Craig Walsh Posted January 1, 2005 Share Posted January 1, 2005 We had six different domains hosted (indirectly, through a re-seller) at The Planet. We sell Kobe beef and dog cookies, and never, ever send out spam. We get about 400 to 1,000 visitors per day at the various websites. The only e-mail contact we do is to a double opt-in list, and we run that via www.campaigner.com. There are only 1,050 or so names on the list, and we send them two messages per year. In the last mailing, only 6 people elected to unsubscribe, and over 30% opened the message. That's the background info. On Thursday, suddenly Outlook was telling me that our POP3 e-mail accounts weren't working. I wasn't concerned, because this happens from time to time and usually clears in a little while. A few hours later we were still having the problem, so I thought I'd look at our websites --- and they were gone. No notice, just gone. I had problems reaching Eric, the re-seller, but when I did he said that ALL of the websites he hosts were having the same problem. His own site (www.esoftpro.com) was also down. After a while, Eric sent me an exchange of messages between him and The Planet. I've copied just a little bit below: Why the server is down: This is a long story, but let me explain it generally. According to the provider, there is someone sending an abnormal amount of emails daily. This is not what a normal web hosting account will do. So they terminated the service. Here is what they send me today: only lordoflucies on it is sending more mail than your other accounts combined. So I must ask you again Eric...What is going on with your accounts to cause this many issues? I was surprised of what they told me. I can’t believe of what they told me, so I replied them immediately: Would you please tell me some stats, so I can figure out what is happening, if i should terminate this client, or move it to another server. 1. Actually how many emails are sent from lordoflucies per day? 2. How much resources it consumed your server for how long? 3. What are those emails? They are just proper normal emails or they are spams or they are optin ads? Please forward some to me. After asking them some proof and stats of what they just said (Since I don’t believe in them that your account has any problem). They replied: I really don't understand why you have to work against us. Do you think we make this stuff up? Or that we just don't know what we are doing or looking at. And I'll tell you, you are not the first person we had a spam issue with...but you are the first person that refuses to work with us and only puts the blame on us..rather than on who the responsibilty lies on...YOU AND YOUR CLIENT. We're obviously not working well together here. I can't undertand why you refuse to work with us. Then my reply: I was simply asking if you can send me some stats about the new issue you mentioned. But why you said I'm working against you. (The complete text is at The Lucies Farm Forum.) The lordoflucies domain is our domain. We've been accused of "sending more mail than your other accounts combined," and our internet service was shut off without notice. It's like being convicted of a crime, but not even being told what the crime might be. With our sites off, we no longer have access to the Control Panel to look at the stats, etc. We only have four people who have access to e-mail here: me, my wife, my sister, and an employee who has been with us for 13 years and has trouble sending even the most basic e-mail. And I am the only person with access to the Control Panel, and have used a unique, unguess-able user name and password. We saw no signs of someone sending spam or bulk messages in our name: surely if they did this we would see lots of returned, undeliverable messages. But the first sign we had of any problems was when the sites went off. And The Planet has refused to provide our re-seller, or us, with any information, copies of offending messages, etc. Instead, they've just sent their nasty message (copied above). Our websites (in the process of being transferred to a new server --- this time, no re-seller, but a dedicated server in our name) are www.luciesfarm.com, www.hmdp.com, and www.poico.com. Is there any way to find out if a lot of messages somehow came from these domains in the last week? Does anyone have any guesses as why The Planet would think we were sending lots of messages when we weren't? We're really lost here. We try to be good corporate citizens. We shred all documents at home. Password protect everything. Etc. Yet somehow this has happened. Any assistance would be most appreciated. Thanks, and Happy New Year to all. Regards, Craig Link to comment Share on other sites More sharing options...
Wazoo Posted January 1, 2005 Share Posted January 1, 2005 You ask about Domains .. In general, the SpamCop toolset deals with the IP address of the e-mail source. Reports/complaints may have gone out about spamvertised sites found within some of the reported spam, but, basically, these are advisory notices. Your discussion point seems to venter on the amount of e-mail traffic, so the research would really have to start with identifying the IP of the e-mail server in question (though this also makes some assumptions) .... listing all the domains in question might offer some research to do some lookups, but, you've already stated that things are on the move, so that would indicate that the data is already changing also ... Link to comment Share on other sites More sharing options...
Jeff G. Posted January 1, 2005 Share Posted January 1, 2005 Googling lordoflucies, luciesfarm, hmdp, and poico shows no recent spam. Link to comment Share on other sites More sharing options...
Wazoo Posted January 1, 2005 Share Posted January 1, 2005 We had six different domains hosted (indirectly, through a re-seller) at The Planet. Again, not defined, and as things are being moved, not much help. The only e-mail contact we do is to a double opt-in list, and we run that via www.campaigner.com. Note that the term "double opt-in" carries much bad weight and connotations in the spam fighting arena. There are only 1,050 or so names on the list, and we send them two messages per year. In the last mailing, only 6 people elected to unsubscribe, and over 30% opened the message. Web-bugs or Read-receipt things are not usually viewed as good things these days, noting that a lot of work has gone into degeating/dis-allowing these actions anyway. Twicw a year is long enough for folks to forget signing up. The remainder of your response rate ... e-mail simply deleted, sent to folks that don't allow read-receipts to go out, HTML read/handelled as "plain-text" .. lots of issues there ... noting that you don't mention bounces at all We saw no signs of someone sending spam or bulk messages in our name: surely if they did this we would see lots of returned, undeliverable messages. But the first sign we had of any problems was when the sites went off. Did you have a formmail routine in place? Was it secure? Our websites (in the process of being transferred to a new server --- this time, no re-seller, but a dedicated server in our name) are; www.luciesfarm.com -- doesn't exist www.hmdp.com - displays ISP issues, offers up a link to another site (you didn't include this one for some reason?), but following that link leaves one trapped within a Frame ... that flat sucks www.poico.com - after the Frame trick above, didn't even try Is there any way to find out if a lot of messages somehow came from these domains in the last week? Does anyone have any guesses as why The Planet would think we were sending lots of messages when we weren't? Again, the IP address in question would be the starting point. The question above about a formmail (or someting like a nuke-PHP item) .. something that could have been exploited by spammer access??? Link to comment Share on other sites More sharing options...
Craig Walsh Posted January 1, 2005 Author Share Posted January 1, 2005 The point about the infrequency of our mailings (2xyear) and folks forgetting that they asked to receive the messages is well taken, and something I've thought about. Our customers do appreciate receiving our messages: we offer them discounts, etc., and make the content brief --- but relevant. We've thought about sending more frequent messages, but don't wish to intrude too often. Perhaps we should up it to a quarterly message so people won't forget about us. I can't give you the URL for our sign-up form because our websites are off-the-air. The new, dedicated server is being configured now, and is expected to come online in the next few hours. Then our content needs to be moved over from the back-up copies. Yuck. Here's the report we get from www.campaigner.com --- this is for our latest mailing (the second of two sent in 2004): Click here to see Campaigner Report. I'm afraid I don't know how Campaigner calculates these figures: as this is their primary business, I am assuming that they handle this correctly. We've done business with them since (I believe) 2000, and have never had any problems. This report doesn't show bounces: that's in a separate report on the contact list itself. The bounce rate is, I believe, also quite low --- circa 9% to 11%. The recipients of our messages do want to get them --- honest. Otherwise we'd never consider sending them. Excuse my ignorance --- what's a formmail routine? As for the forwarding on the www.hmdp.com domain: this is something put in place today as a temporary measure. I've forwarded www.luciesfarm.com to www.luciesfarm.co.uk (our e-commerce site, hosted elsewhere) and have forwarded www.hmdp.com, www.poico.com, etc. to www.bark.ch --- a spare hosting account we had and weren't using. This is a very, very temporary measure: I hope all will be up and running in the normal (non-forwarded) manner in the next day or two. We had a dedicated IP --- I believe it was 70.84.244.241. This is different than the IP for the name servers (67.19.52.116 and 67.19.52.117). Does this information make sense? Again, everything with our domains is changing now. Sorry if that makes the detective work more difficult (or frustrating). Any information or assistance would be most appreciated. Kind regards, Craig Link to comment Share on other sites More sharing options...
dbiel Posted January 1, 2005 Share Posted January 1, 2005 The IP used to send your mail is very important. It is the one that is most likely causing the problems and needs to be checked. Link to comment Share on other sites More sharing options...
dbiel Posted January 1, 2005 Share Posted January 1, 2005 70.84.244.241. and 67.19.52.117 do not look like they are being used to send email Volume Statistics for this IP 67.19.52.116 Magnitude Vol Change vs. Average Last day 3.0 45% Last 30 days 3.2 173% Average 2.8 This IP belongs to ThePlanet.com Internet Services, Inc. which means you are affected by all of the mail that goes through that serverl. Link to comment Share on other sites More sharing options...
Wazoo Posted January 1, 2005 Share Posted January 1, 2005 I can't give you the URL for our sign-up form because our websites are off-the-air. The IP in question would be the source of your outgoing e-mail from the no-longer functional web-site/host/whatever. The current IPs involved have no bearing on what happened. Here's the report we get from Click here to see Campaigner Report. I'm afraid I don't know how Campaigner calculates these figures: as this is their primary business, I am assuming that they handle this correctly. We've done business with them since (I believe) 2000, and have never had any problems. A stated in a prevous post .. things called web-bugs attached to the various links and graphics within the e-mail ... This report doesn't show bounces: that's in a separate report on the contact list itself. The bounce rate is, I believe, also quite low --- circa 9% to 11%. The recipients of our messages do want to get them --- honest. Otherwise we'd never consider sending them. My perspective .. approximately 10% bounce rate is pretty high. There are also FAQ entries pointing to other resources dealing with running mailing lists, there may be some good things to pick up while going through that data <g> Excuse my ignorance --- what's a formmail routine? Basically, a scripted routine .. these days, one of the primary uses is so you don't have to plaser your e-mal address all over the web-page .. user goes to the form, fills in the blanks, data is sent ... undortunately, one of the most popular versions was exploitable / exploited by spammers. Some ISPs don't allow them, only allow their version, etc .... As for the forwarding on the www.hmdp.com domain: this is something put in place today as a temporary measure. I've forwarded www.luciesfarm.com to www.luciesfarm.co.uk (our e-commerce site, hosted elsewhere) and have forwarded www.hmdp.com, www.poico.com, etc. to www.bark.ch As stated, the "locked in a Frame" is where I lost it .... We had a dedicated IP --- I believe it was 70.84.244.241. This is different than the IP for the name servers (67.19.52.116 and 67.19.52.117). Does this information make sense? Currnet IPs have no bearing. Your "dedicated IP" one would assume was the IP for the hosted sites, also (probably) not related. Back to the IP of the source of the outgoing e-mail that's being talked about is the item for research. Link to comment Share on other sites More sharing options...
Wazoo Posted January 2, 2005 Share Posted January 2, 2005 Current results .. though not knowing whther this is "old" data or "current/new" suff; hmdp.com dns19.register.com reports the following MX records: Preference Host Name IP Address TTL 10 mxmail.register.com 205.158.62.41 3600 Network Owner Outblaze Ltd. (139369-1) Domain outblaze.com (Abuse guy is known world-wide .. does not screw around) poico.com ns.123-reg.co.uk reports the following MX records: Preference Host Name IP Address TTL 10 mx0.123-reg.co.uk 212.67.202.212 86400 20 mx1.123-reg.co.uk 212.67.202.214 86400 Network Owner Webfusion Internet Solutions Limited Domain 123-reg.co.uk (no comment at present) luciesfarm.com ns2.123-reg.co.uk reports the following MX records: Preference Host Name IP Address TTL 10 mx0.123-reg.co.uk 212.67.202.212 86400 20 mx1.123-reg.co.uk 212.67.202.214 86400 (see above) luciesfarm.co.uk ns1.ed2.net reports the following MX records: Preference Host Name IP Address TTL 5 mailhost.ed2.net 80.71.6.195 86400 Network Owner End Design core network, Telehouse, London Domain ed2.net Date of first message seen from this address 2003-07-04 CIDR range 80.71.6.192/27 # of domains controlled by this network owner 1 No address list shown since no email was detected from ed2.net. (No idea who this is at this point, statistics and documentation a bit confusing, perhaps a new 'owner' of this IP?) None that I checked are SpamCop listed ... Link to comment Share on other sites More sharing options...
Craig Walsh Posted January 2, 2005 Author Share Posted January 2, 2005 My perspective .. approximately 10% bounce rate is pretty high. There are also FAQ entries pointing to other resources dealing with running mailing lists, there may be some good things to pick up while going through that data <g> I believe this is simply a function of how infrequently we send messages. Our two messages in 2004 were sent about six weeks apart, and virtually none of the addresses in the second mailing "bounced." Thanks for the suggestion about the FAQ entries --- I will pursue later today. (Abuse guy is known world-wide .. does not screw around) Register.com is our registrar for the hmdp.com domain. While our new server is set up, I paid ten bucks to implement their mail forwarding service, so mail sent to my hmdp.com e-mail address didn't go into a black hole. This was set up yesterday, and I hope to shut it off when everything moves over to our new, dedicated server in a day or two. Out of curiosity, does this comment mean that Register.com (Outblaze?) is known for spam abuse? The "does not screw around" comment is confusing to me: does that mean that they're good guys? In any event, we'll be outta there in a day or two. Basically, a scripted routine .. these days, one of the primary uses is so you don't have to plaser your e-mal address all over the web-page .. user goes to the form, fills in the blanks, data is sent ... undortunately, one of the most popular versions was exploitable / exploited by spammers. Some ISPs don't allow them, only allow their version, etc .... I know what you mean now. No, we didn't have any of those. We did have (and hope to have back again soon) an Article Manager site and also a Coppermine photo gallery. ArtMan allows visitors to send an e-mail message containing a link to a particular article. From memory, however, the visitors can't add any text. Coppermine will allow visitors to send an e-card of a photograph with a small amount of text. While these aren't formmail, they seem to be a distant cousin. Can they be exploited, or am I being paranoid now? This IP belongs to ThePlanet.com Internet Services, Inc. which means you are affected by all of the mail that goes through that server. This IP address must be the one used by our e-mail. I believe the address was used by the group of customers of our re-seller: we were all then part of the bigger The Planet world. Does this IP address show any signs of recent spam abuse? Is the 173% Vol Change vs. Average bad, or is this within normal limits? As we move to our dedicated server (at HostMySite.com) --- with our own IP address --- does this still mean that we can be affected by other customers of HostMySite.com? Our new IP address is *******. Thanks again for all of your help. I really appreciate it. Link to comment Share on other sites More sharing options...
dbiel Posted January 2, 2005 Share Posted January 2, 2005 <snip> As we move to our dedicated server (at HostMySite.com) --- with our own IP address --- does this still mean that we can be affected by other customers of HostMySite.com? Our new IP address is *******. Thanks again for all of your help. I really appreciate it. 22250[/snapback] That depends on exactly how you are sending your email and what other servers are tacking on headers on the way. The problem with forged headers makes it difficult to track a message all the way back to the original source. SpamCop with stop at the last known "valid" header. Therefor if your ISP add a header to the message it could be tagged by SpamCop as the "source" of the spam, in which case you would be lumped together will all other users sending mail through that IP. So unfortunately, right now, the answer is yes, no, maybe. Link to comment Share on other sites More sharing options...
Wazoo Posted January 2, 2005 Share Posted January 2, 2005 Out of curiosity, does this comment mean that Register.com (Outblaze?) is known for spam abuse? The "does not screw around" comment is confusing to me: does that mean that they're good guys? Suresh Ramasubramanian and crew does not allow spam to become a problem. We did have (and hope to have back again soon) an Article Manager site and also a Coppermine photo gallery. ArtMan allows visitors to send an e-mail message containing a link to a particular article. From memory, however, the visitors can't add any text. Coppermine will allow visitors to send an e-card of a photograph with a small amount of text. While these aren't formmail, they seem to be a distant cousin. Can they be exploited, or am I being paranoid now? I've no knowledge on either product. As we move to our dedicated server (at HostMySite.com) --- with our own IP address --- does this still mean that we can be affected by other customers of HostMySite.com? Our new IP address is (munged) There's an IP address for the web-site. There's an IP addess for the DNS. There's an IP for the mail server. At present theree is no web-site existing (sent a PM about this), and I'm not sure what Domain you're actually setting up, thus no idea how to track your MX records at this point. As pointed out elsewhere, the answer to your question here depends on how things are set up by you and/or your host, what you're paying for, etc. You may be the only user of a mail server or you may be sharing it with a thousand other users. Link to comment Share on other sites More sharing options...
Craig Walsh Posted January 2, 2005 Author Share Posted January 2, 2005 You may be the only user of a mail server or you may be sharing it with a thousand other users. Eeegads I hope not. I'm paying, this time, for dedicated server, dedicated mail server, dedicated IP address, dedicated everything. I've had enough of being affected by the actions of unknown other people. While I realise that all of this is imperfect at best, I am trying to "insulate" our web sites. I believe we are good cyberspace citizens --- it's frustrating to be tarred by someone you don't know, can't control, etc. And still the spam keeps pouring into my own inbox. More than ever before. Is there anyone out there buying this Viagra, or thinking that the unsolicited mortgage offer is really for them, or that someone in Nigeria will really send them $10 million? Depressing. Link to comment Share on other sites More sharing options...
Merlyn Posted January 2, 2005 Share Posted January 2, 2005 www.poico.com - after the Frame trick above, didn't even try 22214[/snapback] Hmm....... Lets see: http://groups-beta.google.com/group/news.a...bbe98a50bee0899 http://groups-beta.google.com/group/news.a...8c0fcb4d0469382 http://groups-beta.google.com/group/news.a...533b83dfbf9a898 Looks like they hired GotMarketing to spam for them at least once. The redirects in the spam point to bark.ch Looks like he also owns thepoicompany.com and poico.com which was in the spam and he never mentioned that either. The more I dig the worse it gets. This is a classic case of rule #1 and rule#2 in action. A spanked spammer! Link to comment Share on other sites More sharing options...
Merlyn Posted January 2, 2005 Share Posted January 2, 2005 Looks like he had the same problem back in October Post#6 under http://forum.spamcop.net/forums/index.php?...hl=Craig++Walsh Probably happens every time he hires someone to send out his marketing info. Link to comment Share on other sites More sharing options...
Wazoo Posted January 2, 2005 Share Posted January 2, 2005 Wow! The grumpy pencil-necked geek in Iowa discussion! Thanks for the Sunday Morning smile. Had Koko Taylor belting out "you can keep your Hootchie Mama" while reading through that ... fade to "Blind man walking in darkness" by the GrooveHogs ... some kind of symapatico thing going on with this radio DJ <g> Link to comment Share on other sites More sharing options...
Jeff G. Posted January 3, 2005 Share Posted January 3, 2005 And still the spam keeps pouring into my own inbox. More than ever before. Is there anyone out there buying this Viagra, or thinking that the unsolicited mortgage offer is really for them, or that someone in Nigeria will really send them $10 million? Depressing.22261[/snapback] P.T.Barnum wrote "There's a sucker born every minute" a long time ago, and the population of the world has increased significantly since he wrote that. Link to comment Share on other sites More sharing options...
Wazoo Posted January 3, 2005 Share Posted January 3, 2005 P.T.Barnum wrote "There's a sucker born every minute" a long time ago, and the population of the world has increased significantly since he wrote that. Another version of that quote/source at http://www.historybuff.com/library/refbarnum.html Link to comment Share on other sites More sharing options...
Craig Walsh Posted January 3, 2005 Author Share Posted January 3, 2005 Good grief. The 2001 Poi Company complaints are still out there in cyberspace. Yes, I owned The Poi Company. I never made a secret of this. A WHOIS lookup will come up with my name and address, and contact telephone number and e-mail address. And I mentioned these domains in the first message in this topic. And, yes, a couple of people complained in 2001 that we'd sent them spam. At the time we'd purchased a list from what we were assured was a reputable list broker. The list was of expatriate Hawaiians who wanted to receive information about Hawaiian products. This was our first venture into the world of e-mail marketing, and we made a mistake in purchasing the list. Many people on this list were happy to hear from us, and we received orders from them. A few (and one individual in particular) vehemently complained about "spam." We never touched the list again --- erased it from our computer, and never purchased another list. The host for our eCommerce store, Yahoo, was never concerned. Then, as now, we used www.campaigner.com (it was called GotMarketing) to send out the e-mail messages for us. There was some sort of partnership between Yahoo and www.campaigner.com. This is how we found them, and why we used them to send out the messages. Campaigner does not provide the e-mail addresses: it just sends out the messages, tracks the statistics, handles the requests to unsubscribe, etc. It's hardly a matter of our hiring them to do our "dirty work," and I resent this insinuation. They seem to be a well-run company, and handle our few e-mail messages professionally. We have had our account with them since late 1999 or early 2000. Why would they continue to do business with us --- for five years --- if we were spammers? The Poi Company never recovered from the effect 9-11 had on tourism to Hawaii, and we reluctantly closed it in May of 2002 (with the loss of 31 jobs). We closed our Yahoo eCommerce site down in June 2002, after selling the last of our inventory of freeze-dried poi. I was going to close down the website, but about 300 to 500 people visit it each day, looking for general information about poi. Many come from .edu domains, so I'm guessing they're doing school research. We converted the eCommerce site (since we no longer had anything to sell) into a Article Manager site, and reluctantly added Google advertisements. The small revenue from the Google ads pay the annual hosting bill. There is a link to a CafePress where folks can purchase poi logo items: in the last year, we sold three t-shirts. The www.poico.com site has pointed to www.bark.ch since Saturday because of the recent problems with our former hosting company, The Planet. The new host is in place, the back-ups are being restored, and the site should be up and running in the next day or so. You can then see for yourself that this is a nice, non-commercial site --- containing everything you'd like to know about poi. As for the earlier problems posted by me on this site, I couldn't log in on this forum with what I thought was my user ID (craigwalsh) --- so I signed up again. Come to discover that my old user ID was Craig Walsh. I couldn't figure out how to combine the two user ID's, and thought it wasn't a big deal. When I was here before I was having problems sending e-mail to one particular recipient, and, as I recall, the problem was identified as being with his host. This is an amzaing world where some of you see culprits lurking behind every tree. I'm not a spammer, and hardly feel that I need "spanking" by any of you, or by anyone else. We sent out two e-mail newsletters last year, to the same list. A list where folks subscribed directly with us. We did not repeat the mistake we made in 2001 of placing our trust in a list purchased elsewhere: we only made that mistake once. There are circa 1,000 names on our list. Few unsubscribed, and none complained. Our two mailings offered our customers and friends discounts and the opportunity to win a gift certificate from the farm. Many took us up on these offers. As an aside, while the 2001 complaints have been dredged up as though they were absolute statements of irrefutable fact --- please consider, for a moment, the web page of the gentleman who posted these complaints. His web page says, in part: No unsolicited email of a commercial nature (email advertising a product or service, offerings to participate in a business venture, invitations to purchase any product, solicitations for donations of time, money, goods, prayers, and the like) or religious or political proseletyzing or ranting of any sort, is permitted at any of the email addresses under my control. At present, those email addresses include (but are not limited to) the following: [deleted] Sending any unsolicited email of a commercial, political, survey or religious nature to the email addresses listed above (or any other email address under my control) constitutes agreement to the following terms: Sending me unsolicited commercial, political, survey or religious email constitutes an act of criminal trespass upon my property (i.e., my email address) and may be prosecuted as such under any and all applicable state and local laws; Sending me any email for any business, political, survey or religious purpose waives any right to privacy for the sender and for the staff and management of any of the systems employed by the sender to transmit it; Sending me unsolicited commercial, political, survey or religious email grants me unlimited permission to reproduce in part or entirety such unsolicited email in any form or forum I deem appropriate, free of any charge or hindrance; Sending me unsolicited commercial, political, survey or religious email may also be prosecuted under any and all other applicable state, Federal, and local laws, including those applying to junk faxes, harassment, and/or fraud. What can I add to that? Guess he doesn't like spam. None of us do --- but this reaction seems a bit (at least to me) over the top. I guess we all have our own personal demons. To me, until someone finds a way to stop spam at the source, the best way I know to deal with it is to delete it. I'm off to walk the dogs. Link to comment Share on other sites More sharing options...
DavidT Posted January 3, 2005 Share Posted January 3, 2005 Looks like he had the same problem back in October No, I don't think so, Merlyn. That event had *nothing* to do with spamming whatsoever. It had to do with mail sent through a forwarding host that was in turn blocked by the eventual recipient, and so it wasn't triggered by the actual sending IP at all. The citations of spam you've provided regarding "poico.com" (all three years old, BTW) do look valid, but Mr. Walsh has now fully explained them. Jumping to conclusions and tossing red herrings around generally doesn't add much to the discussion... DT Link to comment Share on other sites More sharing options...
Christine Posted January 3, 2005 Share Posted January 3, 2005 Craig, has anyone suggested that you run a virus or security scanner? Everything you've described is consistent with a comprised machine (or a rogue employee). You wouldn't necessarily see any e-mail bounces or other obvious problems. Link to comment Share on other sites More sharing options...
Craig Walsh Posted January 3, 2005 Author Share Posted January 3, 2005 Christine, Nobody has suggested that. I doubt it's a rogue employee: it's only me, my wife, my sister, and a couple of farm employees who use basic e-mail to send us requests for feed, etc. Of course, we can't run this on the old server as we don't have access to it any longer. But I mysteriously received a call a few minutes ago from The Planet, wanting our business back. This just gets more and more peculiar: they shut us down on Thursday night, without notice or explanation. And call us on Monday asking us to please come back? On our new, dedicated server I think we should run virus and security scanners, and I will check with the new hosting company. We certainly run virus and security scanners every day on our computers at home. Thanks for the suggestion. Link to comment Share on other sites More sharing options...
Merlyn Posted January 3, 2005 Share Posted January 3, 2005 One would also think all the information is not being revealed. theplanet lets a lot of spam through without removing their offenders. Here is over 3,000 examples: http://groups-beta.google.com/group/news.a...rt=0&scoring=d& So, for theplanet to remove all of someones sites it had to be more than a virus or accidental. We are only hearing one side of the story and I think it is not the whole story. Link to comment Share on other sites More sharing options...
Wazoo Posted January 3, 2005 Share Posted January 3, 2005 .... after selling the last of our inventory of freeze-dried poi. Good God! ... Something I never learned to love in my years there, but trying to picture it being freeze-dried, shipped to the UK, stored somewhere until it was ordered and then shipped somewhere else .... For those of you that don't know poi, although all folks have their favorite and hated foods, the standard introduction to poi by the newcomer/tourist is agreement that "poi" is loosely translated as "wallpaper paste" <g> You can then see for yourself that this is a nice, non-commercial site --- containing everything you'd like to know about poi. I left Hawaii in 1983 and you know .. I'd never again thought about poi until this morning <g> And of course, it's not the poi I remember .. it's more the look on the faces of those taking their first two-finger scoop taste <g> As for the earlier problems posted by me on this site, I couldn't log in on this forum with what I thought was my user ID (craigwalsh) --- so I signed up again. Come to discover that my old user ID was Craig Walsh. I couldn't figure out how to combine the two user ID's, and thought it wasn't a big deal. I don't know of any "combining" action available either ... PM me with your desires on what to do with one account or the other ... When I was here before I was having problems sending e-mail to one particular recipient, and, as I recall, the problem was identified as being with his host. From my perspective, I responded in this discussion just as I responded in that discussion. Guess I'm still grumpy <g> This is an amzaing world where some of you see culprits lurking behind every tree. I'm not a spammer, and hardly feel that I need "spanking" by any of you, or by anyone else. The flip side is the phrase "the well has been poisoned" .... one definition of spam is "that which spammers say they do not do ...." And just as you are showing your sensitive spots rubbed the wrong way, you are also talking amongst folks that have seen spam grow from that wierd e-mail two or three times a month to 50,000+ a day ... and as such, the perspectives and thresholds are a lot different. What can I add to that? Guess he doesn't like spam. None of us do --- but this reaction seems a bit (at least to me) over the top. Please re-read the above. I guess we all have our own personal demons. To me, until someone finds a way to stop spam at the source, the best way I know to deal with it is to delete it. Whereas the folks involved within the Forum / SpamCop support thing are of the type that track down and report them in hopes of doing something about the issue .. again leading back to that sensitivity and threshold thing. After analyzing and reporting a few hundred unsolicited garbage e-mails, it's hard to walk into a discussion where the intro includes things like "I've been accused of spamming" and not carry a bit of attitude in when reading the "explanation" .... I'm off to walk the dogs. Heh! Still working on getting over my last "take the dog out" thing. Clipped on the leash, opened door, dog decides to hurry things up, makes the dash around me, hits the ice on the front porch and goes sailing .... I believe I was still giggling a bit at watching her surprise at what her paws weren't doing ... when of course, the leash ran out of "excess length" .... I do recall the moments of being horizontal, then feeling all three concrete steps burying themselves into various positions in the back-side of my body ... remember laying there for a (unknown) number of minutes, listening to her paws trying to get traction, feeling the rain on my face and ice-cold wetness as my clothes absorbed that which had not frozen yet .... wondering where that karma thing was ... retrieving almost a dozen 'stranded' folks earlier in the day, getting three cars out of ditches, two trips to a grocery store for some neighbors, and there I lay thinking that it must boil down to that I don't have a cell phone, as there was no one I could call from that location/position and I couldn't take a deep enough breath to holler in the chance that I might wake someone else up in the neighborhood <g> (What I don't remember is how I tore off three fingernails, put two gashes in the back of my left hand, put a hole in my sweat-pants ..??) Maybe that's why I'm still grumpy? <g> Link to comment Share on other sites More sharing options...
Wazoo Posted January 3, 2005 Share Posted January 3, 2005 Nobody has suggested that. I doubt it's a rogue employee: it's only me, my wife, my sister, and a couple of farm employees who use basic e-mail to send us requests for feed, etc. Partially explained in that most of "us" are still waiting for the true identity of the source of the alleged too-many spam e-mails ... without that, we have all been doing a bit of a dance .... But I mysteriously received a call a few minutes ago from The Planet, wanting our business back. This just gets more and more peculiar: they shut us down on Thursday night, without notice or explanation. And call us on Monday asking us to please come back? and the perfect opportunity to get the alleged facts behind the termination has thus been missed? On our new, dedicated server I think we should run virus and security scanners, and I will check with the new hosting company. We certainly run virus and security scanners every day on our computers at home. And along that line of "heard that story before" ... the customers I see that haven't update the anti-virus database/definition file since they brought the computer home are legion. So just "running it every day" isn't the final answer .. also once again pointing out that anti-virus tools are basically reactive ... the database/definition tables aren't update until the new exploit is known, analyzed, scripted, tested, posted, downloaded and installed by the end-user .... security scanners? pretty much the same story .... if not kept up to date by the application designer/programmer and end-user ...??? Just pointing out the recurring theme in your statement .. I hear that type of remark pretty much on a daily basis, usually in the same conversation that included "I never click on those" .. and "I never go to web-sites like that" ..... <g> Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.