Jump to content

[Resolved] MSN personal email addresses...


Recommended Posts

Received the usual run of the mill bogus lottery criminal fraud spam with a 'winners' response address of prize_winners[at]promotionaluk-info.com

No problem deciding it is an MSN personal email address registered by the criminal, (try http://promotionaluk-info.com/)

Spamcop parses it as:

host promotionaluk-info.com (checking ip) =

host = pamx1.hotmail.com (cached)

Routing details for

[refresh/show] Cached whois for : abuse[at]hotmail.com

Using abuse net on abuse[at]hotmail.com

abuse net hotmail.com = abuse[at]hotmail.com

Using best contacts abuse[at]hotmail.com

Using rdns to route to correct Microsoft department

host = pamx1.hotmail.com (cached)

abuse net pamx1.hotmail.com = abuse[at]hotmail.com

Great, so I have a choice of abuse[at]msn.com (the obvious one I'd normally use), or abuse[at]hotmail.com as suggested by SpamCop for the Mx, or even abuse[at]microsoft.com for the IP address (from ARIN)

abuse[at]hotmail.com automatically bounce the report - "not hotmail address"

abuse[at]msn.com manually bounce the report - "not msn address"

abuse[at]microsoft.com simply don't respond......

I have this trouble time and time again with getting these these MSN personal email address accounts closed - the abuse teams don't seem to be across it at all even though you spell it out for them - anyone else come across this problem? Any suggestions?....

EDIT: Finally got a reporting address for these out of MSN. It's:


Link to comment
Share on other sites

I have had the same problems. It seems as if those abuse teams go out of their way to quickly to deny responsiblity.


All too true, though few can match the inspired lunacy of MSN/Hotmail some others try very earnestly. (Well done by the way bobbear - let's just hope, if that address is effective, that the MS Vigilance Committee doesn't find out - while it doesn't appear on any organization chart, I infer that body's existence from the evidence of its results: that's the team in Micro$oft charged with the elimination of all vestiges of competence.)

As to others vying for the crown, abuse[at]comindico.com.au certainly give it their best shot.

These are not big operators - volume from SenderBase stats on the IP address sending me spam is calculated to have gone from 80 msgs/d to 600 in the 24 hour period. In response to a (manual) report:

"Our automated systems attempt to 'read' your complaint ..." "... automated systems are not perfect. To increase the chances of getting the bad guy found in the shortest possible timeframe, please go to [web site] and complete the form at that location."

Did that. After their due consideration (hundreds of microseconds):

" ... This is an automated update to inform you that we have searched our records. The search showed that no-one was assigned the IP address at the date/time specified in your report ..."

Goes on to list (inapplicable) 'possible causes'

"1. Forged spam headers..."

"2. Spoofed IP packets..."

"3. Invalid search criteria specified..."

Then, the clincher:

"To help avoid errors in reports, Comindico highly recommend submitting reports through Spamcop, DShield, or MyNetwatchman. Automated systems such as these help eliminate human error in report submission, and result in a higher success rate of finding the source of the abuse being reported."

Two minutes after my response to that (robust but "professional") I received a message with a virus-infected attachment from another Aussie address (virus attacks have been quite rare lately). Indubitably a coincidence ;-]

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...