Lking Posted June 24, 2009 Share Posted June 24, 2009 I got two of these today. Would of course provided a URL for the report but .... Tired of constant movement because of problems with hosting? Botnet is unable to send all your spam mails? Registration of IP with the ability to respond to the complaint. It is very easy! Visit our site to get additional info about our services. Direct URL: http://....ru Link to comment Share on other sites More sharing options...
Farelf Posted June 25, 2009 Share Posted June 25, 2009 So, spammers have problems too, eh? But a superior service awaits. No need to abandon/optimize those store-bought lists after all. Perhaps, if you still have one of those when the system comes/stays up, you might like to post a tracker here Lou. Hopefully it's all some sort of a sting to catch actual spammers, somehow. That would really be merriment-making - even if unprincipled. Link to comment Share on other sites More sharing options...
Lking Posted June 25, 2009 Author Share Posted June 25, 2009 Perhaps, if you still have one of those when the system comes/stays up, you might like to post a tracker here Lou. Some days we're lucky some days we're not. One copy got processed "Wednesday, June 24, 2009 6:20:18 PM -0600" Go figure. Subject: IP registration for spammers, malvare, doorway. Link to comment Share on other sites More sharing options...
Farelf Posted June 25, 2009 Share Posted June 25, 2009 You know, that looks a little to me like a new/small operator ipaddr.ru (part of net-art.cz) is being set up by a competitor to look like a spammer's one-stop shop, to undermine the new boy. I'm not happy about the similarity to NetArt.cz when net-art.cz is actually/apparently Russian and a little puzzled by the American hosting, but ... wouldn't be the first time such a dirty trick was played. If so, spamming a SC reporter (or a number of SC reporters) might seem an efficient way to conduct such a campaign. DNS is a little odd: DNS records name class type data time to live ipaddr.ru IN A 206.71.190.192 18151s (05:02:31) 192.190.71.206.in-addr.arpa IN PTR mail.net-art.cz 3135s (00:52:15) but then a complete set of records exists for net-art.cz, the web-site of which has recently ducked for cover: HTTP - 80 HTTP/1.1 403 Forbidden (but cached copies exist of a very basic net-art.cz/en/ page) Dunno, I just think there is more to such a blatant/ironic effort. But then I've overestimated spammers before. Link to comment Share on other sites More sharing options...
rconner Posted June 25, 2009 Share Posted June 25, 2009 You know, that looks a little to me like a new/small operator ipaddr.ru (part of net-art.cz) is being set up by a competitor to look like a spammer's one-stop shop, to undermine the new boy.The site at ipaddr.ru links to a disclaimer page (english translation via Google) that refers to and repudiates the spam. One might conjecture another Job of Joe, except that it isn't clear how or why ipaddr.ru would be victimized in this way. -- rick Link to comment Share on other sites More sharing options...
kaa Posted June 26, 2009 Share Posted June 26, 2009 Hello, I'm the owner of ipaddr.ru/net-art.cz projects. Of course, we've never sent UCE. I have a spamcop account since 2003. The most probably reason for provocation is a business conflict which took place in begin of 2009. I have no facts and because I will not call the name. Now I got a problem with hoster and a lot of complains needs to be resolved. Link to comment Share on other sites More sharing options...
Farelf Posted June 26, 2009 Share Posted June 26, 2009 Good find on the repudiation, Rick. ...One might conjecture another Job of Joe, except that it isn't clear how or why ipaddr.ru would be victimized in this way.?? Competitiveness. Even a low-intensity attack might harm their reputation with existing and prospective clients and threaten the relationship with their host. Perhaps regulatory/law-enforcement authorities might harass, be sensitized henceforth to the 'brand-name'. All under the heading 'dirty tricks against a competitor'. Or am I missing something? [Edit - above written before kaa's post made] Link to comment Share on other sites More sharing options...
Lking Posted January 11, 2010 Author Share Posted January 11, 2010 More conformations that spammers are dumb keeps rolling in. Todays example is http://www.spamcop.net/sc?id=z3647250516z8...05d1f2265b0886z An email to postmaster [at] mydomain.com "because of the security upgrade of the mailing service your mailbox". Applying a directory attack to a small domain does result in some odd results. In this case the payload (in the first received of this type) was 2 downloads trying to get in through my browser. There was a trojan horse and a download package. This is more interesting than all those folks in Poland are somewherestan concerned about my sex life. What ticks me off it the time I spend because of someone that doesn't know how to use their tools resulting in spam with "Subject: Spamit_New_Subj" in my inbox. Link to comment Share on other sites More sharing options...
Lking Posted April 9, 2010 Author Share Posted April 9, 2010 The link to today's spam joke is http://www.spamcop.net/sc?id=z3897437455z3...af6338593e8409z The signature block added by the provider is Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail[dot]yahoo[dot]com Of course when reported spamcop reports that Yahoo is grown tired of (requested not to) receiving reports. Link to comment Share on other sites More sharing options...
Farelf Posted April 10, 2010 Share Posted April 10, 2010 ... The signature block added by the provider is (Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around ) Of course when reported spamcop reports that Yahoo is grown tired of (requested not to) receiving reports. Now, now Lou - it's the reporting of that signature block that Yahoo doesn't want and they would otherwise be entitled to IB status on such instances anyway. With the reporting of Yahoo's part as an intermediary/relay, a separate matter, notification is going to a 'special' Yahoo reporting address, presumably for special attention. By all accounts a claim of good spam protection for Yahoo inboxes would be entirely justified - the superlative "best" might be open to debate but faint advertizing n'er won fair consumer. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.