Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by kamaraju

  1. Were you able to figure out how your system got hacked? Also, try checking the logs /var/log/auth.log to see if you have some unautheticated users logging into your system. The suggestion of limiting traffic per user or per computer is a good one IMHO. Implement strong passwords, disable "guest" login accounts. That might help you in the future... hth raju
  2. Don't do it. The unsubscribe links, links referred in their spam emails have an "ID number" so that this spammer can track who clicked on the links, who reported their spam emails etc., For now, I am reporting these mails to knujon, www.uribl.com. If they receive enough emails (evidence), may be they will start acting on it. I am not reporting to spamcop as I fear that the spammer can track me (with the ID number embedded in the spam emails). regards
  3. I am also being bombarded by this idiot. All the spamvertised websites (munged, but copy/pastable) such as http://taken.limestolimeade.com http://interest.bulljive.com http://snookums.zoomshare.com http://lead.searchcarauctions.com http://function.3g-money.com http://require.domainnamemakeover.com are registered with Cozmo SEO Power, Inc 4408B-A1 McClean Road Haltom City, TX 76117 US The technical contact person is Cozmo SEO Power, Inc 4408B-A1 McClean Road Haltom City, TX 76117 US (817)886-4780 nt[at]cozmo.org All his spamvertised websites are registered with NS1.COZMO.ORG NS2.COZMO.ORG I have sent numerous emails to nt[at]cozmo.org requesting him to shut it down. But no action from him... The phone number listed goes to a voice mail. Looks like a black hat to me. Anyway, searching for "cozmo seo" in google turns up this link. Thought I would give my 2 cents. raju
  4. I was experimenting with V.0.10.20 2008/09/09 and found out that you are using telnet in the scri_pt as in if (test 0 == "$debug") then cat sendoutDoma.txt | telnet $userSmtp 25 cat mailoutDoma.txt >> complaints.txt echo "====================================================" >> complaints.txt echo Mail sended. Exit. else echo Mail not sended. Exit. fi Is there no other alternative available (like ssh)? Telnet is supposed to be insecure and not all the Linux systems I know have telnet installed. hth raju
  5. I am interested in knowing this site where you can buy the opt-in lists. What is the website? Ideally, I would like to have it shutdown. But then, it does not stop them from setting up a new one and sell the email addresses from there. So, I will try to report them to knujon (www.knujon.com) and see if they can do something about it.
  6. If you want to go after the spamvertized domains there are mainly two options that I am having good results with. 1) Send your spam emails to knujon (www.knujon.com) 2) Report the spamvertized URLs to the registrars directly by using a tool called complainterator (www.complainterator.com) BTW. Requesting features to spamcop is useless and waste of time. I have been here for couple of years and they have not been implementing any new featuers AFAIK. hth raju
  7. Does any of your machines using that IP address use "automatic replies" or "out of office messages" etc.,?
  8. I am unable to access www.castlecops.com since yesterday. Any one have an idea for the server's downtime? Is it again under DDOS or something? thanks raju
  9. You can't speed up that clock. You have to wait for that much amount of time. If there are no new spams reported in that time, your IP will be removed from SCBL. If there are more reports in the mean time, the clock will be reset accordingly. hth raju
  10. Cool! This tells me that I am also not authorized. So it must have been someone else. BTW, Do we have to remember this link (other than the ID number) or is there any web page from which we get directed to this link? thanks raju
  11. Thanks. I am pretty sure, I did not report id:3027522143 . If I go to "past reports" and broswe there, it is not present. However, If I search for it using "jump to report ID" then I get a hit. This makes me wonder whether I reported this or not. Can you please clarify?
  12. Is there any way to figure out if the spamcop id:3027522143 was from me or from someone else? Does the "past reports" menu show only my reports or does it show all the reports?
  13. What exactly is the website you are referring to? I would like to report to the registrar of that website and take it down first. Selling email addresses of other people without their consent violates the terms and conditions of most registrars. raju
  14. This is the first time I am seeing that rr.com is not there in the top 50 list at http://www.spamcop.net/w3m?action=hoshame#domsum . Either Road Runner guys have got a nice handle on spam emanating from their network or other ISPs have gotten much worse. hth raju
  15. Thanks for your work. [Not related to this issue but to road runner in general]. I always wondered if roadrunner does anything about spamcop reports? I always see rr.com in the top10 or top 20 in the http://www.spamcop.net/w3m?action=hoshame#domsum . Perhaps you could help everyone out there by opening up similar tickets for all the spamcop reports!
  16. I think the administrator of is using an old blocklist. As I can see $rblcheck not RBL filtered by xbl.spamhaus.org not RBL filtered by sbl.spamhaus.org not RBL filtered by list.dsbl.org not RBL filtered by dnsbl.njabl.org not RBL filtered by dul.dnsbl.sorbs.net not RBL filtered by l1.spews.dnsbl.sorbs.net your server is not listed in any of the above. Your best approach would be to contact the administrator of's email server and make him aware of the problem at his side. hth raju
  17. Can you be more specific. Exactly which files have you checked? The first file you should look for is /var/log/auth.log and see if there are any suspicious log-ins. Which kernel version are you using? Is the kernel up to date with all the security updates? Also what firewall are you using? iptables/ipchains/shorewall?
  18. Why use an OS which can easily be infected by spyware/malware/virus etc.,? Learn from your mistakes. Use Linux instead of M$ Windows! It is much more resistant to all those evil stuff. raju
  19. Excellent job! Thanks for your time and efforts! raju
  20. My experience is similar. Spamcop is not good at reducing spam. It is effective only if you use their blacklist (SCBL). If you want to actually reduce your spam levels try reporting to knujon (www.knujon.com). My spam levels have gone done a bit. Considering that the number of spam emails is on the raise, I would say this is very good. If you want to shutdown the spamvertized websites try reporting them to the registrars using some software like complainterator (www.complainterator.com) raju
  21. You can report all such stuff to knujon (www.knujon.com) who take care of forwarding it to the right persons. You can also report the site in question using complainterator ( http://www.complainterator.com/ ) to the appropriate registrar and ask them to take the site down! From my personal experience, both complainterator and knujon work pretty well in taking down the spamvertized websites. hth raju
  22. FWIW, I have been using the python scripts ( http://www.submanifold.be/triade/misc/gknujon/gknujon.html ) to automatically report spam from my gmail account to both spamcop and knujon. I have been using it on my Linux machine for a while with good results.
  23. Try reporting that link to the registrar using complainterator software. It can be downloaded from http://thecarpcstore.com/phpbb2/viewtopic.php?t=967 . These complaints are having a lot of success in closing down the websites. They managed to close around 8000 .hk websites. Now they also managed to close down a lot of .cn spammy websites. Just browse around the above forum and try reporting some of the sites. hth raju
  24. I found the solution long back. It is called Linux operating system. Have been using it for 9 years. System never compromised. No spyware, no viruses ...
  • Create New...