Jump to content

affordablegenericdrugs.com


zav

Recommended Posts

I am taking the time to write this in the effort of getting affordablegenericdrugs.com added to the blocked list.

In the past week, I have been spammed by the web owner twice in a manner that makes it very difficult (impossible) for Spamcop to track them down.

First, their email is encoded in base 64 (I believe). Also once Spamcop decodes the email, the link does not point to affordablegenericdrugs.com. It points to a forwarding site with an extension code. In my case, http://hutabfcfsrb.lowcostpills.org/. This forwards the browser to: http://www.affordablegenericdrugs.com/

Spamcop does not find an ip address for http://www.affordablegenericdrugs.com/ so I have done the research.

Traceroute fails on affordablegenericdrugs.com from my system in the Terminal (Mac dual 1.6 G4 Cube running Tiger)

Dig on the domain returns the following info in China:

zav$ dig "www.affordablegenericdrugs.com"

; <<>> DiG 9.2.2 <<>> www.affordablegenericdrugs.com

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55480

;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 4, ADDITIONAL: 2

;; QUESTION SECTION:

;www.affordablegenericdrugs.com. IN A

;; ANSWER SECTION:

www.affordablegenericdrugs.com. 264 IN CNAME unixe1-g1.xinnetdns.com.

unixe1-g1.xinnetdns.com. 8369 IN A 210.51.170.43

unixe1-g1.xinnetdns.com. 8369 IN A 210.51.170.44

unixe1-g1.xinnetdns.com. 8369 IN A 210.51.170.45

unixe1-g1.xinnetdns.com. 8369 IN A 210.51.170.40

unixe1-g1.xinnetdns.com. 8369 IN A 210.51.170.41

unixe1-g1.xinnetdns.com. 8369 IN A 210.51.170.42

;; AUTHORITY SECTION:

xinnetdns.com. 128990 IN NS ns.xinnet.cn.

xinnetdns.com. 128990 IN NS ns.xinnetdns.com.

xinnetdns.com. 128990 IN NS ns2.xinnet.cn.

xinnetdns.com. 128990 IN NS ns2.xinnetdns.com.

;; ADDITIONAL SECTION:

ns.xinnetdns.com. 15380 IN A 210.51.170.66

ns2.xinnetdns.com. 128990 IN A 202.106.124.194

;; Query time: 19 msec

;; SERVER: 192.168.2.1#53(192.168.2.1)

;; WHEN: Wed Aug 17 13:05:15 2005

;; MSG SIZE rcvd: 289

It would be great to get these people added to the block list as the go out of their way to avoid detection ala spamcop.

The spam I was sent was the following if anyone cares:

http://www.spamcop.net/sc?id=z797129398z08...704694345f2db6z

EDIT: Wazoo converted spam sample to a Tracking URL, provided the Tracking URL

Link to comment
Share on other sites

I get dozens of these daily at my hotmail acount. Unfortunately Spamcop has given up on popping that account and I no longer have the time to report them manually. I report them to hotmail when deleting, whatever good that might do. It hasn't stopped them yet.

Link to comment
Share on other sites

I am taking the time to write this in the effort of getting affordablegenericdrugs.com added to the blocked list.

31762[/snapback]

Perhaps a re-visit to the Rules, What is it, What is on the Blocklist, etc. is required. SpamCop does not run a BL that works with Domain names. Yes, there is an indirect feed to the SURBL, but that's a whole 'nother story.

Next action .... converting your spam sample into a Tracking URL

Link to comment
Share on other sites

I am taking the time to write this in the effort of getting affordablegenericdrugs.com added to the blocked list.

31762[/snapback]

As Wazoo stated, adding the IP of a web site to the BL will do no good as email is not coming from the web site (in most likelyhood). You want the ISP to shut the site down.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...