Jump to content
Sign in to follow this  
mianet

Getting Unblocked? HELP

Recommended Posts

Well we got hit by a Nigerian scam ring that is using our auto-server sign up and stolen cards to get a valid mia.net email address to use to spam people with that crappy Nigerian spam...

For details see here: http://www.mia.net/HTML/News/index.html

We have used a Auto-Server signup for dialup for years, however we have altered that function. We still allow online signups, and cc billing automatically, but will now approve all accounts manually. This should prevent things like this in the future.

These morons just keep signing up... It is impossible to block as it looks to be a "ring of them", or a consorted effort.. Anyway, beware. We have contacted the FTC, like it will do any good... I think they will go away now that they can no longer sign up with our service.

This of course got us in SpamCop, among others.. Which begs the question again about how useful spamcop really is when problems like this occur. Obviously I am a bit irritated right now, but the method by which SC determines to ban you is still a bit flawed IMHO. We got a notification from them, ie., a complaint, and as always, responded to it SAME DAY, as we ALWAYS have. We indicated we had taken care of the problem. Nuff said, right? Nope.

Given there were around 15 or so of these fraud signups, there were multiple accounts, but only one that we know of that actually was able to send mail before we killed the account. So since there were obviously more than one complaint to SpamCop, since we responded as having closed the issue, when another complaint came in, we end up banned.

Our server was not open, was not exploited, was not relayed off.. This was a valid customer (though fraudulent) who not only violated our TOS, which we enforced, but also used a stolen CC. We killed the account within 20 minutes of its creation. So we end up in SC anyway... Something is not right.

I can only imagine that a larger ISP gets thousands of fraudulent orders a day/week, so that said, how do they avoid this? I've been a member of SC almost since the beginning, and always rspond to any and all complaints SAME DAY, but am still left with the possibility of waiting 20 hours for removal.

Anyway..

What can I do? Thank you..

Share this post


Link to post
Share on other sites

Just an observation but it looks like you were not too concerned before:

host 209.236.224.195 = mail.mia.net

Parsing input: 209.236.224.195

host 209.236.224.195 = mail.mia.net (cached)

ISP does not wish to receive reports regarding 209.236.224.195 - no date available

Also I do not see that IP listed or any of your other IP's.

Which one are you talking about?

Share this post


Link to post
Share on other sites

http://openrbl.org/ip/209/236/224/195.htm shows one losting

Lookup 209.236.224.195 (mail.mia.net) in 20+9 Zones

AS: [NO_ROUTE]

Net 209/8 IANA-NETBLOCK-209 ?

Results: Positive=1, Negative=27, Timeouts=1 (2005-01-21 00:02:19 UTC)

PSBL/surriel.com: 553 PSBL spam received

SpamCopBL currently showing;

209.236.224.195 not listed in bl.spamcop.net

Share this post


Link to post
Share on other sites
Just an observation but it looks like you were not too concerned before:

host 209.236.224.195 = mail.mia.net

Parsing input:

host 209.236.224.195 = mail.mia.net (cached)

ISP does not wish to receive reports regarding 209.236.224.195 - no date available

Also I do not see that IP listed or any of your other IP's.

Which one are you talking about?

23382[/snapback]

Odd... That is not true. We always respond to any complain, and always same day. I never requested not to be notified. We do receive reports for "209.236.224.195" and wish to continue to do so. How that shows up that way is beyond me.. Seems like a bug.

Yes, it looks as though the IP was pulled earlier today :) Thank you.

Share this post


Link to post
Share on other sites
Our server was not open, was not exploited, was not relayed off.. This was a valid customer (though fraudulent) who not only violated our TOS, which we enforced, but also used a stolen CC.  We killed the account within 20 minutes of its creation.  So we end up in SC anyway... Something is not right.

I can only imagine that a larger ISP gets thousands of fraudulent orders a day/week, so that said, how do they avoid this?  I've been a member of SC almost since the beginning, and always rspond to any and all complaints SAME DAY,  but am still left with the possibility of waiting 20 hours for removal.

23378[/snapback]

I appreciate your frustration but, as you realise as a long term user, this is the way the blocklist works.

Because I, as a recipient, want to reject messages from your Nigerian friends <_< I can use the SpamCop BL to reject all messages originating from your servers confident that as soon as you stop the flow you'll be delisted promptly and I can safely accept your incoming mail once again.

Seems to me that the blocklist worked correctly.

Thanks, too, for your prompt action in tackling the issue.

Andrew

Edited by agsteele

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×