mrmaxx Posted August 27, 2009 Share Posted August 27, 2009 Does Peak10 not care about spam complaints??? I've been reporting the same spew for over a week now, but they don't seem to care! I even sent them a manual report w/o going through SpamCop. I got a reply back from them that they were taking care of it, but that was 3 or 4 days ago, and the same spam is coming through. Is there any "upstream" for Peak10? Tracking URL: http://www.spamcop.net/sc?id=z3260370246zd...aab09968e56d93z Link to comment Share on other sites More sharing options...
rconner Posted August 27, 2009 Share Posted August 27, 2009 Peak10 looks like a Direct Allocation according to IP-WHOIS; also, I tried some traceroutes from different locations, they all seem to go straight from the pinging domain into a Peak10 host. So, no, I'm guessing there is no real upstream here. Anyone who knows otherwise is free to jump in. -- rick OrgName: Peak 10, Inc. OrgID: PEK Address: 8910 Lenox Pointe Dr. Address: Suite A City: Charlotte StateProv: NC PostalCode: 29273 Country: US NetRange: 66.129.64.0 - 66.129.127.255 CIDR: 66.129.64.0/18 OriginAS: AS19271 NetName: PEAK10-NETBLK-02 NetHandle: NET-66-129-64-0-1 Parent: NET-66-0-0-0-0 NetType: Direct Allocation NameServer: NS1.CLT.PEAK-10.COM NameServer: NS1.JAX.PEAK-10.COM Comment: RegDate: 2001-06-13 Updated: 2008-09-11 Link to comment Share on other sites More sharing options...
Telarin Posted August 27, 2009 Share Posted August 27, 2009 A tracert from here shows them getting connectivity through Level3. You could try sending a message to them (abuse[at]level3.net), however, my experience with Level3 has been that they just don't care in the slightest what their customers do, so long as they keep paying them for their connectivity. Link to comment Share on other sites More sharing options...
Farelf Posted August 27, 2009 Share Posted August 27, 2009 ...Is there any "upstream" for Peak10? ...Not really - as Will says, some of their routing is through Level3 (and more through TWTC) - ref: http://www.robtex.com/dns/peak10.com.html#graph http://www.robtex.com/as/as16482.html and http://www.fixedorbit.com/AS/16/AS16482.htm http://www.robtex.com/as/as19271.html and http://www.fixedorbit.com/AS/19/AS19271.htm - which are peering setups IIUC, not upstream as such. An alternative to their e-mail abuse address is their AUP Violation Report form at http://www.peak10.com/General-Information/...upviolation.htm Maybe they will be more responsive to that - worth trying for such a persistent nuisance perhaps? Link to comment Share on other sites More sharing options...
agsteele Posted August 27, 2009 Share Posted August 27, 2009 Does Peak10 not care about spam complaints??? I've been reporting the same spew for over a week now, but they don't seem to care! I even sent them a manual report w/o going through SpamCop. I got a reply back from them that they were taking care of it, but that was 3 or 4 days ago, and the same spam is coming through. I've no idea whether they care or not but a week is not, in my view, enough time to fairly investigate a spam report. A report received and investigation starts. Peak 10 customer given, say, seven days to respond. Then two or three days to act. I'd say 14 days would be a reasonable period of time to handle an issue. Andrew Link to comment Share on other sites More sharing options...
rconner Posted August 27, 2009 Share Posted August 27, 2009 I've no idea whether they care or not but a week is not, in my view, enough time to fairly investigate a spam report.Agree. I think this guy will be dealt with (such a n00b, sending his mail from the same IP as his website), it may just take a few days to do it properly. -- rick Link to comment Share on other sites More sharing options...
mrmaxx Posted September 8, 2009 Author Share Posted September 8, 2009 Agree. I think this guy will be dealt with (such a n00b, sending his mail from the same IP as his website), it may just take a few days to do it Well, I think it's been over two weeks now, and the spew is continuing. Fortunately, my email filter on SpamCop seems to be doing an OK job of catching and holding that spew. I just wish those bozos at Peak 10 would shut him down in accordance with their AUP! I wish I knew the email address for some of their senior board members... then I could forward copies of the spam to them and advise them that their AUP is being ignored...if they didn't already know. I'm smelling a "pink" contract here... I mean, in these tough times, a web host has to make money somehow and selling the right to have their spam ignored would probably bring in a LOT of money! Link to comment Share on other sites More sharing options...
Farelf Posted September 8, 2009 Share Posted September 8, 2009 ...I wish I knew the email address for some of their senior board members... then I could forward copies of the spam to them and advise them that their AUP is being ignored...if they didn't already know. ...Did you actually try the violation form at their website (as I mentioned in my earlier response)? Link to comment Share on other sites More sharing options...
mrmaxx Posted September 15, 2009 Author Share Posted September 15, 2009 Did you actually try the violation form at their website (as I mentioned in my earlier response)? Don't recall for sure, but I just checked and it looks familiar. I *have* manually reported to them before and received back an assurance they were looking into it. 'Course that was when the spew first started about 3 weeks ago. And the spew continues today... Just quick-reported a bunch of spam that included the same old junk from Peak10's customer! Link to comment Share on other sites More sharing options...
Farelf Posted September 16, 2009 Share Posted September 16, 2009 Don't recall for sure, but I just checked and it looks familiar. I *have* manually reported to them before and received back an assurance they were looking into it. ...Well, sounds like they don't care. Or they take a little longer. My ISP takes a fair while to zap errant accounts too. That's because many accounts are bundled with 'phone services and they prefer to afford every opportunity before cutting them loose. Maybe better (for them) than dealing with the consequences when emergency service calls, burglar alarms, all those dependent services, are summarily cut off. "But he (or someone using his connection) was apparently a no-good slime-bucket spammer, Sir, and someone (possibly him) clearly deserved to die!" probably doesn't travel well in the Coroner's Court. Link to comment Share on other sites More sharing options...
Wazoo Posted September 16, 2009 Share Posted September 16, 2009 Have to ask ..... are you oresenting the correct query? I ask based on similar experiences, but with different data. Probably going on two years now with a spammer tapping the resources of gddc.com.cn, but every spam comes from a different IP Address. On one hand, one would think that by now, they'd have identified the actual source of the spammer's connection, but ???? That the majority of my incoming spam load comes from systems identified as an 'open proxy' but only one spam arrives from that specific IP Address, one might read that as each 'open proxy' is handled appropiately ...???? hard to tell based on this continuing flow from their massive IP Blocks. Link to comment Share on other sites More sharing options...
mrmaxx Posted September 18, 2009 Author Share Posted September 18, 2009 Have to ask ..... are you oresenting the correct query? I ask based on similar experiences, but with different data. Probably going on two years now with a spammer tapping the resources of gddc.com.cn, but every spam comes from a different IP Address. On one hand, one would think that by now, they'd have identified the actual source of the spammer's connection, but ???? That the majority of my incoming spam load comes from systems identified as an 'open proxy' but only one spam arrives from that specific IP Address, one might read that as each 'open proxy' is handled appropiately ...???? hard to tell based on this continuing flow from their massive IP Blocks. Here's the headers (properly sanitized): Return-Path: <bounce[at]trytlc.com> Delivered-To: spamcop-net-mrmaxx[at]spamcop.net Received: (qmail 29092 invoked from network); 18 Sep 2009 01:28:36 -0000 X-spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on filter8 X-spam-Level: **** X-spam-Status: hits=4.5 tests=DATE_IN_PAST_06_12,FIN_FREE version=3.2.4 Received: from unknown (192.168.1.88) by filter8.cesmail.net with QMQP; 18 Sep 2009 01:28:36 -0000 Received: from mta121.mail.re3.yahoo.com (66.196.97.236) by mxin1.cesmail.net with SMTP; 18 Sep 2009 01:19:43 -0000 X-Yahoo-Forwarded: from (my yahoo account) to mrmaxx[at]spamcop.net Return-Path: <bounce[at]trytlc.com> X-YahooFilteredBulk: 66.129.125.220 X-YMailISG: YT0CNCUWLDtB1JBxM3vvBuR0qYVfEw_hnN9NJj1BAfLiAaS7pdGwXJL3JIZSyLr1..lhzR10y6sQ_9j60cMX6WfZ96Svbnj_b0CuyYTeP64_BGshzVTKQTWNVNatVPl9BOe0zixrx1AX7KDcGMYB9bS4erxJIKotQFzIaAbyqLD3hD3heXUnhNgDl8pSjhmuOe7Zl_cdCc4rosfp.1uUU0fmjF4NEEyP3XlWrWjz1xBMH4VuvvBl1x97kxG3ZGeNsICtL5cUX_gp7RtqQoP.6mg8jGK_cXkK7oBGseiZ9M0fTk2gt1urSq6pgeESoWm9iFQ6trixrQ-- X-Originating-IP: [66.129.125.220] Authentication-Results: mta121.mail.re3.yahoo.com from=aol.com; domainkeys=neutral (no sig); from=aol.com; dkim=neutral (no sig) Received: from 66.129.125.220 (EHLO svr2629.zone-search.com) (66.129.125.220) by mta121.mail.re3.yahoo.com with SMTP; Thu, 17 Sep 2009 18:28:34 -0700 Received: from trytlc.com ([66.129.125.220] helo=localhost) by svr2629.zone-search.com with esmtpa (Exim 4.69) (envelope-from <bounce[at]TryTLC.com>) id 1MoHE6-0003zO-5l for (me); Thu, 17 Sep 2009 09:40:46 -0400 MIME-Version: 1.0 From: "CORPORATE " <Pro3DGroup[at]aol.com> Subject: Dear JOHN, Somebody else has upgraded through TryTLC,com X-Mailer: PHP_QMailer_v1_0 Reply-to: "CORPORATE " <Pro3DGroup[at]aol.com> Date: Thu, 17 Sep 2009 09:40:46 -0400 X-pIDTrack: 1791961 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-ID: <kq4bby-evczmd[at]TryTLC.com> To: (me) X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - svr2629.zone-search.com X-AntiAbuse: Original Domain - yahoo.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - TryTLC.com X-SpamCop-Checked: X-SpamCop-Disposition: Blocked SpamAssassin=4 X-SpamCop-Disposition: Blacklist pro3dgroup[at]aol.com X-Length: 3973 X-UID: 865709 Spamcop *always* reports that it came from the same place... trytlc.com. FWIW, I just tried to submit a spam complaint and got an ASP error from trying to fill out their form! I'll copy/paste into my Windows machine at work and see if it works any better than my linux box at home. I'm not holding out any hope! :-( FWIW, here's the ASP error: error '80040211' /General-Information/report_post.asp, line 49 Not sure what that means... Link to comment Share on other sites More sharing options...
Farelf Posted September 18, 2009 Share Posted September 18, 2009 Yes, it sure looks and seems like old-fashioned 'straight-up' spam. Apparently of the type allowed in the USA. That is different to the more common botnet stuff we usually discuss these days. Sorry, I hadn't cottoned on to that before. The first action for 'straight-up' spam would be to use their unsubscribe link, rather than to report through SC. The hosting service will not (I imagine) take action against what looks like legitimate e-marketing without evidence of non-compliance with CAN-Ð…PAM provisions. ...FWIW, I just tried to submit a spam complaint and got an ASP error from trying to fill out their form! I'll copy/paste into my Windows machine at work and see if it works any better than my linux box at home. I'm not holding out any hope! :-( FWIW, here's the ASP error: error '80040211' /General-Information/report_post.asp, line 49 Not sure what that means... That's an email failure error where line 49 would contain the command that's not working, probably a ".Send" - some glitch has wonked the code at that site, or the SMTP service there was not working when you tried. Always assuming the submission form actually worked at some time, the error is likely to be transitory and nothing to do with your end of things. Or so Google tells me. The form submission may well be logged but the forwarding email advice to whoever is supposed to action it almost certainly has failed. While it is not working (assuming you are talking about the TryTLC.com in-line "unsubscribe" page link and if requests are not logged or the logs are not being checked) they are probably in breach of CAN-Ð…PAM. If that persists, their host should have ample grounds to shut them down. But it probably needs to be pointed out to them (the host). And they will allow a period of grace for the link to be fixed. Then you will have to use the working link to unsubscribe and allow at least whatever period the Act states (or has become an accepted interpretation if it is non-specific, as I seem to recall it might be) before you get to make another complaint to the hosting service. Blame Congress. [edit] Ah, but they don't actually have an unsubscribe link in their mails do they? Just a site marketing link. That looks non-compliant right from the start then. Disregard (most of) my previous. No doubt TryTLC.com would claim prior association. You should continue to press with Peak10 then, pointing at CAN-Ð…PAM non-compliance and citing specifics as: the absence of TryTLC.com unsubscrible the absence of prior association the lack of contact address misleading message subjects no legitimate source for your address to be on their list And the whole thing sounds like a pyramid scheme anyway - and that is illegal most places. Link to comment Share on other sites More sharing options...
Devilwolf Posted October 15, 2009 Share Posted October 15, 2009 One tactic I've used with ISP that foot drag is file false and deceptive advertising complaints against them for not honoring their advertised anti-spam policies. Then fax/mail a copy of the complaint(s) to their home office. I've noticed that unlike more legit companies - PEAK10 makes it difficult to find addresses on their website, but after a big of digging thru the about us site, it seems they may be based in Virginia. VA's Attorney General is not very spam friendly. So you might want to file a complaint at http://www.vdacs.virginia.gov/forms-pdf/cp...a1complaint.pdf and also file a compliant with your home state's AG. Peak10 8801 Park Central Drive Suite 200 Richmond, VA 23227 Phone: (804) 264-8621 Fax: (804) 644-5410 Link to comment Share on other sites More sharing options...
mrmaxx Posted October 15, 2009 Author Share Posted October 15, 2009 Yes, it sure looks and seems like old-fashioned 'straight-up' spam. Apparently of the type allowed in the USA. That is different to the more common botnet stuff we usually discuss these days. Sorry, I hadn't cottoned on to that before. The first action for 'straight-up' spam would be to use their unsubscribe link, rather than to report through SC. The hosting service will not (I imagine) take action against what looks like legitimate e-marketing without evidence of non-compliance with CAN-Ð…PAM provisions. That's an email failure error where line 49 would contain the command that's not working, probably a ".Send" - some glitch has wonked the code at that site, or the SMTP service there was not working when you tried. Always assuming the submission form actually worked at some time, the error is likely to be transitory and nothing to do with your end of things. Or so Google tells me. The form submission may well be logged but the forwarding email advice to whoever is supposed to action it almost certainly has failed. While it is not working (assuming you are talking about the TryTLC.com in-line "unsubscribe" page link and if requests are not logged or the logs are not being checked) they are probably in breach of CAN-Ð…PAM. If that persists, their host should have ample grounds to shut them down. But it probably needs to be pointed out to them (the host). And they will allow a period of grace for the link to be fixed. Then you will have to use the working link to unsubscribe and allow at least whatever period the Act states (or has become an accepted interpretation if it is non-specific, as I seem to recall it might be) before you get to make another complaint to the hosting service. Blame Congress. [edit] Ah, but they don't actually have an unsubscribe link in their mails do they? Just a site marketing link. That looks non-compliant right from the start then. Disregard (most of) my previous. No doubt TryTLC.com would claim prior association. You should continue to press with Peak10 then, pointing at CAN-Ð…PAM non-compliance and citing specifics as: the absence of TryTLC.com unsubscrible the absence of prior association the lack of contact address misleading message subjects no legitimate source for your address to be on their list And the whole thing sounds like a pyramid scheme anyway - and that is illegal most places. Moot point. I gave up and used the Unsubscribe link. I try not to do that for spam, but sometimes you got no choice! Link to comment Share on other sites More sharing options...
Farelf Posted October 16, 2009 Share Posted October 16, 2009 Moot point. I gave up and used the Unsubscribe link. I try not to do that for spam, but sometimes you got no choice! Yeah, sometimes you just have to ask, "What have I got to lose?" (Not out loud if you can help it, else passers-by get skittish). Link to comment Share on other sites More sharing options...
Miss Betsy Posted October 16, 2009 Share Posted October 16, 2009 Did unsubscribing work? Sometimes, I will unsubscribe, but I never use the unsubscribe link or form. I always try email addresses and tell them that I never unsubscribe to something that I have not subscribed to. They have subscribed me without my consent and that I want to be unsubscribed. It sometimes takes several emails to various people, but eventually I get someone who unsubscribes me. Miss Betsy Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.