Jump to content

Email address lists made public


Hanco
 Share

Recommended Posts

What do we make of this? Any insights?

I’d love to know more about the owner/source of this stuff. I think they are a source of the majority of spams I get. So much cloak and dagger. Though I see it *says* Flex Marketing Group, and I think they’ve been caught spamming before.

I notice “ec2” mentioned in one of the URLs (EC2 being the Amazon service perhaps)

https://to-email.com/find-email/from-mx/ip-172-31-40-64.ec2.internal
 

https://to-email.com/find-email/dce79a24436e8368cf2ccd1b12ef9f9a

Edited by Hanco
Typo
Link to comment
Share on other sites

Quote

Please find the following Compliance Alert, containing email addresses and/or domains which are known to generate problems. Please help us by immediately blacklisting all such email addresses and domains from your databases.

I look at those email addresses and find they are @gmail.com and @yahoo.com
First, how were those email addresses "collected"? did whoever listed them make a list of the "from:" headers in the spams? if so, then, just to make this clear, it is unreliable, as I can send emails with a "from:" showing any email address I want to send it as. I have sent emails listing the from as the recipient I intended to reach. it was as a joke to show someone that they could receive emails sent from themselves without having sent the email themselves.

Second, "help us by immediately blacklisting all ... domains" ... sure, blacklist yahoo and gmail... like that would ever happen... I use gmail and yahoo both, and am pretty confident that those domains will not be blacklisted... I submit gmail spam to spamcop through my gmail address and don't get blacklisted ;)

 

Link to comment
Share on other sites

So here’s the thing!

Last night I had a really good look.

The site pages above (and others) show the same company involved. 

Looking at THEIR website, they claim to service the brands I have been harassed by for several years. And the emails have familiar spam characteristics like no relationship between anything (nothing whatsoever) and the company behind it all. Deceptive subject lines. spam redirect links that dance around before they hit the target. And pulling images from all over the place against the terms of use. What is very surprising is the companies paying for the spamming services by this “business” - I haven’t decided yet how far to take this but I’m mulling it over for sure. 
 

Is there a way to pull the history of all reports I have made through SpamCop for several years? I’d like to build up the comprehensive file of evidence. These people need to realize this is NOT acceptable behavior!

Link to comment
Share on other sites

7 hours ago, Hanco said:

Is there a way to pull the history of all reports I have made through SpamCop for several years? I’d like to build up the comprehensive file of evidence.

several years, unfortunately not, as spam reports get to be removed after a certain amount of time... how long, I'm not sure....
https://www.spamcop.net/mcgi?action=showhistory&slice=&val=0&offset=0&query_type=4
this link is the report history of the last 3 months (90 days).

I send myself a report which I keep for posterity
I have the spam message with that, but SC has already removed the spam report from the beginning of this year:

image.png.f95521d870deee0429e84269c6d99e88.png
this screenshot is the report link result from a spam message I reported on Jan 4th this year...
my private spam history goes back to 2018 but even that one I tend to weed out after a while since, in my experience, spam site owners tend to drop/change their URLs after some time...
 
HTH
Link to comment
Share on other sites

On 6/26/2022 at 10:21 AM, Hanco said:

The problem I have with the listed email addresses is that most servers don't verify the from or the mail envelope.  They only "assume" the from being used is the actual spammer.  This allows some of the spammers to use "revenge" campaigns by using a non-spammer email addresses in the from.  If admins have the checks in place to verify the emails are valid, they blocking based on the emails is a good thing.  (This is the intent of SPF version 1.)

Link to comment
Share on other sites

2 hours ago, gnarlymarley said:

The problem I have with the listed email addresses is that most servers don't verify the from or the mail envelope.  They only "assume" the from being used is the actual spammer.  This allows some of the spammers to use "revenge" campaigns by using a non-spammer email addresses in the from.  If admins have the checks in place to verify the emails are valid, they blocking based on the emails is a good thing.  (This is the intent of SPF version 1.)

I'm not sure if that would be a problem for me, since I have multiple email addresses and depending on the reason for sending an email, I send it with a different "account" but always through the same email service. I'm not sure if my email provider uses SPF (I was at the beach not too long ago and was reading SPF as Sun Protection Factor at first glance 🤣) but I'm able to send as different accounts on the same platform "spoofing the addresses"

Link to comment
Share on other sites

  • 2 weeks later...
Posted (edited)

I just noticed the page I started the opening post with refers to “AD1 Publishers” and a Gogle around finds a privacy policy for “AD1 Media Group” on the Flex Marketing Group website (https://flexmg.com/legal/ad1-privacy-policy/) - it is a bit weird because it starts “Thank you for visiting the AD1 Media Group website located at www.AD1mg.com” (even though this privacy policy is hosted at flexmg.com and not AD1mg.com)

Anyway, after contacting the business Flex Marketing Group a couple of weeks ago and getting no reply at all, I’m asking the hosting provider if they’ll take down a public page listing all those email addresses. The host is Kyiv Star (in Ukraine so hopefully they are operating ok). Will see if they can sort it.

Edited by Hanco
Typo
Link to comment
Share on other sites

No reply from KyivStar, the host of the website. I guess that could be understandable given the war raging in the South/South East (and I’m all for Ukrainian victory in that regard) but what to do now? 
 

Domain registrar is Namesilo and they just reply with the standard email and ironically they advise keeping your email address private and not showing on any public webpages! The suggestion they give is to raise a UDRP dispute… would that even work? 
 

Any other ideas? I’ve checked for a reply from Flex Marketing Group to my request to remove me from all their data on 30th June and there has not even been a reply. That was sent via the BBB website.

Link to comment
Share on other sites

On 6/28/2022 at 3:49 PM, gnarlymarley said:

The problem I have with the listed email addresses is that most servers don't verify the from or the mail envelope. 

I think this is a communication from flex Marketing Group (or their subsidiary AD1 Media Group) to their disparate community of affiliate spammer folks. The list is a list of people they know don’t want/may report spam. It’s a very poor way of communicating this list though!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...