goldeneye Posted April 17, 2012 Share Posted April 17, 2012 Since about the end of March, I've been noticing spamming from Romania has picked up quite a bit and quite a few weren't caught on my ISP's spam filter, including 3 of the last 4 spams that weren't caught... Here are all of them dating back from March 29: http://www.spamcop.net/sc?id=z5306374619z5...6910d6c5467c72z http://www.spamcop.net/sc?id=z5306374341ze...0040397544f84cz http://www.spamcop.net/sc?id=z5302598049z5...a91720bba7731dz http://www.spamcop.net/sc?id=z5292060929z0...35c5aad5fa319fz http://www.spamcop.net/sc?id=z5291796617z5...341f81fcfa05e1z In all five of these cases, the reports that are apparently sent to aren't to a postmaster or abuse address - I wonder if the spammers themselves in Romania are setting them up so that spamcop reports go to them and then they revenge spam using spamcop reports. Romania is still one very lawless country that still hasn't gotten its act together when it comes to spam - it shouldn't even have been allowed to enter the EU in the first place. Link to comment Share on other sites More sharing options...
SpamCopAdmin Posted April 17, 2012 Share Posted April 17, 2012 The reports had been going to the wrong place, which I fixed. Unfortunately, the correct reporting address bounces our mail, so we didn't really get anywhere. - Don D'Minion - SpamCop Admin - - service[at]admin.spamcop.net - Link to comment Share on other sites More sharing options...
turetzsr Posted April 17, 2012 Share Posted April 17, 2012 ...Your spam does seem to be coming from machines in Romania but that doesn't necessarily mean that the spammers are Romanian and in any event does not by itself justify your attack on Romanians. If you are going to sling about words like "bastards" and "lawless," please offer more evidence than a few tracking URLs that show an abuse address with an ".ro" suffix. And please put it in a more appropriate forum, such as the "SpamCop Lounge." And indicate how Romania and Romanians differ from us Yanks, who are certainly far and away the most prolific sources of spam! Link to comment Share on other sites More sharing options...
goldeneye Posted April 18, 2012 Author Share Posted April 18, 2012 Oh believe me, I've had to deal with snowshoe spams for several months from Romania back in 2009 or thereabouts and those spams had hyperlinks which traced to Romanian servers. I think I've sent countless, probably over 100 abuse reports on those spams with absolutely zero reply and maybe in fact encouragement from the abuse desks who were probably in cahoots with the spammers (or spam gangs) themselves who could be Romanian, but more likely Russian. The language barrier doesn't help either. They got flagged eventually by one of the BLs, but only after probably hundreds, if not thousands of reports on them. This is what colors my thought about Romanians on the at least the dealing with the spam front - and the apparent correct address in which spam complaints go to which now bounces does not help either in my assessment. Link to comment Share on other sites More sharing options...
enigma1 Posted April 18, 2012 Share Posted April 18, 2012 There is no specific country responsible for spam or hacks. I guess depends on the temporary system acquisitions of the C&Cs at any given time. Link to comment Share on other sites More sharing options...
petzl Posted April 19, 2012 Share Posted April 19, 2012 There is no specific country responsible for spam or hacks. I guess depends on the temporary system acquisitions of the C&Cs at any given time. The best way to attack spammers is attack their websites (make sure your defenses are set to high on Web Browser or you could become a zombie) Good freeware Windows tool for this is IPNetInfo http://www.nirsoft.net/utils/ipnetinfo.html Just add the final link you are redirected to (be prepared to avert your eyes most are sick shockers) Maybe someone can recommend a safe (text) browser that handles redirection? Link to comment Share on other sites More sharing options...
enigma1 Posted April 19, 2012 Share Posted April 19, 2012 Maybe someone can recommend a safe (text) browser that handles redirection? FF with some plugins to block cookies, js, redirections etc is enough. The thing is you never know who you're attacking. The spam IP is likely a compromised system. The spamadvertized domain can be a portal pointing to another portal and in the end it could be some legit business who paid "somebody" for advertizing. Or they just try to compromise other systems in the process. Or they hope by having the victim's browser with js enabled to do something malicious towards another site. And many other combinations and in the attack process you may affect hosts or ISPs who have no idea at the time what's happening (although they should be more vigilant they aren't). Link to comment Share on other sites More sharing options...
dra007 Posted April 26, 2012 Share Posted April 26, 2012 I can tell you that as Romanian born, I could deal with spamflow from Romania in their own language. Back than it was easy to stop the flow as most of the traffic bottle-necked through one single institution (Academic) and I got very receptive ears working my way up-stream the spam flow. You just have to do your homework. I think they are as serious about spam as anyone else (I get more aggrigious spam from Ukraine and other former soviet republics hosted in China or from India). Back then they were telling me US was the worst when it came to spam and I could not deffend against that statement.. Link to comment Share on other sites More sharing options...
petzl Posted April 27, 2012 Share Posted April 27, 2012 I can tell you that as Romanian born, I could deal with spamflow from Romania in their own language. Back than it was easy to stop the flow as most of the traffic bottle-necked through one single institution (Academic) and I got very receptive ears working my way up-stream the spam flow. You just have to do your homework. I think they are as serious about spam as anyone else (I get more aggrigious spam from Ukraine and other former soviet republics hosted in China or from India). Back then they were telling me US was the worst when it came to spam and I could not deffend against that statement.. If one does not wish for mail try a countrywide block list Mailwasher (Windows) allows you to add blocklists settings/Origin of spam/ push "add" button Call it Romania in "Domain" box ro.countries.nerd.dk For Spamhaus the "Domian" is sbl-xbl.spamhaus.org All mail caught by Mailwasher will easily send the report to SpamCop Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.