Jump to content

skydealer

Members
  • Content Count

    10
  • Joined

  • Last visited

Community Reputation

0 Neutral

About skydealer

  • Rank
    Member

Recent Profile Visitors

480 profile views
  1. skydealer

    ocn.ad.jp spam

    I also find that a major portion of my spams are coming from their servers and I don't think abuse@ goes anywhere but into their trash. The address that I received emails from when I contacted them directly regarding spams is 'abuse_support@ocn.ad.jp' of which the address is listed as the "OCN Internet Security Team".
  2. skydealer

    Hostwinds back to being spamming website friendly?

    Hostwinds refuses to take any actions against their clients who spam, just as long as they use another server to do their dirty work. I have had multiple problems with several domains residing on their IP addresses, with the spams either coming through website form mailers or a 3rd party hacked email account. Even though the spams list the Hostwind hosted websites their "abuse" team refuse to take any actions. Today's response was as follows: Hello, Unfortunately, the issue here is where the spam is coming from. We cannot investigate an issue with spam sent from another network. The originating IP is outside of our network and hosting a site here does not violate our terms of service in this regard. If the mail itself was coming from our network it likely wouldn't even leave the borders as we use strict outbound mail filtering via MailChannels on our entire network. Simply put, we cannot take a site down based on a mail sent from another network. Thank you, Guy H Senior Support Technician guyh@hostwinds.net Skype: hostwinds.guyh
  3. I recall Hostwinds getting in a bit of hot water a few years back when SpamHaus gave them a black eye for ignoring the spam complaints about their client. According to some reports they cleaned up their act. Unfortunately, it appears they are back to being spammer friendly.... with a catch. I've been in a bit of a battle with their Abuse department and apparently their policy is that they will continue to host websites indulging in illegal spamming, even if it includes hacking into other email accounts and servers, just as long as the emails don't come from a Hostwinds IP. I've been receiving SEO spams on one of my website's form mailers with the domain listed being hosted on Hostwinds at IP 23.254.179.179. After contacting Hostwinds abuse department for over a month now does nothing. The spams continue and Hostwinds still happily provide a haven for their website. Since the spams come through my site's form mailer I can't send this through SpamCop. I'm also receiving quick loan spams on my Gmail account. This turns out to be another site hosted on Hostwinds at IP 129.107.58.30. These spams are coming from what appears to be a hacked email account at the University of Texas. Hostwind's replies to my complaints? Is anyone else running into this roadblock with Hostwinds as far as them allowing spam websites to operate on their servers, just as long as they send their mass emailings from some other source? I've even sent multiple emails to Peter Holden, the kid who is the CEO of Hostwinds (peter@hostwinds.com) and so far I have not received back a single response. Has anyone else had any success at all with getting their abuse department to cooperate? Thanks
  4. Thanks - you folks are doing a great service!
  5. Wow - either this person has no idea what forum they signed up on or they have to be one of the dumbest criminals on the web. I just received an email with a fake romance spam entitled: jennybaby34 started a new personal conversation with you Message as follows: skydealer, jennybaby34 has sent you a new personal conversation entitled "hi". jennybaby34 said: ====================================================================== Hello i am miss Jenny i am looking for friendship please contact me now so you can know more about me with my pics jernnifermohamed[at]gmail.com ====================================================================== PLEASE DO NOT REPLY DIRECTLY TO THIS EMAIL! You can reply to this personal conversation by following the link below: (link removed) It just goes to show that spammers don't always think before they act.
  6. I just called the University of South Bend after finding the sender's name online at https://www.iusb.edu/uits/docs/SB.pdf They verified Mike Cooper is employed there and that his email address was the one listed as the sender in the spam. I forwarded the spam to them and they sent it to their IT department. It was a legit spam sent from a hacked account.
  7. I'm the only one that does the reporting to SpamCop and the FTC. On average, I typically report 1-10 spams a day. They are all my accounts and all reported spams come to my Outlook inbox or are in my Gmail spam folder. The spam they flagged me on was a phishing spam. Gmail flagged it as both spam and phishing. Here's the spam - I've been flooded with the 419 style spams over the past few months and this falls right in with them. The header shows it was sent from the email account of Michael R Cooper, of iusb.edu. Cooper is just a custodian there ( https://www.linkedin.com/pub/michael-r-cooper/65/466/494 ) so it's pretty safe to say he's not sending blind emails with a legitimate $7,970,000 business deal... especially since the emails are bulk, unsolicited, and show no reply address other than what was mentioned in the message body.
  8. I have a couple of websites that use a ton of email addresses. They all go to the same root account but I have email aliases that I set up for each of my friends as well as any business or other website. That way I know if a company "sold" my email address without my permission, or if a friend's pc has become infected and is being used to send out spams. For example: one of my accounts has spamcop[at]-----com which is used just to monitor emails from this website. Does this mean I have to register every email address from each of my websites? Lately I've been receiving a lot of phishing spams. Chances are most of these are being sent from botnets or hacked account/websites - as is the case of the majority of illegal spams. Apparently one of these raised a flag and my SpamCop account was immediately disabled. I've been using SpamCop for spam reporting for well over 10 years. I've also helped the FBI, the DoJ and even the US Attorney General's office in getting illegal spammers arrested and prosecuted. Now SpamCop has shut down my account. Should I not file spam complaints on forged emails with links that are being hosted on hacked websites? Someone has to let those websites know their servers were breached and are being used for illegal purposes. So, after reporting a phishing spam on my Gmail account I received a notice of suspension saying SpamCop needed to prevent me from reporting "innocent bystanders". Sorry - but when someone sends me an email with forged headers and claiming they have a 7.9 million dollar business deal for me (all I need to do is send them my personal information) I considered this spam. Gmail flagged it as spam and phishing - so I reported it. Now my services are suspended? Please let me know what I did wrong so I can modify my spam reporting. I had thought any illegal spam should be reported.
  9. The spams all have the typical forged headers and all advertise the domain link www.watch.ru/ I ran Neotrace on www.watch.ru/ and it shows the following: IP Address: 89.253.245.191 aka flyfirebird.ru Location: MOSKVA (55.750N, 37.583E) Network: 89-RIPE nserver: ns1.rusonyx.ru. nserver: ns2.rusonyx.ru. And back on 08/21 one of the spams I reported to SpamCop did actually pick up on the watch.ru server: Submitted: Thursday, August 21, 2008 11:10:08 PM -0500: Rolex, Rado, Patek Philipppe,, Omega, Gucci 3404645874 (www.watch.ru/) To: abuse[at]rusonyx.ru But I have about 50 other spams that are all advertising www.watch.ru/ and the SpamCop reports never pick up on the IP address of www.watch.ru/. All of my reported spams only pick up on the sender IP, and never on www.watch.ru/... even though it's mentioned in each spam. These are all the same spams from the same website (www.watch.ru) but are being sent through a botnet so the IP addresses of the sender is always different. Typical spams. Here's a page that I reported today. As you can see, none of the Spamcop reports picked up on the watch.ru address that was listed in the spam. This is important as they are the ones responsible! If the SpamCop submissions never pick up on the www.watch.ru website mentioned in each spam (the spams are in english) then it can never blacklist the IP address of www.watch.ru, right? www.watch.ru is hosted thru rusonyx.ru.... which is why the complaints are being sent there, or at least they should be if the submissions could pick up on the www.watch.ru domain mention in the spams, but they do not. They are simple text spams - not the image ones. [moderator edit - links broken. Spammer links don't belong on *these* pages - and there is some suspicion the site or some part of it may be carrying exploits]
  10. I get 10-20 spams a day from a Russian server called rusonyx.ru. The spams are all from different locations as they are using a botnet to send from different IP addresses, but the website (watch.ru) is always the same. The problem is when i forward the spams to my Spamcop account, or even try entering them in manually, SpamCop is not registering the website www.watch.ru to blacklist it. I've even tried refreshing and refreshing the page and the spam site doesn't get picked up by Spamcop. Is there another way to get these crooks put on a blacklist?
×