dell2/ ... vuz&winner&_m01">
<img border="0" src="http: // thule.securegirl.com/dell2/lapad.gif" width="500" height="142"></a><br>
<br>
... <br>
<p align="center">
<img border="0" src="http: // thule.securegirl.com/dell2/dell2_disclaimer2.gif" width="636" height="159"><br>
<p align="center">
<a href="http: // thule.securegirl.com/dell2/rd.cgi? ... vuz&winner&_m01">
<img border="0" src="http: // thule.securegirl.com/dell2/5.gif" width="502" height="59"></a><br>
<img src="http: // thule.securegirl.com/dell2/logogen.img ... =vuz" border=0>
</body>
</html>

Interestingly, the 'disclaimer' is actually for a Gateway Inc. scam they ran. Sloppy, eh!

The hilarious thing is they has a logo claiming they fully comply to the CanSpam act of 2003.

Needless to say I phoned Dell to get them to give them a good kicking. Bounced from sales department to sales department because they didn't have a clue. Useless!
The complaint number in the UK incidentally is 0870 906 0010.




Mid August

[Δ]


OK, that's BAD!

To make a point to my wife, I took the filters off the server on Sunday morning for an hour (22nd, 10.15am to 11.15am). As Spam goes, I find this the quietest time of the week. I was not prepared to the results!

I've noticed this before, but been wary of putting it to the test. At present, 1 spam every 5 seconds bounces off us....

Every few seconds, another Spam... every minute ... of every day ...

Here's the figures for that hour:

10.14  :   Box cleared, filters closed
10.15  :   Start
10.21  :   First virus - w32.Netsky.D@mm
10.22  :   Coming down to fast to process with backend filters


Several hours after I walled the filters back I was still trying to clear the mess!

In that one hour, on a quiet Sunday morning, we recieved:


360   Offers of pirate software (48%)
201   Offers of (placebo) 'enhancing' drugs (27%)
132   Offers of wholly inappropriate material (18%)
  42   Offers of financial help (6%)
  11   Offers of fake degrees and, mostly, fake Rolex watches (1%)


Showing the mindeset and dim mentality of these thoughtless idiots. I am far too busy with the site revision to track, so he are the biggest offenders:

With subject lines like 'take care of your problems' and 'remember your teen years' we have [ memorybig.com ] peddling placebo medicine. Actually, the vast majority of herbal miracles where from these.

For obvious reasons I won't comment on the subject lines of the adult emails, but at least 88 came from an address given as:

Ion Marketing Limited, D2, 23 Borrett Road, Mid-Level West, Hong Kong.

Vast numbers of pirate software came from, or appear to have come from Hotmail. Over 100 in a row! See this screenshot as an example.

Within this lot 10 failed to bother with subject lines and 83 messed malformed, messed up with errors like this :
%make_txt[3-6]


Scaled up, and I have little reason to doubt this, I average perhaps 24,000 spam a day, or approaching ten million a year!!! And you wonder why my filters are so thorough, eh!



Early August

[Δ]


I saw a blip in the middle of July which I stomped on, but it rocketed in August, including a number is a language I didn't even recognise. If I'm seeing a sharp jump, I pity the rest of you, that's all I can say!

I can't speak for this month, but recent reports seem to confirm the problem is getting steadily worse. Brightmail puts the figure at 65% of all mail for June 2004. Enrique Salem, senior vice president at Brightmail is quoted as saying In many ways it's almost a denial of service attack on the email infrastructure..

I really, really wish 65% of my mail was spam. Without the filters I now get about 3 - a minute!!!
Yep three exclamations. 2-3 a minute - 180 Spam an hour - potentially 4,000 Spam a day, every day, and it never gets better. I keep thinking about taking the filters down a day to see what happpens, but it's also my first line of defence again viral attachments, so it's staying put!


Well, there's my answer, not this it surprises me...
VNU report July 2004 brings epidemic of new viruses
Last month saw a massive rise in new viruses - Sophos put the figure at 1,157, the highest figure for three years. The Hungarian Zafi worm is said to be a nasty one, though the recently released MyDoom.o has rocketed to the top 10. That's the one that beggered up Google last month.

The virus and spam landscapes have changed dramatically. Virus writers and spammers are combining their skill sets to produce a more sophisticated breed of email security threat, one in which the lines between viruses and spam have become increasingly blurred. This fusion of email attack methods is already widespread, MessageLabs warned.

The article finishes off with this ominous note: According to MessageLabs almost every virus it has intercepted during 2004 has lent itself to potential spam distribution.



July 2004

[Δ]


MS wins $4m from spammer
The Register, amongst others, has reported on Microsofts latest win against Spammer.
Whilst it doesn't say how many Spammers have done a runner instead of paying, here's the latest poll for their crusade:

Since 2003, Microsoft has initiated 60 US lawsuits against alleged spammers.
6 Half a dozen cases have been won (with one dismissal).
Microsoft settled with four defendants and pushed two others into bankruptcy.
In all, Microsoft has received $54m in judgments from the US courts.
Another Register article says has filed eight lawsuits in the US against nearly 200 accused spammers.
Many are anonymous, but are good for up to $1m per spammer in civil fines when found.
Microsoft are now involved in more than 80 such cases around the world.




Are YOU earning a virus writer $50 an hour ?
A PC Pro news story entitled Spammers hire infected PCs by the hour tells how (largely American) Spammers are paying (mostly Eastern European) $50 to $100 for a two hour session with compromised computers. They can be also used for extortion by the likes of the Mafia too, via Denial of Service attacks…
'Pay us $10,000 or we'll take your site down'

According to MessageLabs' Chief Technology Officer Mark Sunner,   ... 70 per cent of intercepted spam comes from botnets, up from about 30 per cent a year ago.   The article goes on that there's a nine hour window to infect systems between a new virus being released and a patch being written.

Now here's a thing, I get a lot of email - typically 60-80 messages and newsletters a day - yet I don't think I've even seen a virus since January, much less got infected. More to the point, if you ask me again in a few years time I'll probably say exactly the same.

It's all about educating the user - you lot - not to let the things in.

Firstly, stop penny pinching and buy a genuine anti-virus suite. I recommend Norton myself. And yes, I do mean buy, not download off Peer-to-Peer or copy off a mate!

Secondly, No, you can't mess about like I do, nor should you be expected to, but do can do this - set you email package to delete messages with attachments. IF it's expected and wanted you can always recover it, but I can guarantee 100% that nothing ever good gets attached to Spam.

Finally, if you are wandering about KaZaa etc, give yourself a breathing space. Leave the downloads a day or so, then update your AV package with the latest signatures and scan them. If they are clean, then you can move them.



ITU wants spam dead within two years
In this VNU article is a report of a recent International Telecommunication Union (ITU) spam conference. Summing it up, spam has passed 85% of all email (and will soon pass 100% IMO), costs business an estimated $25bn a year and, pretty much, folk are sitting up and taking notice.
Be still my beating heart!
Anyway, they have hauled regulators from 60 countries and a number of international organisations to discuss the problem.

Sounds like closing the barn door long after the horses have bolted, but all to the good. Too many double standards for my liking mind. Governments (ie Italy and various US senators) publically deploring Spam - then using the same dirty tricks to poll for votes and - in the case of President Bush - campaign funds. (And yes, I am serious).



June 2004

[Δ]


Update
As can be seen by my graphs I get relatively little Spam any more, which I'm rather pleased about. My friends, relatives, neighbours and acquaintances however currently report they are getting hammered. 100-200 a day in regularly voiced!

Here's a scary thought for you (written last year) from the Dummies Guide to Spam:
... In repeated experiments, the longest time spend in an AOL chat room (with a brand new email address) before recieving Spam is a just 30 minutes. The shortly, unsurprisingly, is under a minute.



Virus? Not from me, guv!
I've not had any complaints myself, but I did have a bounce report from HostRocket.com
The virus was reported to be: Worm.SomeFool.Gen-1
It actually appears to have come from:
host217-42-157-34.range217-42.btcentralplus.com (HELO intopa.com)


Ditto: W32/Netsky.B@mm
It vaguely appears to have come from:
Received: from unknown (HELO legendofmir.net) (unknown)



May 2004

[Δ]


May 17th
Here's an interesting snippet, taken from Clickz.com

[ Postini ] assessed April 2004's spam volume at approximately 78 percent of all processed e-mails, an increase from 77 percent in March 2004, and has already classified 80 percent of May's processed messages as spam.

The article also says:

In Petry's evaluation of May 2003 versus May 2004 messages, he found, …spam as a percentage of mail has increased 8 percent … legitimate mail per user has increased 19 percent … spam per user has increased 76 percent.



May 8th
Wonderful. Another spoofer...
If you get, or recieved a message with the subject line: "Warning: antivirus system report" kill it!
According to a bounce report I have, it's carrying a payload...

The virus found was: Exploit.IFrame.FileDownload




Found a few great sites...

Anti-Phishing Working Group
"What is Phishing?

Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them."

Aunty Spam's Slam a Spammer Blog - RECOMMENDED!




April 2004

[Δ]


25th April

Spam is down to one or two a day, my job is done here !!!
Actually it will never be done but my kill rate is so high that I have time to move onto better things.

Corporates and educational establishment wanting a copy can ask me for details - I will check, mind, hmmm.

Suffice to say, within caveats, this is one of the most powerful Spam filters in existance !



13th April 2004

They are time when I think these idiots do it to wind me up!
I wouldn't mind but it was an a new website I'd recently set up.
The more silly things they do - like the forged details used in this nasty Spam - the more likely I will find there home address...


You have written a very good text, excellent, good work!

++++ Attachment: No Virus found
++++ Norman AntiVirus - www.norman.com


Needless to say they then attached a file with W32.Netsky.P@mm.



The Deadly Duo: Spam and Viruses, March 2004
Here's a few figures from the above article:

Spam went up again during March 2004, pushing the spam ratio to 63 percent.

Brightmail's Probe Network identified 58.6 billion messages as spam, of which 80 percent were in English.

Commtouch Inc. identified 60 percent of all spam originating in the United States during March.
(China was a very distant second place at 6 percent.)

Yankee Group puts the lost productivity costs for corporates at $4 billion a year.

mi2g estimates that malware variants (NetSky, Bagle and MyDoom) caused economic damage of $128 billion worldwide in Q1 of this year.

Classifying Spammers as Type 1 ("aggressive marketers") and Type 2 ("hardcore, rogue"), Oren Drori of Commtouch Inc., reckon the latter ones - using compromised systems, account for 80 percent of all Spam.



March 2004

[Δ]

31st March 2004


Spim is the new spam
Apparently spammers are turning to Instant Messaging to peddle porn and get-rich-quick scams. Personally if doesn't bother me greatly as I don't use the things. I am grumpy enough as it is without the constant distraction of folk pinging me to chat about nothing or offer me junk. Anyway, for those of you using AIM etc, here's an overview of the above VNU article:

IM spam (spim) is exprected to account for 5% of instant message by year-end.
The figure put it at trebling from 400 million messages in 2003 to 1.2 billion by the end of 2004

Breakdown wise:
Adult junk makes up 70% of spim, get-rich-quick schemes at 12%, product sales 9% and financial at 5%.

Almost all messages are short one-liners with a link attached. Radicati, who conducted the survey, advise that users are made aware of spim and that they do not click on strange links or those from unknown parties during an instant messaging session.


29th March 2004

[Δ]


Online Big Four to Test CAN-Spam

I've seem a number of articles to the same effect, but this Computer Business Review Online one by Kevin Murphy is the first I've seem to names names. None as yet have been through the courts systems. In any event, here's a summary from the above link...

Microsoft, AOL, Yahoo and EarthLink have sued dozens of people they suspect of being spammers, using the new federal CAN-Spam Act. In a joint press conference yesterday (10th March 2004), the companies all characterized the defendants as the biggest and most prolific spam operations. Apparently the ISPs are taking on one or two cases each. Half of the lawsuits name John Does, the other half name individuals and companies the ISPs have managed to track down. Never heard of him myself, but one of those AOL's gone after is Davis Wolfgang Hawke,(born Andrew Britt Greenbaum). A racist too, it seems.

Yahoo appears to be gunning for "The Head Operation" It claims these beggers are sending nearly 100 million spam messages a month, and that's just on the Yahoo network."
And you wonder why I wholly block Yahoo!?

Here's the juicy bit, and something I've been rallying for for ages...

"The companies said they will sue not only the spammers sending the email, but the people paying them to do it." ... "This, potentially, means some well-known brands could emerge as defendants in future."

EarthLink added they are also taking action against "the people that are benefiting from it and the people asking them to do it."
I REALLY hope this includes the Registrars KNOWINGLY selling domains to Spammers!

"Anti-spam vendor Brightmail Inc says that 62% of the world's 455 billion monthly emails is spam. So there are 280 billion spams sent every month"



Internet Retailer reports... that due to the scourge of Spam "a significant number are shopping less online or not at all because they are afraid of receiving more spam, according to a survey just out from the Trans Atlantic Consumer Dialogue."

Apparently, the group surveyed 21,102 people from 36 countries and found:



When I get a minute, probably the middle of next month, I've reorgainse this section and add a category for statistics.

Currently the average is said to be 65% of all Spam. I know I was getting several hundred a day, but I've managed to filter it to under a score a day, and still get most of the mail through. My filters rock! Big grin!
Note I intentionally block Yahoo, Hotmail, AOL and MSN. If you use these, try something else, I'll never see it!


22nd March 2004

[Δ]


I do have a load of interesting links to go in largely relating to Spammers getting a rightly deserved kicking in the courts.
Meanwhile...

Spoofed yet again. What is it with the people !?

Just to be bloody minded, I rang them up to discuss their illegal practices.
The girl I spoke to was surprisingly polite, but adamant it was nothing to do with them. Nope, not us sir, n'uh. It was an "affiliate"...
Gods but I hate them term!
Anyway, I was laughably being told it was nothing to do with them and that "affiliates" sent it. Yep, affiliates used their time and resources, incidentally breaking the law and, at the very least, getting kicked off by there ISP - out of the goodness of their heart. How very altruistic of them.
So, while they denied all responsibility them finally admitted they used numberous mailing lists (AHAH!) and the "affiliates" don't getting paid for sending Spam, nope, they only earn commission if someone ventures there via a weblink and, presumably, joins.
Which means, if they click on the link in the Spam, hmmm!
In the end they agreed to take action against the particular "affiliate" and I shall leave it at that for the moment.


Attn:

(True sender / from: myoffer2u.com ) brian@cupidcams.com

Butterfly Holdings, 265 Port Union #15525, Scarborough, Ontario M1C 4Z7 CA (Body as riverbelle.com)
John & Kernick (In Trust), ZA
dns-admin@bowman.co.za

(From website) Freephone Support: UK: 0-800-783-4381
Europe: +44-800-783-4381
E-Mail Support: captain@riverbelle.co.uk

(Remove as instantaccess4u.com)
Butterfly Holdings, 265 Port Union #15525, Scarborough,
Ontario M1C 4Z7 CA
brian@cupidcams.com


Dear Sirs,

Amazingly, I have zero tolerance for liers and thieves, which is pretty much want you are doing stealing my details to display as the sender…
In case you and your associate companies missed the whole CAN-Spam Act thing - FALSELY claiming I am the sender violates the act.
As a Canadian, I am thoroughly disgusted at you - and point out you have violated our own acts.
As I'm currently living it the UK, well, you get the picture…

I will, of course be chasing this up via the authorities in the morning.

Before sending me Spam/UBE/UCE again, I suggest you consider just one of my anti-spam pages...
www.ackadia.com/computers/it-spam.php

Should this not give you second thoughts, here's my 'Agreement by action'

I don't want your junk mail, now or ever. Should you continue to send mail to us, that constitutes acceptance of the terms herein:

  1. For each message you send to us that we have to trace and/or report and/or delete you agree to pay us the sum of $500 US.

  2. For any message that fails to fully comply in any way with, or which in any way violates the following laws - including but not limited to spoofing, obfuscation and false claims of subscription - you agree to pay us the sum of $1,000 US

    1. the US CAN-Spam Act of 2004
    2. the UK Privacy and Electronic Communications (EC Directive) Regulations 2003
    3. the Canadian Personal Information Protection and Electronic Documents Act (Revised 1st Jan 2004)

  3. In sending messages you agree to pay all valid claims by the next working day, via our Paypal account for immediate processing.

  4. You also agree to also accept liability for any and all recovery costs incurred, including, but not limited to court costs, lawyers and legal fees and debt recovery agents.

  5. In sending messages you also agree to pay interest at the current rate for all outstanding amounts, should recovery be necessary.

  6. This agreement encompasses any subsequent domains and/or businesses you may create and/or register and any 'partner(s)' or 'affilitiate(s)' you are shown to use or pass our detail on to.

- Paul

Illegal Spam follows as text:




20th March 2004

[Δ]


Three Spam from Zhang Jun - given from as me - and second a blind copy to me also!
Dozy begger. When I'm feeling up to it I really am going to rattle his nest.


Needless to say it was pharmaceutical - using domains [ base4ds.com ] and [ ss56d.com ].


8th March 2004

[Δ]


As a test, I have relaxed the first line filters for Yahoo, MSN, AOL and Hotmail to allow honest mail through.
If the resulting jump in Spam is managable I'll leave it so.
We will see.

* Two minutes later*

Begger that for a game of soldiers. Don't bother emailing me via these, they are shot on sight!


Spoofed by ExImpact

[Δ]


Darn me but I've been spoofed again!

A day or so back I got this email - about twenty times - after I missed his phonecall

hi paul,

I got last 3-4 days from your company Spam E-MAILs. I call you from Los Angeles. if you send me more e-mail. I know your all information and I gave to all other comopanies you used their information and I will go a court in Los Angeles and I will talk with my lawyer may be I need to come to visit England and I need to open over there an other one too.

It is last sans for you, please quit this spam e-mails from my e-mail account, Otherwise we will meet in court face to face.

thanks again

VEDAT

I did ask him to send it me, because I hadn't seen it, then I got a broken Spam from the clowns below. Whether is was the same one or never I don't know, Vedat never got back to me. His website was a joke through - he was pretending to be a big corporate company and was working form his bedroom, it seems.
*Shrugs*


I won't copy in the Spam because it had my email address all over it, nor will I give the full list of people I informed, let's just say it was VERY comprehensive 

Here's the gist of what I sent to a few though:



Note to : Denis Betsi, NutraCore
Using Spammers to push your drugs is plain dumb...
Using Spammers that forge MY address is beyond stupid as I have zero tolerance for Spam on a good day.
I suggest you take a look at this page: [ Carnegie.php ]
You really have no idea how angry I am at the minute…


Note to Steve Minasi, EXI Technologies [Eximpact.com]
Florida - might have known!
4MSZ.COM is one of yours I believe, which is where the files are pulled from...
Bit daft faking the AltaVista search engine - and then using your own email address as the title, eh!
I truly hope AltaVista make an example of you in court.
I really suggest you look at my Anti-Spam page too, eh!
By the way, what is that (Korean Snuff) file that wants to get itself installed ?
Needless to say your Anti-Spam policy is a joke...
Funny. I mustn't have a sense of humour. I am not laughing about the fact you feel spoofing - Indentity Theft - is justified.

Note to:

Attn Jang Sang Gyu, KOREAINTERNETDATACENTERInc and other interested parties:

Besides the fact this Spam spoofed my domain...

The link to 8954173.pe.kg

… goes to a false AltaVista home page (though for the life of me, I don't know why*.)
… pulls up an advert for NutraCore in a window
… then seems rather anxious to install a 'snuff' file on your system.*

* I assume they have this daft idea that seeing the AltaVista will make folk trust 'snuff' popup and whatever nasty payload it's hiding.'

Let's name the villains:

[ NUTRACORE.COM ]
Registrant: Denis Betsi, 2150 Winston Park Drive, Suit 208, Oakville, Ontario L6H5V1, CA
email: customerservice@NutraCore.com
Administrative, Technical Contact: John Smith, 123 Sesame St., Beverly Hills, CA 90210, US
email: denis.betsi@icanpledge.com

[ 4MSZ.COM ]
Registrant: EX IMPACT TECHNOLOGIES, 8280 College Parkway, Fort Myers, FL 33919, US
Administrative Contact: Minasi, Steve stevem@eximpact.com

Technical Contact: [http://iPowerWeb.com ] 2800 28th Street Suite 205, Santa Monica, California 90405, US
Manager, Domain hostmaster@ipowerweb.com
Registration Service Provider: iPowerWeb, hostmaster@ipowerweb.com
This company may be contacted for domain login/passwords,
DNS/Nameserver changes, and general domain support questions.

= [ EXIMPACT.COM ] = EXI Technologies Inc
Registrant: Eximpact.com, 8280 College Pkwy Ste 103, Ft. Myers, FL 33919 US
email: barts@eximpact.com

Actually, I think NutraCore were led to believe EXI where legitimately run bulk emailers offering a professional service. We shall see.


From the website:

IN THE PAST 30 DAYS WE DELIVERED:
Tens of millions of impressions
Millions of emails

Neglect to mention that the way they deliver then appears to break every single aspect of the CAN-Spam act and the European and Canadian Spam and privacy laws, and several other cyber-crime related laws!!!

I'll bet that's not in their (probable) glossary brochures, eh!


Their [ http://eximpact.com/policy.asp ] anti-spam policy is good for a laugh...

Before you read on - or EXI want to even think about getting legal while I rip their business to shreds and show their clients just how reputable they are - here's a few damning screen-grabs. The underlying code, besides meaningless to most of you, is embarrassingly poor!


Double click thumbnails for full size screengrab




At EXImpact we are concerned with the amount of unsolicited email internet users are receiving.
I read that as 'concerned we aren't sending them enough!'

Emails sent from EXImpact are never sent unsolicited. However, we frequently contract with other optin lists to email our offers. Per our contracts these emails must be sent to optin email lists.
I read that as 'we consider mail harvesting as opting in'

If you feel you have received an email from EXImpact or one of our partners that was sent unsolicited, please send the original email you have received to: membersatisfaction@eximpact.com
That would be the one you illegally spoofed with my name all over it, claiming me as the sending ?

I could go on and on and on, but they have broken every single line of their policy in the one e-mail, what's the point is flogging a dead horse?

Suffice to say I'm tempted to leave Carnegie alone and concentrate of this lot instead!



As it was, I couldn't be bothered. I just passed all the details to a contact at the FBI's cybercrime division, AltaVista's legal department and other interested parties.



February 2004

[Δ]


Worm mutants spoof Microsoft website with Internet Explorer (PCW 28th Jan 2004)
Three new variants of the Dumaru worm - versions J, K and L - are running rampant, it seems. Basically a mass mailing of a message faked as being from Microsoft offering updates to their virus protection. Basically, it has a Trojan URL spoof which, once activated, pops up an Internet Explorer window with a spoofed Microsoft website.

To make this site appear genuine the URL spoof uses a vulnerability in Explorer that allows the worm to display www.microsoft.com in the address bar, even though the user is actually at another site.

While the user is browsing this bogus site, the compromised PC is transformed into a Dumaru carrier from which the worm initiates its mailing process.

This outbreak has once again demonstrated that virus writers and spammers are joining forces," said Eugene Kaspersky, head of antivirus research at Kaspersky Labs, in a statement.

Tell me something I didn't know!

Apparently, according to the article, the original Dumaro worm was written in Russia, but subsequent versions which contain only minor modifications appear to come from Germany.



Early February

[Δ]


To come… (I think I shoved all this under the Carnegie pages)

* This last one is an eye-opener.
It tell's us just...

who's really on our side against Spam.
who couldn't care less, or has so much red tape are useless
who claim they are doing what then can - to shut us up - then ignore the problem
and who appears to be supporting Spammers 'cos they are making a bundle.

I know where I firmly place BulkRegister, Tucows and others, especially the former, but I'll give you their own words - and evidence that confirms or makes a sham of their lies - and let you make up your own minds.

Basically, I have replies from China, Korea, France, Italy, England, Isreal, heck even Russian providers wrote back. And you know which country is least likely to act? Might it perhaps be the one responsible for the bulk of the Spam?

Will I name and shame the heroes and villains of this play?
Too ruddy right!
Hmmm,I'll just leave this fake moustache and black cape on BulkRegisters chair.

If you are reading this BulkRegister and fancy getting all legal. Remember, I have all the evidence. You are damned by your own words and doubly damned by your actions and lack of actions.

If you are a customer of BulkRegister - and others like them that are apparently happy to support Spammers...
Just remember that every time you open your mail box.
Remember that when you HAVE to vet your childrens email in case the stuff is so bad even you find it sickening and disturbing.
Remember that when the cost of dealing with it costs your company tens, even hundreds of thousands of dollars a year to clear up
Remember that when your domain is spoofed and you can't get your legitimate email for the thousands and thousands of bounced messages and flames.
Remember that and, every time, think. Count to ten. It's OK. Regardless of the cost to us, it OK. BulkRegistar (or whoever) made a few more dollars with the sale of that domain used in the Spam.


Harsh words, perhaps. But tell me I'm wrong!
* Listens to the deathening silence of honest disagreement *
Didn't think so!

For the record, I get a lot of newsletters, a lot of UBE, a lot of UCE. I know the difference. And for every honest message I get, I get and have to block tenfold more Spam.
I follow simple, easy rules. Any deceit at all, it's Spam!
Words like 'affiliate', 'partner', Boca Raton, Florida and 'opt-in/out' are firmly in that line.
Unless it's a direct message to me, and only to me, anything I didn't doubly opt-in for is Spam and will be reported.

You should too. The more people raise arms and act, the sooner we kill this parasitic behaviour.

Although ICANN's limited technical mission does not include resolving individual customer-service complaints, ICANN does monitor such complaints to discern trends. If you would like to submit a complaint about a registrar for ICANN's records, 'please use the form here' or send an email (including the information below) to registrar-info@icann.org. As a courtesy, ICANN will forward your complaint to the registrar for review and further handling. (Please note that there is no guarantee that the registrar will reply.)


On a side note, it appears that Bulk Register settled out of court in 2001 for Spamming faxes. Nuff said, eh!


I reckom I need legal adice over the wording of this, by I'm going to device a messages to administrators and upline providers of domains which spew UBE. 'Agreement by action' is one of the legal standards I believe I can to use.
Should you continue to send mail to me, that constitutes acceptance of the terms herein.


Early February - Carnegie update

[Δ]


If you have been following my track of 'Carnegie Sun' and associates, or have come looking for information on them, I have moved it to here Carnegie Sun & associates.

Basically, at 60 sites in 30 days there are already using / burning up two domains a day, every day. As such, this was getting for to cumbersome for this section. As it is I've had to split it into four sections and will undoubtably have to tidy it up a lot more before I am done!



Ackadia's forum
- I've finally put in a decent Forum - Feel free to post any thoughts, queries or requests for help.
Still being tidied mind, on account this daft Spammer keeps distracting me!



February Feedback 3

[Δ]


I will tidy this and move it to a regular spot in the near future, maybe copy them to the Forums



From: Alan
Subject: FW: Someone special for you

Paul, a quick note. I have been trying to read your website in between
calls and there is SO MUCH information there! I was looking for the quick
and dirty Where exactly do I blow off steam info on these Carnegie Sun
b… whose privacy and anti-spam policies are a complete joke, and they
are sending blind date emails to me AND several coworkers on a daily basis.
*rips hair out*

I can not believe any of this c… is still legal. The US Senate 'voice
voted' to ban it? C'mon!

Ok, so what do I do with the email below? If you are busy, a URL to the
correct page on your site will do nicely. Thanks!

Alan


To which I replied:


Hi Alan.

You'll probably get my other message before this one, but I've reported it for you.

Plenty much, it's a warzone and, as you might have guessed, I'm taking the fight right back at them and I really don't care how many corrupt politicians and bent internet companies I have to break on the way.

As it stands, a number of the biggest registars have taken the stance that:
We only sell them, what they use them for is not our business.
To my way of thinking, thats the equivalent of selling arms to the Yakuza and Mafia on the grounds:
Hey we only hand them the Ouzi 9mils. We know what they use them for, but hey, we have a permit to sell and we ain't afraid to use it.

This is my stance, and I will do everything I can to make it happen as law.
Spamming is illegal, period. That's law in most countries.
The way I see it, any ISP - especially any registrar - knowingly hosting or selling domains for Spam must be make equally liable.

Basically, half the time you can't trace the Spammer, but the registrar, there isn't a whole lot of them. The problem is, they make a lot of money from Spammers. Apparently BlueRocket last year had over a 1,000 domains they used for Spamming. This Carnegie and his friends - just the ones I've had time to validate - they are up around 90+ domains in a month. Carried on, - just from the ones I am getting Spam from - thats 1,200 domains a year.

Now, taking BulkRegister as an example, the 'beingabletodate.com' was sold to him on the 11th Feb - a month after I first reported him. The fact I've previously reported some 40 odd domains for Spamming, spoofing and identify theft means nothing to them. The fact a million or more people will get Spam as a result means nothing. The fact most of that were sent out from machines infected with viruses means nothing to them. All that matters is they made another $10 selling him that domain*.

* BulkRegister: 50 registrations in any calendar month. $10 per domain per year

Yep. Untold millions suffer to protect their $500 a month profit from the ammo they sell these beggers. It probably costs you alone more that that every month in lost productivity to deal with it. Multiply that over a million businesses around the world. But that's OK. BulkRegistar just made another $10 on that last sale. We can all sleep happy at night!

I'm sure you can imagine just how angry that makes me feel...

I could go on, but I only end up ranting, more at any rate.

I want pariahs like these to be made legally responsible to the maximum of the law. As far as I'm considered, at $1,000 per incident, BulkRegister owe me over $200,000, because, no matter how their fancy lawyers cut it, if they didn't provide him with these domains, you, me and millions like us would not get this junk!

*Flex*

Comes off his high horse.

OK. Here's the stand off.

Ignoring the incompetance of the opt-out clause for the CAN-Spam act, the US government has definite laws on Spam, but neither the backbone, nor the manpower to fight it. It has the resources and electoral vote but, IMHO, too many politicians on the take…
The internet govering bodies - ICANN, IANA, InterNIC etc have no policy on Registrars and Spam, which I find both ridiculous and scandalous.
A number of the registrars, knowing this, consider it a licence to print money...
A large number of ISP's will only act if they aren't making on the deal...
A number of registars - and ISP's - say they are acting to shut you up - but do nothing.

Me, I going to rattle on every cage I can until those in power sit up and says "Hey, I'm losing votes here" or "You know, the man's right, this is starting to annoy me too!" Everytime I find another person or company like yours, that's another voice to add to the cry. When I can get a million people to forward their daily Spam to the ISP, Registrar, FTC and the President of the US saying "Get off your seat and do your god damn job" I'll have won, I reckon.

Actually, about 10,000 or so might do it. If 10,000 send just one Spam a day, every day, maybe, just maybe they will get the message. There's 726 million people on the Internet - why are we taking this .... ?

*Growls*

What to do? Sent it anyway. It drives them nuts and they can't complaint. We are only complaining, as is our right. If every day Comcast, Verizon, and and and ... get 10,000 complaints. That's an awful lot of annoyed corporates to lean on the governing bodies. Me? I get 20,000 visitors a month. I want every darn one of them to report at least one Spam, every day…

Let's turn it another way, ( company comments deleted for privacy ), yes?
How many employees have you got 3,800?
Ever wondered how many have Internet at home?
How many are sick to the back teeth of Spam?
How many who would report Spam if they knew how, if it was easy?
And if they showed all their friends how...
Food for thought, eh!


Which is what I'm about. I'm far happier curled up with a good book, but I am so angry...

Anyhow, here's what I did...
(Get text of Spam)
Run Whois on domains to confirm registrar and host
Submit it to SpamCop.net - as well as getting reported by them, it quickly yields the sending ISP - Comcast in this case.
You can use SpamCop on it's own, but I take the added check of emailing them as well, making sure the FTC gets a copy.
Added to this, depending on my mode, I also send spam CNN, the FBI, to newspapers, to anyone I think will take notice and act.

Little thought for you. It's more than a bit possible that the people behind this are responsible for the MyDoom virus, which, I believe is by Spammers to create new relays - which is why there's so many damned "Blind Date" websites, all identical.

Last point, you must have some clever IT staff, yes ? Get them to open a SpamCop account and write a custom procmailrc file.
Pretty much, for a couple of lines of code you can filter every email you get from Carnegie...
… forward a copy to SpamCop (automatically generally complaints to ISPs)
… forward a second copy to the FTC - the more complaints, the more likely they will act
then delete it!

Your technies will be fine with this snippet.

# Comment - Report or Eat Carnegie

:0 B:
* ^.*Carnegie
! uce@ftc.gov


# or use this...
# ! submit.thisisouruserpassword@spam.spamcop.net
# Obviously you will have a unique SpamCop id...


# or just delete the thing and have done...
# /dev/null


You can, of course, get clever and do all three Smiley Smile!
*mutter*
My code fell over it's own feet but I'll post when I've got the bug out.




Yes, I can filter them out, but it's personal, they faked my domain name, and BulkRegister are OK with that. Me? I take it personal!

According to my emails, the China Telecom are working on this, but on the US side, forget it. Only thing to do it rattle doors until someone listens. Makes you feel like a ruddy Jehova's Witness, but it's time folk made a stand, eh!

Anyhow, rants aside, I hope you have found this helpful. Anything else, feel free to as. I spend several hours a day, every day working on this and every little response like yours only makes me more convinced I'm doing the right thing.

Regards

Paul



February Feedback 2

[Δ]


Hi.

Sorry for the slight delay. Trying to raise an army Smiley Smile!

As for what to do, anything and everything you can.
Mostly I want to educate folk and send them after Spammers.
Easier said than done. You know how tricky these beggers are and very, very few people have the skills to do what we do.

Best solution I have is to get the information for the masses, show them how to get the body as text and send it off - and hope a 100,000 new recruits get it right.

I'd so hate to help train a million Spam Fighters and have them put my address in anything they send, eh Big grin!

I'm a few days behind with updates, that I'll rectify this later this afternoon. But, for this one guy - group - I've so far cross linked him/them to at least 35 domains (maybe 40 with this morning Spam).

Added to this, I've linked him/them to drugs from China, hard core porn, possible prostitution, (possibly to viruses) and, of course, the apparent mail harvesting scam for Blind dates. Altogether a nasty piece of work, I think.

I can't decide if it's one lunatic running himself ragged or, more likely some sort of organised crime.
I've also linked him to other 'respectable' interest companies about the world. Even one in the UK.
It seems they are using 'cells' in a similar way terrorists do. Some are hit and run, some are fronts...

As you know, Spammers never use their own addresses...
If appears they are setting up 'partners' and 'affilitiates' (love them words...) and dummy companies.
To be honest it wouldn't have occurred to me. Basically, I decided to change tactics. This is too big to fight as one man. Even Spamhaus and co, at best, are slowing the flow, but that dam will break within the next month or so!

I've seen - and reported - the latest trick they have found. SpamCop choked on it, so hopefully they can work a way round it.

Anyway, getting back to the point, the people most likely to be annoyed enough to actively fight Spam are those whose businesses have been spoofed. Anythings fair in love and war, so, especially for Carnegie, I started running a Whois on the people getting the backlash, figuring the more baying for his blood, the better...

Always a different domain, but a pattern has started to emerge..
. We have a Welsh IT company, hosted in Florida, linked to China, and registered in Melbourne.
I'm far too cynical to believe in coincidences. They aren't interested in finding this person, yet it appears domains they own are being used to send this stuff...

Passed that one on the the police too. Spamming is illegal in the UK.

Basically, start looking for links and patterns.

The more I look, the more I see that tiger in the grass...

Spam, completely different at face value...
Until you get one for mortgates from domains registered to Canadians and Australians along with the usual Blind Date stuff - and they are have the same error. Sometimes it's %random in the body, sometimes the headers spill into the body...
After a while it makes you look out the corner of your eye...
Sure enough, we find the unsubscribe for Blind Date is the senders for last weeks medical enhancements...
They are cycling the domains - and some registrars appear to be actively supporting them...

When I catch up with my sleep I'll greatly enhance the Anti-Spam section and push the forum. I've also started contacting magazines around the world to join in.

The biggest trouble I've found is finding the information - even registrars I'm dealing with are flumoxed at times.

Anyway, I'll going to upload all the resources needed - names, addresses, phone numbers. And I'll need adding them. If I see (another) hundred mortage Spam from Australia I want folk to be able to look, get their email, their phone number, the email and phone number for the local agencies, ditto for the person registrar and host...

I want - and will provide - all the information to allow millions of ordinary folk the means to eradicate Spam!

There's 726 million of us, 200 or so of them. For gods sake, we outnumber them 4 million to one, why are we loosing!?

Me? I've had enough. By the time I've finished, the next idiot that Spoofs my address will find 726 million people know where he lives...

Now to find someone to translate the anti-spam section into French, Spanish, Cantonese...

Forgive my ranting, there's a fine line between genuis and insanity and it's a ricketty fences I'm dancing on!

Let's get 'em, eh!

- Paul



February Feedback 1

[Δ]


Hi Charles
Read your article on SMH am I'm inclined to agree.

As Spam creeps up day by day, I get angrier and angrier. Moreso as I'm had the dirty beggers spoof my domain three times in the past year. There's just too many people - both Spammers and those 'fighting the tide' - getting rich to want it to stop. Look at the number of folks selling anti-spam software... Cynical, but you reckon they want that cashcow to end in a hurry ?

As you say, it's a war and we are getting creamed. Time we soured the cream, eh!

You know what the true problem is - and thus the true solution - there's not enough folk fighting on our side.
We need new recruits!

The bugbear is a lot of ISP's and especially registrars won't do anything without sufficient complaints*.

*Apparently, 100 complaints just from me wasn't enough you phase one large dealer. Needless to say I just reported their sorry hide to ICANN and InterNIC, pausing only to mention it to the FBI on a related note Smiley Smile!

The real bugger is that it isn't that easy to work it out.

As you are aware, you have to know how to get the underlying body, then understand what you are looking at, what the headers means, how to strip the gibberish to get the real address, then you have to guess whats spoofed, what's real and what's made up.
*Pauses for breath*
And then we have to work out which Whois to use, who's the registar, who's the registant, how transient the domain is and if the address given for the owner is even true - when it's not encoded to hide it.
Then you simply have to word your complaint politely but firmly to the authorities...

*Sobs*

It makes my eyes glace just describing it. Joe Public can't even set up their email without an install package to set the POP's...

Nevertheless, I intend to train an army to do just that. To make it easier, I'll get all the details, they just need to work out how to forward their own junk.

The way I figure it, there's maybe 50-100 different Spams and scams sent a day, we just see half a dozen examples of every one pushing the figure right up. If I can initially get 10,000 people to complain to just one Spam a day, the beggers won't know what hit them, because the ISP's and Registrars will have a choose. Kick them off their servers and books, or get buried under all the complaints.

Given the number of visitors I get a day, and the number of technically aware folk I'm calling to be generals, I reckon we can do it.

If you want to join the party feel free. Smiley Smile!

Paul



February - Spoofed by a Canadian Spammer

[Δ]


I will tidy this and move it to a regular spot in the near future, maybe copy them to the Forums

Sent to ReCol.ca - Reporting economic crime on-line


This person / group Spoofed by domain - and countless others - in UBE messages sent all over the world. So far, after the initial incident I have records of over 70 similar violations involving 29 separate domains.

The address given to the Registrar is actually in Nassau, but I believe this to be false, similarly so for the Laval address he gives. It seems he is operating in and around Toronto and New York (which I believe is his true address) may be associated with Interweb Hosting LLC of Toronto.

I have kept a log of his activities on my website which will help in any enquiries you make. As for as I can tell his prime interest is email harvesting, but he/they have also used these addresses/ domains to advertise illegal pharmecuticals and very dubious 'escort agency' type holidays.

Further to this, I have some evidence that appears to link him to the recent MyDoom/Novarg virus and other trojans. This information I have already passed in depth to the FBI (I do have records if needed).



February : Reporting BulkRegistrar.con over support for Spammer 'Carnegie Sun'

[Δ]


You can report problems to InterNIC, but, personally, I don't have a great deal of faith with them.

I, and countless others, are being constantly bombarded with Spam from at least 29 domains registered with BulkRegistar.com

So save choking this summary, the details are being logged on my website here elsewhere on the site.

Basically, despite claims to be taking action against the Spammer they have in fact continued to sell them domains, which, like the rest, have been wholly used for Spamming purposes.

Virtually all the domains remain live last I checked (a few days ago), as does the first one I reported on January 14th 2004 (loveblinddates.com) which was used to Spoof my domain and resulted in a last number of bounces clogging up my mailbox.

For instance, here's one reply from the registrar from Jan 21st:

Good Afternoon Paul,

We are currently researching this issue and your input has become a part of our investigation. We apologize profusely for the actions of this individual and will be taking all necessary actions as delegated in our investigation process. Your input and cooperation is very much appreciated.

Sincerely, Brooke Schroeder CSR

On January 22nd: at least a further eleven domains were sold to this client of theirs and, again, all where used for Spam, a large number of them spoofed.

While I never reported every single instance (I have records of around around 100 in 3 weeks) I have report every new domain used for these illegal purposes.

Since Jan 21st BulkRegistrar have failed to acknowlege any subsequent emails, despite a few of them including 'requests for read receipts'

Needless to say I has also reported the matter to the FBI, FTC, RCMP and other bodies.

Regardless of the truth of the matter, on face value it appear to me - and many others being spammed - that the registrar is somehow connected to and/or involved with the Spammers operation!

However you colour it, I personally do not believe any reputable company would allow a client that has:



*I have told them. Whether they choose to believe me or not is another matter.

Further to this, a cursory search on Google on this client (currently using the name Carnegie Sun) and his 'Blind Date' spam shows this case person has been running this operation for a long time. I noticed complained going back to June 2003 even at a glance.

Patently, if it ridiculous that a registrar could not be aware that something was wrong with this client.

Compare this with registrar Joker.com...
Home page, click on 'Support', and submit complaint report.
(Actually the last one I reported to them is still live, but I understand the need for a certain number of complaints before they can take action).

Personally, I would like to know why it has continued for so long. Also, given what I percieve as undue the negligence of behalf of BulkRegistrar, when I (and others who have been compromised) finally get this to court, I will be looking for punitive damages from them, and the clearly disreputable client they appear to be protecting/supporting/ignoring.

Also, the client is proven to be using two clearly different address - one in the Bahamas, one in Quebec. He also appears linked to addresses in New York. Again, BulkRegistrar are aware of this, but the whois records remain unchanged. Naturally, plenty of people have more than one home, but Spammers aren't always truthful when it comes to giving real details, for obvious reasons.

Yours sincerely

Paul Ackerley

( copy to dmcgehee@bulkregister.com )



Early February - reporting Spammer Carnegie

[Δ]


Report (possible) incorrect WhoIs information to InterNIC
He uses the registered address in numerous domains but in scores of is (Spammed) emails he actually gives his address as this:

Carnegie Sun, LTD., 2135A des Laurentides Blvd, Suite 10057 Laval QC H7M 4M2,Ca

Further to this, it appears, he might actually live in New York...
Whois on further domain in Spam recieved from this person - or groups linked to him via the Spam give addresses such as:

unknown, 3380 Vets Hwy, Bohemia, New York,11756, United States
Veritact, 3380 Vets Hwy, Bohemia, New York, 11756, United States, US
Go Entertainment, Inc., 3380 Veterans Memorial Hwy., Bohemia, NY 11716, US
intimate travelclub, 1709 road 225#, NewYork, 357724, CHINA
zhang jun, P.O. BOX 38, 118000, China
Mas Roan, 173823, Alan, Au0921, PW
WebQuest.com Inc, PO Box 577583, Modesto, CA 95355, US
Vortal Group Inc., 10061 Talbert Ave, Fountain Valley, ca 92708, US


Note that is some cases it's not just a 'link' that ties completely different addresses but the wording, codes and even the errors generated are indentical.

I'm keeping a record of it here: ...

Regards

Paul


Start of February, 2004

[Δ]

This one amused me from Spammers Carnegie/Zhang:


This email was intended for this party. If it was sent to the wrong address then please remove yourself as someone may have added you to our optin mailing lists. Allow 72 hours for removal.
msn.com.corey.jd873h3kj.com/remv.html

The false unsubscribe aside, this says it all, and just emphasises the whole opt-in, opt-out question. The Americans - responsible for the vast majority - were conned into the opt-out for the CAN-Spam act. The point is, as has been mentioned repeatedly, they can get your email address from anyone, by any means, the onus and cost in on you to ask them to stop, which no sane person will do 'cos they send you even more. My point ? The beggers are flounting the law in our faces!


Dutch police arrest 52 in e-mail scam raids
According to the above report, Dutch police have arrested 52 people in the Amsterdam in connection with the '419' e-mail scam

That's the Dear John, I'll give you $10 million dollars if you'll help me launder some funds from ( ). Oh aye, can I have all your bank details and pin numbers to facilitate this...
I do report these myself as soon as I see them but, to be honest anyway dumb enough to let greed overtake common sense and bite this blatant lure deserves everything they get. Or, in the case of their now empty bank account, everything they lose, hmmm.

Anyway, just goes to show that the more folk report these criminals the more likely they are to get caught and prosecuted.Apparently, along with phoney documents the police found $62,340 in ready cash.



January 2004

[Δ]


Going after these beggers too : [ europeanregistry.biz ] - redirects to [registereu.com ]

Just a simple spoofed message claiming EU Domains Now Available, but the aren't, nor can you pre-register then at present!
I've reported this company on more than one occasion for Spoofed UCE and false/fraudulent claims of .eu registry.

Europeanregistry.biz
(Registrar: eNom, Inc, www.enom.com)
EU Registry, Suite 10, 287 Regent Street, Cambridge, Cambridgeshire, CB2 1FD, Great Britain (UK)
Email: hostmaster@premier-host.net
(email = own domain, registered with www.gandi.net, France)



Registereu.com
Site gives 'Contact Information' as:
.eu Registry Services, Unit 255, Parkers House
48 Regent Street, Cambridge CB2 1FD, United Kingdom

...
IP's: [ 218.65.120.171 ]   [ 219.147.198.142 ]   [ 218.65.86.24 ]
again registered with Gandi.net in France and, again, hosted in China



Obviously nothing to hide then, eh!

Have these guys tried to Spam you with this pre-registry scam too? If so, here's Trading Standards replied to me:

Hello,

Thank you for your recent e-mail enquiry shown below.

If you have received a letter or have information about this company you should call Det Con Faro on 01480 456111 or Crimestoppers on 0800 555111

Please call Cambridgeshire Direct Trading Standards on 0845 3030666 and we will be able to offer you a summary of your basic legal rights and provide you with further information and actions to take to resolve your problem over the telephone.

Cambridgeshire Direct Trading Standards is open 8.00 am - 8.00 pm, Monday to Saturday.

If you have any further queries, please do not hesitate to contact us.

Yours sincerely,

Customer Services,
Cambridgeshire Direct.



New years day

[Δ]


Well, new day, new start to the year and filters thrown back in.
For the time being I am allowing AOL through, partly because I know people with it, but mostly so I can report it Smiley Smile!

Beyond that, I currenly have around 250 domains and several IP ranges permanently blocked. If mail makes it past these, I also use and recommend SpamEater Pro to mob up the rest. So far this morning 45 Spam made it as far as SpamEater. None got anywhere near the desktop.   Basically, if you email me and I ignore you, try another ISP, yours may be blocked.

Blocked ISP's include Yahoo, MSN, Excite, Netscape, and anything with "value", "offer" or "mail" in the address - including Hotmail.

If you want the figures and graph's for last month, they are under December 2003. Yahoo alone accounted for over 550 spoofed Spam that month!