Jump to content

Turmoyl

Members
  • Content Count

    26
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Turmoyl

  • Rank
    Member
  1. I bet a large part of the slowdown (especially on the parsing side) is because the system is still trying to use relays.ordb.org, which was shut down in mid-December and went completely off-line around the new year.
  2. He's just throwing a tantrum due to Scott Richter getting crushed by M$ earlier this week. By tonight we (meaning the anti-spam movement, collectively) should have all of his new IP's blocked (this is kind of inevitable, especially with him posting on NANAE and thereby highlighting himself to everyone) and he's blocked on the "right-hand side" as well at RFCI: http://www.rfc-ignorant.org/tools/lookup.p...ain=spamis.info There might be a trickle of new IP's in use on every one of the 22 installments he plans to send but it shouldn't be too hard at all to keep up with.
  3. Turmoyl

    [Resolved] Those crafty spammers

    torrence-family.com, torrence-store.com, sitespecific.com and sitespecific.net are all now firmy entrenched into the RFCI blacklists: http://www.rfc-ignorant.org/tools/lookup.p...ence-family.com http://www.rfc-ignorant.org/tools/lookup.p...rence-store.com http://www.rfc-ignorant.org/tools/lookup.p...itespecific.com http://www.rfc-ignorant.org/tools/lookup.p...itespecific.net I'll have postmaster and abuse entries done for spamis.info over this coming weekend as well (I'm just waiting on the 5-day queue time for the delivery failures).
  4. Turmoyl

    [Resolved] Those crafty spammers

    I'm glad to se we're not alone in this. The pending WHOIS for sitespecific.com is mine.
  5. Turmoyl

    [Resolved] Those crafty spammers

    It looks like they didn't accept Rolf's input (they can be very picky) so I'd still like Ken to post the source of that message so that we can submit them again. EDIT: I have just submitted them to RFC-I's WHOIS list becasue the address on their WHOIS record is falsified. However, if we can get the source of that message then I can list them on the Postmaster BL as well.
  6. Turmoyl

    [Resolved] Those crafty spammers

    Ken, That is a violation of RFC 2821 and you can use that autoresponder as "evidence" to submit that domain for blacklisting at RFC-Ignorant: http://www.rfc-ignorant.org/tools/submit_f...able=postmaster If you do not want to do that then please post the source of that entire message here and I'll do it on your behalf.
  7. Turmoyl

    [Resolved] Those crafty spammers

    Ahh - they're spoofing a CNAME record as an A. That's how you got routed to it. I'll file some more stuff at rfc-ignorant.org now. Thanks for clearing that up. Edit: rofl - looks like they're already off-line again:
  8. Turmoyl

    [Resolved] Those crafty spammers

    What I mean by "hosed" is that they have not been operational at all both at the check I performed when I posted earlier and again right now. Their DNS records have nothing except a spoofed and unusable SOA entry. This means that clicking on any links to torrence-store.com will accomplish nothing but a client-side 404. You mentioned that you browsed this domain and were redirected to another site, but I just don't see how that's been possible, at least over the last several hours.
  9. Turmoyl

    [Resolved] Those crafty spammers

    It could be that they are setting up shop on a new domain name but as of this moment their entire DNS setup is hosed. There are no A records and while there are SOA records this time they point to a CNAME that doesn't exist nor goes anywhere because there isn't an A record for it to reference. In other words that URI is not resolvable/routable right now. I've submitted entries to rfc-ignorant.org that reflect the new domain name.
  10. Turmoyl

    [Resolved] Spamcop recommending faulty software

    You're running a MicroSoft-based operating system and a MicroSoft-based email client. Your entire setup is faulty software. One more little toolbar isn't going to make that much of an impact.
  11. 1) Format C:\ 2) Install the Linux distribution of your choice 3) Install Sendmail or Procmail 4) Install MailScanner 5) Install F-Prot antivirus 6) Tell MailScanner to use F-Prot as its antivirus component 7) Restart the mail service and MailScanner
  12. Turmoyl

    [Resolved] Those crafty spammers

    I'm not sure excactly what's going on but their DNS record is once again empty: ~$ dig any [at]NS1.NETSOL.COM udowzy.torrence-family.com ; <<>> DiG 9.2.4 <<>> any [at]NS1.NETSOL.COM udowzy.torrence-family.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53024 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0 ;; QUESTION SECTION: ;udowzy.torrence-family.com. IN ANY ;; AUTHORITY SECTION: . 3600000 IN NS G.ROOT-SERVERS.NET. . 3600000 IN NS H.ROOT-SERVERS.NET. . 3600000 IN NS I.ROOT-SERVERS.NET. . 3600000 IN NS J.ROOT-SERVERS.NET. . 3600000 IN NS K.ROOT-SERVERS.NET. . 3600000 IN NS L.ROOT-SERVERS.NET. . 3600000 IN NS M.ROOT-SERVERS.NET. . 3600000 IN NS A.ROOT-SERVERS.NET. . 3600000 IN NS B.ROOT-SERVERS.NET. . 3600000 IN NS C.ROOT-SERVERS.NET. . 3600000 IN NS D.ROOT-SERVERS.NET. . 3600000 IN NS E.ROOT-SERVERS.NET. . 3600000 IN NS F.ROOT-SERVERS.NET. ;; Query time: 47 msec ;; SERVER: 216.168.229.228#53(NS1.NETSOL.COM) ;; WHEN: Thu Jul 28 16:34:44 2005 ;; MSG SIZE rcvd: 255 ~$ dig any [at]NS1.NETSOL.COM torrence-family.com ; <<>> DiG 9.2.4 <<>> any [at]NS1.NETSOL.COM torrence-family.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20253 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0 ;; QUESTION SECTION: ;torrence-family.com. IN ANY ;; AUTHORITY SECTION: . 3600000 IN NS F.ROOT-SERVERS.NET. . 3600000 IN NS G.ROOT-SERVERS.NET. . 3600000 IN NS H.ROOT-SERVERS.NET. . 3600000 IN NS I.ROOT-SERVERS.NET. . 3600000 IN NS J.ROOT-SERVERS.NET. . 3600000 IN NS K.ROOT-SERVERS.NET. . 3600000 IN NS L.ROOT-SERVERS.NET. . 3600000 IN NS M.ROOT-SERVERS.NET. . 3600000 IN NS A.ROOT-SERVERS.NET. . 3600000 IN NS B.ROOT-SERVERS.NET. . 3600000 IN NS C.ROOT-SERVERS.NET. . 3600000 IN NS D.ROOT-SERVERS.NET. . 3600000 IN NS E.ROOT-SERVERS.NET. ;; Query time: 47 msec ;; SERVER: 216.168.229.228#53(NS1.NETSOL.COM) ;; WHEN: Thu Jul 28 16:36:47 2005 ;; MSG SIZE rcvd: 248
  13. Turmoyl

    [Resolved] Those crafty spammers

    Back on topic: It appears that, due to whatever pressures, torrence-family.com has shut down (at least temporarily): Domain servers in listed order: NS1.NETSOL.COM 216.168.229.228 So they are down to only a single nameserver, and at a different host. Also: ~$ dig any [at]216.168.229.228 torrence-family.com ; <<>> DiG 9.2.4 <<>> any [at]216.168.229.228 torrence-family.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7749 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0 ;; QUESTION SECTION: ;torrence-family.com. IN ANY ;; AUTHORITY SECTION: . 3600000 IN NS E.ROOT-SERVERS.NET. . 3600000 IN NS F.ROOT-SERVERS.NET. . 3600000 IN NS G.ROOT-SERVERS.NET. . 3600000 IN NS H.ROOT-SERVERS.NET. . 3600000 IN NS I.ROOT-SERVERS.NET. . 3600000 IN NS J.ROOT-SERVERS.NET. . 3600000 IN NS K.ROOT-SERVERS.NET. . 3600000 IN NS L.ROOT-SERVERS.NET. . 3600000 IN NS M.ROOT-SERVERS.NET. . 3600000 IN NS A.ROOT-SERVERS.NET. . 3600000 IN NS B.ROOT-SERVERS.NET. . 3600000 IN NS C.ROOT-SERVERS.NET. . 3600000 IN NS D.ROOT-SERVERS.NET. This is a completely empty DNS record. No SOA, no A, no MX, nada. In other words they are 100% offline as I write this.
  14. Turmoyl

    [Resolved] Those crafty spammers

    Scripting code like that will only work in Outlook/Outlook Express. That's reason # 1,000,001 to use Thunderbird.
  15. Turmoyl

    Russia’s Biggest Spammer Brutally Murdered

    1 down, many more to go.
×