kdcinfo Posted January 10, 2005 Posted January 10, 2005 The only spam I report is adult-related spam because we have a 13-year old whom we don't want reading some of the explicit subject lines (using server-side text-only readers at least keeps the spam to subject-line reading only). Recently, within the last week or two, it seems over 90% of the adult-related spam we receive show the network administrator to be the same: Re: http://bp2-rx.com/enter.php (Administrator of network hosting website referenced in spam) - frank1976[at]126.com Re: http://bp2-rx.com/rr.php (Administrator of network hosting website referenced in spam) - frank1976[at]126.com I was thinking of e-mailing this address and politely requesting to be removed, but that's a really old no-no because it means you'll just get more. Also, initially, the checkboxes were checked for notifying this "administrator", but getting the feeling they might just be the one's spamming (having their own network), I began unchecking these notifications a few days ago. Unfortunately, if that is the case, I'm probably already on their hit list. Has anyone else observed this particular network administrator? Does anyone have any suggestions for getting off this particular administrators list? If they're not the originator, perhaps I could request that e-mails to my address from their server be blocked?? Thanks. Keith
Miss Betsy Posted January 10, 2005 Posted January 10, 2005 Most providers will give you more than one email address. The only way to eliminate the porn email is to change your address for your personal email (and use an alphanumeric address that is not easily guessed by the dictionary spammers like k31th). You can use the old one for entering into web sites to order or whatever and if that website is not reliable then, that address already gets spam. Then threaten to withdraw computer privileges from your 13 year old if he enters the 'clean' address anywhere on the web! Also ask your correspondents to use the old address if they want to send you ecards or email you pages from websites,etc. Most email readers will let you have more than one address and again, impress on your 13 year old that he is only to read and use the 'clean' address. If you are not getting so much spam that it is only the porn that bothers you for the 13 yr old's sake, then you can use the old address for your email and the new address for the children. That's my $.02 USD Miss Betsy
Merlyn Posted January 10, 2005 Posted January 10, 2005 It will probably do no good to contact anyone regarding bp2-rx.com as it belongs to Michael Lindsay / iMedia Networks a very wll known ROKSO listed spammer, check out http://www.spamhaus.org/rokso/listing.lass...edia%20Networks canonical name bp2-rx.com. addresses 211.158.35.246 Running his "Bullet Proof" hosting out of China 211.158.35.246 is listed in the SBL, in the following records: http://www.spamhaus.org/sbl/sbl.lasso?query=SBL19859 http://www.spamhaus.org/sbl/sbl.lasso?query=SBL10264 http://www.spamhaus.org/sbl/sbl.lasso?query=SBL21421 All he will do is spam you more when he finds out you don't want it.
kdcinfo Posted January 10, 2005 Author Posted January 10, 2005 Most providers will give you more than one email address. Thanks Miss Betsy ... I'm always forgetting to clarify something or other. She actually doesn't get her own e-mail (that's a typing speed goal achievement), but she's fairly interested in what we do and likes to read things onscreen behind our back. And although I keep my mail screen minimized (of which, only subject lines are shown), there's just always the chance that I'll be filtering/cleaning only to have her walk up behind me and, not wanting to interrupt, just see what I'm doing. My host does provide my domain with 'anything[at]', and I do change up regularly, so the majority of e-mails get filtered quite easily. Out of 100 e-mails, only about 20 get left on screen. Some of these use the same "From" as the "To", so mailwasher thinks they're friendly. I have multiple filters setup to process automatically, in addition to processing the blacklists (eg, Spamcop) automatically. And oh yes, having this domain since 1997, I probably get at least 300-500/day (or more). But some are caught by my host's filter, others by Mailwasher (filters and blacklists), with a remaining 50-75 or more per day still getting through. Of those, only about 10-20% are adult. I know I can filter these more... but was mostly curious if anyone else had come across this "frank1976" administrator. Reporting these to that address obviously haven't done anything, and the IPs/e-mail hosts keep changing.
kdcinfo Posted January 10, 2005 Author Posted January 10, 2005 It will probably do no good to contact anyone regarding bp2-rx.com as it belongs to Michael Lindsay / iMedia Networks a very wll known ROKSO listed spammer That's what I was afraid of At least I know that I was seeing it right. I'll keep removing the checks/notifications, and make some adjustments in Mailwasher. Perhaps someone, somewhere will get tired of paying for his deliveries. Thanks. Keith
get-even Posted January 10, 2005 Posted January 10, 2005 It will probably do no good to contact anyone regarding bp2-rx.com as it belongs to Michael Lindsay / iMedia Networks a very wll known ROKSO listed spammer, check out http://www.spamhaus.org/rokso/listing.lass...edia%20Networks canonical name bp2-rx.com. addresses 211.158.35.246 Running his "Bullet Proof" hosting out of China 211.158.35.246 is listed in the SBL, in the following records: http://www.spamhaus.org/sbl/sbl.lasso?query=SBL19859 http://www.spamhaus.org/sbl/sbl.lasso?query=SBL10264 http://www.spamhaus.org/sbl/sbl.lasso?query=SBL21421 All he will do is spam you more when he finds out you don't want it. 22843[/snapback] Yes iMedia/Michael Lindsay runs that particular site. But even worse, 126.com is Alan Ralsky's personal domain. spam reports to them is one of the very few I uncheck (I don't even have problem with CYVEILLANCE', despite my posting of their 'whois' issue). Don't know about iMedia, but Ralsky will definitely spam you more (his spam almost always contains hidden identifiers, so munged or not, you will be visible in the report).
eaolson Posted January 10, 2005 Posted January 10, 2005 The only spam I report is adult-related spam because we have a 13-year old whom we don't want reading some of the explicit subject lines (using server-side text-only readers at least keeps the spam to subject-line reading only). 22836[/snapback] I wonder if anyone has ever tried to go after a spammer for sending such adult materials to children. There's probably some legal hooha about "explicit" vs. "pornographic" and they could certainly claim that they didn't know the recipient was a minor, but I don't know how much legal weight that would hold. The various authorities seem to have trouble going after spammers on technical grounds, probably for a number of reasons. I wonder if the situation would be different if they were going after spammers for "contributing to the deliquency of a minor" or something similar.
kdcinfo Posted January 10, 2005 Author Posted January 10, 2005 Don't know about iMedia, but Ralsky will definitely spam you more (his spam almost always contains hidden identifiers, so munged or not, you will be visible in the report). Ouch. Guess I'm on the radar Nothing like watering a fish. Or, selling bacon to a pig. (100% waste of everyone's time) Perhaps after them not seeing any of my reports anymore I'll drop back off the radar. I'm about ready to support the eStamp.
Jeff G. Posted January 10, 2005 Posted January 10, 2005 I wonder if anyone has ever tried to go after a spammer for sending such adult materials to children. There's probably some legal hooha about "explicit" vs. "pornographic" and they could certainly claim that they didn't know the recipient was a minor, but I don't know how much legal weight that would hold. The various authorities seem to have trouble going after spammers on technical grounds, probably for a number of reasons. I wonder if the situation would be different if they were going after spammers for "contributing to the deliquency of a minor" or something similar. 22856[/snapback] In this particular case, the minor would have to have her own account for that argument to carry any weight. My 10-year-old nephew has his own email account on the family mailserver (we set it up for him when he was born), but he doesn't have the password and his mom manually filters it before showing it to him. She is naturally overprotective of her only child. On a related note, while preparing for a 6-year-old coming to visit, I ventured into locking down the Time Warner Cable box he might be using. A bunch of shows I would have thought would have G or TV-Y ratings had no ratings at all, so I had to let non-rated non-adult shows through. That was a nice little adventure.
kdcinfo Posted January 10, 2005 Author Posted January 10, 2005 I wonder if anyone has ever tried to go after a spammer for sending such adult materials to children. There is now, they're supposed to contain (or begin) with the word Explicit, or something to that affect. But does this stretch across international borders? I'm very surprised China isn't more critical (or harsh) when it comes to spam. But if they begin with that, and then follow with their message, to me that just makes it stand out more (like, READ ME! - or, "Don't look down"). But the problem in my case is the e-mail is not my daughters. It just happens that she has the potential for reading the subject lines. I just have to do more to ensure she doesn't. TVs have the vchip, mail has filters. One just requires a ton more knowledge. But the answer is clear that this Frank1976/126.com/bp2-rx address is one to stay away from if you're just a pawn like me. And I've learned to only check the boxes at the very top.
Merlyn Posted January 10, 2005 Posted January 10, 2005 There is now, they're supposed to contain (or begin) with the word Explicit, or something to that affect. But does this stretch across international borders? 22861[/snapback] No, the (I) CANSPAM act is only a US law. (IANAL) Like I said above the site is hosted in China, do you know what the sending IP was? If it was a hijacked machine in the US or even a IP they were using in the US then it should have been compliant. Not that it would matter anyhow
Miss Betsy Posted January 10, 2005 Posted January 10, 2005 To Keith I didn't realize that it was your domain which is a whole different ballgame. Actually my attitude toward inevitable child encounters with what you don't want them to know about is to openly tell them why this is not good. For younger children, it is easier to control what they see or don't see. (For instance, only downloading email when they are in bed or not allowing them to walk up behind you.) For someone who is 13, though, you have done all you can to teach hir what is right and wrong and now you need to be teaching hir how to discern. If she doesn't see it on your computer, she will sooner or later on someone else's. IMHO, a 13 year old is old enough to be able to dismiss the porn just as an adult does. And it would be better for hir to learn from you and how you handle seeing those subject lines than on her own. Miss Betsy
get-even Posted January 10, 2005 Posted January 10, 2005 ... But the answer is clear that this Frank1976/126.com/bp2-rx address is one to stay away from if you're just a pawn like me. And I've learned to only check the boxes at the very top. 22861[/snapback] I believe that "frankXXX[at]126.com" is a 'bot for harvesting valid email addresses. I have been shown other information that makes it appear that "AlexanderLinder[at]163.com" is personally Alan Ralsky. For people like Merlyn, who lists his interests as "Researching Spammers.", it can be informative to look up sequential domain registrations on ChinaNet (seemingly created by a scri_pt or `bot - sometimes over a hundred can be created in a ten minute period) by the handle instead of the domain name (so you can see the actual sequence) and count the percent using a [at]163.com account against those using "antispam[at]xxx.xxx.cn". Just for anyone still interested: $ whois bp2-rx.com Whois Server Version 1.3 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. Domain Name: BP2-RX.COM Registrar: GANDI Whois Server: whois.gandi.net Referral URL: http://www.gandi.net Name Server: NS1.NS-1.BIZ Name Server: NS2.NS-1.BIZ Status: ACTIVE Updated Date: 06-jan-2005 Creation Date: 21-dec-2004 Expiration Date: 21-dec-2005 >>> Last update of whois database: Mon, 10 Jan 2005 07:38:51 EST <<< NOTICE: The expiration date displayed in this record is the date the registrar's sponsorship of the domain name registration in the registry is currently set to expire. This date does not necessarily reflect the expiration date of the domain name registrant's agreement with the sponsoring registrar. Users may consult the sponsoring registrar's Whois database to view the registrar's reported date of expiration for this registration. TERMS OF USE: You are not authorized to access or query our Whois database through the use of electronic processes that are high-volume and automated except as reasonably necessary to register domain names or modify existing registrations; the Data in VeriSign Global Registry Services' ("VeriSign") Whois database is provided by VeriSign for information purposes only, and to assist persons in obtaining information about or related to a domain name registration record. VeriSign does not guarantee its accuracy. By submitting a Whois query, you agree to abide by the following terms of use: You agree that you may use this Data only for lawful purposes and that under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail, telephone, or facsimile; or (2) enable high volume, automated, electronic processes that apply to VeriSign (or its computer systems). The compilation, repackaging, dissemination or other use of this Data is expressly prohibited without the prior written consent of VeriSign. You agree not to use electronic processes that are automated and high-volume to access or query the Whois database except as reasonably necessary to register domain names or modify existing registrations. VeriSign reserves the right to restrict your access to the Whois database in its sole discretion to ensure operational stability. VeriSign may restrict or terminate your access to the Whois database for failure to abide by these terms of use. VeriSign reserves the right to modify these terms at any time. The Registry database contains ONLY .COM, .NET, .EDU domains and Registrars. % GANDI Registrar whois database for .COM, .NET, .ORG., .INFO, .BIZ, .NAME % % Access and use restricted pursuant to French law on personal data. % Copy of whole or part of the data without permission from GANDI % is strictly forbidden. % The sole owner of a domain is the entity described in the relevant % 'domain:' record. % Domain ownership disputes should be settled using ICANN's Uniform Dispute % Resolution Policy: http://www.icann.org/udrp/udrp.htm % % Acces et utilisation soumis a la legislation francaise sur % les donnees personnelles. % Copie de tout ou partie de la base interdite sans autorisation de GANDI. % Le possesseur d'un domaine est l'entite decrite dans % l'enregistrement 'domain:' correspondant. % Un desaccord sur la possession d'un nom de domaine peut etre resolu % en suivant la Uniform Dispute Resolution Policy de l'ICANN: % http://www.icann.org/udrp/udrp.htm % % Date: .................. domain: BP2-RX.COM owner-address: Ralsky Rocks Inc owner-address: 8976 Dien Bien Phu, owner-address: HN10000 owner-address: Ba Dinh,Hanoi owner-address: Vietnam owner-phone: +84.913236677 owner-e-mail: ihatespam1[at]PunkAss.com admin-c: HR266-GANDI tech-c: AR41-GANDI bill-c: HR266-GANDI nserver: ns1.ns-1.biz nserver: ns2.ns-1.biz reg_created: 2004-12-21 21:50:46 expires: 2005-12-21 21:50:46 created: 2004-12-22 03:50:47 changed: 2005-01-06 10:10:19 person: Hermish Ralskey nic-hdl: HR266-GANDI address: 8976 Dien Bien Phu, address: HN10000 address: Ba Dinh,Hanoi address: Vietnam phone: +84.913236677 e-mail: ihatespam1[at]PunkAss.com lastupdated: 2005-01-03 16:58:30 person: GANDI Auto Register 4.1 nic-hdl: AR41-GANDI address: GANDI address: 38 rue Notre-Dame de Nazareth address: F-75003 address: Paris address: France phone: N/A e-mail: support[at]gandi.net
kdcinfo Posted January 10, 2005 Author Posted January 10, 2005 IMHO, a 13 year old is old enough to be able to dismiss the porn just as an adult does. And it would be better for hir to learn from you and how you handle seeing those subject lines than on her own. Typically and normally I would agree with this philosophy. However, some of these subject lines make me uneasy/uncomfortable to look at; and I'm in my late 30s. But this brings up the point that spam should definitely be taken care of before it ever hits the end user. I might personally be able to keep my daughter from seeing these things on my computer, but if she's visiting a friend... their parents may not be as e-mail/server savvy. I can't imagine all the folks simply downloading to Outlook with the Preview Pane open. Imagine their kids walking up behind them ... at 8 or 9 years old. Nonetheless, I know now to expect much more of these (3 in the last 20 minutes) now that my address is on their hit-list.
kdcinfo Posted January 10, 2005 Author Posted January 10, 2005 I believe that "frankXXX[at]126.com" is a 'bot for harvesting valid email addresses. I never figured the mailer to be a bot - 'cause it seemed as though they took breathers (slept). But I guess that makes sense.
Merlyn Posted January 10, 2005 Posted January 10, 2005 Get-even, you also do some excellent investigative work and no I didn't spend much time on this only a minute to do the lookup. Normally I only spend a lot of time with the spammers that make it through our lists and filters. I really doubt he would place a name in a registration like Ralsky Rocks Inc along with Hermish Ralskey (but I wouldn't put it past him!) and PunkAss.com is one of the email domains you can use for an email account at hotpop.com. It might or might not be Ralsky, I go on what Spamhaus says it is. I do believe that if Spamhaus says it's Michael Lindsay / iMedia Networks then it most probably is. That is not to say they all (spammers) share/sell info and resources to each other.
Christine Posted January 10, 2005 Posted January 10, 2005 Typically and normally I would agree with this philosophy. However, some of these subject lines make me uneasy/uncomfortable to look at; and I'm in my late 30s. But this brings up the point that spam should definitely be taken care of before it ever hits the end user. I might personally be able to keep my daughter from seeing these things on my computer, but if she's visiting a friend... their parents may not be as e-mail/server savvy. I can't imagine all the folks simply downloading to Outlook with the Preview Pane open. Imagine their kids walking up behind them ... at 8 or 9 years old. Nonetheless, I know now to expect much more of these (3 in the last 20 minutes) now that my address is on their hit-list. 22869[/snapback] Plenty of spam makes me sick to my stomach, and I never see anything except the subject lines. I'm sure someone has sent "13 year old girls being abused!!" spam, and I know how I would have reacted when I was 13. Pornography is a tricky issue as it is based on "community standards." People tried to prosecute people for mailing copies of "Deep Throat" (which was fairly mainstream) into their community, didn't work. I think you'd have to prosecute these guys in China/Korea, where ever they spam from. It's even worse if a comprimised machine is involved. Presumably they host the stuff in a country where porn is legal, and anyone who actually goes to the site should know better. As for China's alledged anti-porn stance...well, China is a pretty corrupt and dishonest place right now, unfortunately.
Merlyn Posted January 10, 2005 Posted January 10, 2005 I have kids from 5 yrs old to 26 yrs old. I have to check my 10 year olds email account before he gets into it. It has never been used except to a few of his friends from school and some of the spam that has slipped through has been porn. As far as I am concerned porn email marketing should only be allowed to someone who has requested and confirmed it and proved to be of legal age. Just my 2 cents.
Miss Betsy Posted January 11, 2005 Posted January 11, 2005 I totally agree about porn not being sent to anyone who has not requested it. I would like to sue them for sexually harassment (as an adult). However, since it is not possible, unless somebody makes a law that every ISP filter out porn unless it is whitelisted - which is not very probable, then if kids are going to use email, they are going to have to be prepared. I agree that most of it makes me queasy which is why I changed my email address at home to an alphanumeric one and I have not (fingers crossed) received any since (about two years). But 13 year olds need to be prepared on how to deal with those things that you can't protect them from (unless you lock them in). IMHO, it is much better for them to see a subject line about '13 yr old xxxxxx' when you are right there and they know you are disgusted, and it also gives some of your warnings more creditability when you explain why some people are interested. They also see how you deal with it so that they have a model. If you hide it from them, and then they do see it, they won't ask you about it because they will be afraid of what you will say (or perhaps do - like 'you can't go to Johnny's any more!') Miss Betsy
eaolson Posted January 11, 2005 Posted January 11, 2005 I totally agree about porn not being sent to anyone who has not requested it. I'd like to see that about email marketing in general. I would like to sue them for sexually harassment (as an adult). To an adult, I figure it's the equivalent of some guy hitting on you in a bar. Sleazy, rude, yes, but not illegal. Pity there's no email equivalent of throwing a drink in someone's face. Willfully (or negligently) doing the same to children is an entirely different matter.
kdcinfo Posted January 11, 2005 Author Posted January 11, 2005 In looking at some stats, I'm hoping I'm reading them wrong, but I don't see bp2 or 211.158 (much less bp2-rx or 211.158.35) anywhere in the stats I'm looking at (in the Statistics tab). So I'm wondering, which is worse? Spammer #1, 2, and 3 sending 50 e-mails for ink toner discounts or Spammer #4 sending 10 e-mails for 13-year old XXX? I think people would have a different answer than computers. According to the numbers, those who spam more get noticed more, while those with worse spams, if they're savvy enough not to send as many bulks, won't get noticed as much.
StevenUnderwood Posted January 11, 2005 Posted January 11, 2005 To an adult, I figure it's the equivalent of some guy hitting on you in a bar. Sleazy, rude, yes, but not illegal. Pity there's no email equivalent of throwing a drink in someone's face. 22899[/snapback] I figure that it is more analogous to having someone expose themselves to you in public, which IS against the law in most places.
Merlyn Posted January 11, 2005 Posted January 11, 2005 I figure that it is more analogous to having someone expose themselves to you in public, which IS against the law in most places. 22901[/snapback] Nice analogy!
eaolson Posted January 11, 2005 Posted January 11, 2005 I figure that it is more analogous to having someone expose themselves to you in public, which IS against the law in most places. 22901[/snapback] If the spam itself is explicit, I'd agree. (I like your analogy better, anyway.) On the other hand, I really didn't need the mental image of Ralsky exposing himself to me. Excuse me while I go wash my brain out with soap.
Merlyn Posted January 11, 2005 Posted January 11, 2005 This just in...... Feds slam sex spammers: See: http://www.ftc.gov/opa/2005/01/globalnetsolutions.htm http://story.news.yahoo.com/news?tmpl=stor...nm/tech_spam_dc
Recommended Posts
Archived
This topic is now archived and is closed to further replies.