Jump to content

Getting Unblocked? HELP


mianet
 Share

Recommended Posts

Well we got hit by a Nigerian scam ring that is using our auto-server sign up and stolen cards to get a valid mia.net email address to use to spam people with that crappy Nigerian spam...

For details see here: http://www.mia.net/HTML/News/index.html

We have used a Auto-Server signup for dialup for years, however we have altered that function. We still allow online signups, and cc billing automatically, but will now approve all accounts manually. This should prevent things like this in the future.

These morons just keep signing up... It is impossible to block as it looks to be a "ring of them", or a consorted effort.. Anyway, beware. We have contacted the FTC, like it will do any good... I think they will go away now that they can no longer sign up with our service.

This of course got us in SpamCop, among others.. Which begs the question again about how useful spamcop really is when problems like this occur. Obviously I am a bit irritated right now, but the method by which SC determines to ban you is still a bit flawed IMHO. We got a notification from them, ie., a complaint, and as always, responded to it SAME DAY, as we ALWAYS have. We indicated we had taken care of the problem. Nuff said, right? Nope.

Given there were around 15 or so of these fraud signups, there were multiple accounts, but only one that we know of that actually was able to send mail before we killed the account. So since there were obviously more than one complaint to SpamCop, since we responded as having closed the issue, when another complaint came in, we end up banned.

Our server was not open, was not exploited, was not relayed off.. This was a valid customer (though fraudulent) who not only violated our TOS, which we enforced, but also used a stolen CC. We killed the account within 20 minutes of its creation. So we end up in SC anyway... Something is not right.

I can only imagine that a larger ISP gets thousands of fraudulent orders a day/week, so that said, how do they avoid this? I've been a member of SC almost since the beginning, and always rspond to any and all complaints SAME DAY, but am still left with the possibility of waiting 20 hours for removal.

Anyway..

What can I do? Thank you..

Link to comment
Share on other sites

Just an observation but it looks like you were not too concerned before:

host 209.236.224.195 = mail.mia.net

Parsing input: 209.236.224.195

host 209.236.224.195 = mail.mia.net (cached)

ISP does not wish to receive reports regarding 209.236.224.195 - no date available

Also I do not see that IP listed or any of your other IP's.

Which one are you talking about?

Link to comment
Share on other sites

http://openrbl.org/ip/209/236/224/195.htm shows one losting

Lookup 209.236.224.195 (mail.mia.net) in 20+9 Zones

AS: [NO_ROUTE]

Net 209/8 IANA-NETBLOCK-209 ?

Results: Positive=1, Negative=27, Timeouts=1 (2005-01-21 00:02:19 UTC)

PSBL/surriel.com: 553 PSBL spam received

SpamCopBL currently showing;

209.236.224.195 not listed in bl.spamcop.net

Link to comment
Share on other sites

Just an observation but it looks like you were not too concerned before:

host 209.236.224.195 = mail.mia.net

Parsing input:

host 209.236.224.195 = mail.mia.net (cached)

ISP does not wish to receive reports regarding 209.236.224.195 - no date available

Also I do not see that IP listed or any of your other IP's.

Which one are you talking about?

23382[/snapback]

Odd... That is not true. We always respond to any complain, and always same day. I never requested not to be notified. We do receive reports for "209.236.224.195" and wish to continue to do so. How that shows up that way is beyond me.. Seems like a bug.

Yes, it looks as though the IP was pulled earlier today :) Thank you.

Link to comment
Share on other sites

Our server was not open, was not exploited, was not relayed off.. This was a valid customer (though fraudulent) who not only violated our TOS, which we enforced, but also used a stolen CC.  We killed the account within 20 minutes of its creation.  So we end up in SC anyway... Something is not right.

I can only imagine that a larger ISP gets thousands of fraudulent orders a day/week, so that said, how do they avoid this?  I've been a member of SC almost since the beginning, and always rspond to any and all complaints SAME DAY,  but am still left with the possibility of waiting 20 hours for removal.

23378[/snapback]

I appreciate your frustration but, as you realise as a long term user, this is the way the blocklist works.

Because I, as a recipient, want to reject messages from your Nigerian friends <_< I can use the SpamCop BL to reject all messages originating from your servers confident that as soon as you stop the flow you'll be delisted promptly and I can safely accept your incoming mail once again.

Seems to me that the blocklist worked correctly.

Thanks, too, for your prompt action in tackling the issue.

Andrew

Edited by agsteele
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...