ISP does not wish to receive reports?

[epgeek]

How galling that an ISP refuses to hear about subscribers who are blatant spammers?? This morning I was reporting a spammer/phishing crook via spam cop and I saw this note in the spam cop analysis: "ISP does not wish to receive reports regarding http://www.freelotto.com/ - no date available

http://www.freelotto.com/ has been appealed previously." These "overseas" lotto's are an old and tired scam, and the fact that the ISP does not want to hear about it seems criminally irresponsible. Where is the cavalry when you need them? If the ISP's look the other way when real crimes are being committed then the problem will only escalate to chaos. Why should the good guys be concerned about vigilante attacks on the bad guys when it is obvious that there is no law on the Internet. Or here is a novel idea, perhaps the government budget that is wasted on do nothing projects like spam[at]uce.com and enforcement[at]sec.gov should be funneled to the good guys at spam Cop who do make a difference with their Blocking Lists.!

[Wazoo]

How galling that an ISP refuses to hear about subscribers who are blatant spammers?? This morning I was reporting a spammer/phishing crook via spam cop and I saw this note in the spam cop analysis: "ISP does not wish to receive reports regarding http://www.freelotto.com/ - no date available

http://www.freelotto.com/ has been appealed previously."

Tracking URL?

These "overseas" lotto's are an old and tired scam,

Overseas?

whois -h whois.opensrs.net freelotto.com ...

Registrant:

PlasmaNet, Inc

420 Lexington Ave

Suite 2435

New York, NY 10170

US

Domain name: FREELOTTO.COM

Administrative Contact:

Registrar, Domain domreg[at]freelotto.com

420 Lexington Ave

Suite 2435

New York, NY 10170

US

212-931-6760

Technical Contact:

Registrar, Domain domreg[at]freelotto.com

420 Lexington Ave

Suite 2435

New York, NY 10170

US

+1.2129316760

Registrar of Record: TUCOWS, INC.

Record last updated on 28-Sep-2006.

Record expires on 04-Nov-2011.

Record created on 23-Oct-1996.

Domain servers in listed order:

UDNS1.ULTRADNS.NET 204.69.234.1

UDNS2.ULTRADNS.NET 204.74.101.1

Domain status: clientDeleteProhibited

clientTransferProhibited

clientUpdateProhibited

11/21/06 09:04:51 Slow traceroute freelotto.com

Trace freelotto.com (64.14.48.101) ...

11/21/06 09:08:20 IP block 64.14.48.101

Trying 64.14.48.101 at ARIN

Trying 64.14.48 at ARIN

OrgName: Savvis

OrgID: SAVVI-2

Address: 3300 Regency Parkway

City: Cary

StateProv: NC

PostalCode: 27511

Country: US

OrgAbuseHandle: ABUSE11-ARIN

OrgAbuseName: Abuse

OrgAbusePhone: +1-877-393-7878

OrgAbuseEmail: abuse[at]savvis.net

OrgNOCHandle: NOC99-ARIN

OrgNOCName: SAVVIS Support Center

OrgNOCPhone: + 1-888-638-6771

OrgNOCEmail: ipnoc[at]savvis.net

Or here is a novel idea, perhaps the government budget that is wasted on do nothing projects like spam[at]uce.com and enforcement[at]sec.gov

Not sure that I can agree with that at all ...

should be funneled to the good guys at spam Cop who do make a difference with their Blocking Lists.!

Not that this volunteer would turn down any donations <g>

[epgeek]

Here is the tracking URL analysis for the sender:

Microsoft Mail Internet Headers Version 2.0

Received: from sina.com ([88.20.27.196]) by ep_adminsvr_6.ep.local with Microsoft SMTPSVC(6.0.3790.1830);

Tue, 21 Nov 2006 06:59:03 -0600

From: THE FREE LOTTO COMPANY <vtdbvakdgj[at]ibm.com>

To: wvanandel <wvanandel[at]exploration.org>

Subject: AWARD NOTIFICATIONS

X-Priority: 3

X-MSMail-Priority: Normal

Reply-To: THE FREE LOTTO COMPANY <vtdbvakdgj[at]ibm.com>

mime-version: 1.0

content-type: multipart/mixed;

boundary="qzsoft_directmail_seperator"

Return-Path: ogfchhsxtb[at]sina.com

Message-ID: <EP_ADMINSVR_6kIN4Mm00000711[at]ep_adminsvr_6.ep.local>

X-OriginalArrivalTime: 21 Nov 2006 12:59:04.0123 (UTC) FILETIME=[D26B60B0:01C70D6C]

Date: 21 Nov 2006 06:59:04 -0600

--qzsoft_directmail_seperator

Content-Type: text/plain;

charset="DEFAULT"

Content-Transfer-Encoding: base64

--qzsoft_directmail_seperator--

When I checked the sender IP with whois I get our old sloppy friend: telefonica.es

The sender name was an obvious phoney: THE FREE LOTTO COMPANY [vtdbvakdgj[at]ibm.com] ...I am sure that IBM is not sponsoring this lotto.

It was the telefonica.es that made me call this an overseas scam, and also the message itself referenced the European lotto company. This is such an obvious scam that any ISP that doesn't take steps to stop it is almost as guilty as the perp.

[Wazoo]

Tracking URL

Where's the reference to FREELOTTO.COM ???

[epgeek]

The reference to freelotto.com is in the email header and in the body of the spam as: WINNING NOTIFICATION

THE FREE LOTTO COMPANY

Free lotto Headquarters:

Customer Service/Award Dept.

www.freelotto.com

Ref No:FI/550/05ES

Bacth No:6677-05734

[StevenUnderwood]

The reference to freelotto.com is in the email header and in the body of the spam as: WINNING NOTIFICATION

THE FREE LOTTO COMPANY

Well to be fair the reference in the headers is to: "THE FREE LOTTO COMPANY" in a section that is easily forged. We can not see the body because you still have not provided a TrackingURL for this spam.

[turetzsr]

Well to be fair the reference in the headers is to: "THE FREE LOTTO COMPANY" in a section that is easily forged.

<snip>

...In other words, it could be a "Joe Job."

[epgeek]

Is this what you need in order to verify the above:

http://members.spamcop.net/mcgi?action=get...rtid=2028664623

[Wazoo]

Is this what you need in order to verify the above:

http://members.spamcop.net/mcgi?action=get...rtid=2028664623

No .... I provided a link to the description/defnition of Tracking URL .....

You have provided a Report-ID number/link .... see Getting a Tracking URL from a Report ID ..

This time, really look at the data provided instead of floating on by the links/help offered ...

There is no issue on "verifying" anything ... the previous remarks were based on data not provided, seen, etc.