Page 1 of 3 123 LastLast
Results 1 to 40 of 82
  1. #1
    Join Date
    Nov 2001
    Location
    The South
    Posts
    5,403

    Spamcop - Oh here's a good one

    Got a Spamcop message last night, haven't had one in a few months guess I'm due.

    So I read through it figuring to find out who's account I need to nuke. Imagine my surprise when the only place I see one of my servers mentioned in the email is as the RECEIVING server of the spam.

    Received: from unknown (HELO localhost.localdomain) (211.101.236.180) by
    an.rsta.org with SMTP; 1 Aug 2002 11:07:01 -0000
    That's my server allright, RECEIVING the spam.

    Yes folks, my server is now listed on Spamcop for RECEIVING spam.

    No I'm not really amused, it pisses me off really and they better fix this little "booboo" soon this is totally unacceptable.

    I'm not really a fan of these un-monitored uncontrolled vigilante blacklists, you can't have a trustworthy police force when no one has any control over them who's not a part of them. Just ask my granddad in Germany how it works out when the policing body isn't answerable to anyone and is controlled only by those with the same agenda.

    Ok here's the full message so maybe you can tell me what I'm missing:

    [SpamCop (http://www.sujee.net) id:97744176]www.x.net



    From:
    [email protected]


    To:
    [email protected]


    Date:
    1 Aug 2002 11:07:01 -0000
    - SpamCop V1.3.3 -
    This message is brief for your comfort. Please follow links for details.


    http://spamcop.net/w3m?i=z97744176ze...a321522a46b61z
    Spamvertised website: http://www.sujee.net

    > http://www.sujee.net is 12.37.166.66; Fri, 02 Aug 2002 03:51:39 GMT



    Offending message:
    Return-Path: <[email protected]>
    Delivered-To: x
    Received: (qmail 14119 invoked from network); 1 Aug 2002 11:07:01 -0000
    Received: from unknown (HELO localhost.localdomain) (211.101.236.180) by
    an.rsta.org with SMTP; 1 Aug 2002 11:07:01 -0000
    Received: from emaserver ([211.157.101.50]) by localhost.localdomain
    (8.11.6/8.11.6) with ESMTP id g71B1eg12612 for <x>; Thu, 1
    Aug 2002 19:01:58 +0800
    Message-ID: <[email protected]>
    Date: Thu, 1 Aug 2002 19:02:21 +0800 (CST)
    From: Sarah Williams <[email protected]>
    Reply-To: Sarah Williams <[email protected]>
    To: x
    Subject: www.x.net
    Mime-Version: 1.0
    Content-Type: multipart/alternative; boundary=1132609206.1028199741671.JavaMail.SYSTEM.emaserver
    X-EMA-CID: 6502058
    X-EMA-LID:
    X-EMA-PC: 0ef642fae9a00



    --1132609206.1028199741671.JavaMail.SYSTEM.emaserver
    Content-Type: text/plain; charset=utf-8
    Content-Transfer-Encoding: 7bit


    Hi


    I visited www.x.net, and noticed that you're not listed on some search engines! I think we can
    offer you a service which can help you increase traffic and the number of visitors to your website.


    I would like to introduce you to TrafficMagnet.com. We offer a unique technology that will submit your
    website to over 300,000 search engines and directories every month.


    You'll be surprised by the low cost, and by how effective this website promotion method can be.


    To find out more about TrafficMagnet and the cost for submitting your website to over 300,000 search
    engines and directories, visit us at:


    http://emaserver.trafficmagnet.net/t...Fcy6+769pcvyEA



    I would love to hear from you.



    Best Regards,


    Sarah Williams
    Sales and Marketing
    E-mail: [email protected]
    http://www.TrafficMagnet.com


    This email was sent to x.
    I understand that you may NOT wish to receive information from me by email.
    To be removed from this and other offers, simply go to the link below:
    http://emaserver.trafficmagnet.net/t...ead&UI=6502058
    --1132609206.1028199741671.JavaMail.SYSTEM.emaserver
    Content-Type: text/html; charset=utf-8
    Content-Transfer-Encoding: 7bit


    <HTML>
    <HEAD>
    <!-- 1.0 -->
    <TITLE></TITLE>
    <STYLE TYPE="text/css">
    <!--
    TD { font-family: verdana, arial, helvetica; font-size: 11px; color: #000000 }
    -->
    </STYLE>
    </HEAD>
    <BODY BGCOLOR="#FFFFFF">
    <TABLE WIDTH="600" BORDER="0" CELLSPACING="0" CELLPADDING="0">
    <TR>
    <TD>Hi<BR>
    <BR>
    I visited <A HREF="http://emaserver.trafficmagnet.net/trafficmagnet/www/r?1000001919.392.5.XLny4HZZ4r3GW5">www.x.net</A>, and
    noticed that you're not listed on some search engines! I think we can offer
    you a service which can help you increase traffic and the number of visitors
    to your website.<BR>
    <BR>
    I would like to introduce you to <A HREF="http://emaserver.trafficmagnet.net/trafficmagnet/www/r?1000001919.392.2.u4ffJWvt5C$qFI">TrafficMagnet.com</A>. We offer a unique technology
    that will submit your website to over 300,000 search engines and directories
    every month.<BR>
    <BR>
    <TABLE WIDTH="398" BORDER="0" CELLSPACING="0" CELLPADDING="0" ALIGN="center">
    <TR>
    <TD><A HREF="http://emaserver.trafficmagnet.net/trafficmagnet/www/r?1000001919.392.8.ju6J4MIdwERtK9"><IMG SRC="http://www.trafficmagnet.com/img/img_tm.gif" WIDTH="137" HEIGHT="136" BORDER="0"></A>&nbsp;</TD>
    <TD><A HREF="http://emaserver.trafficmagnet.net/trafficmagnet/www/r?1000001919.392.11.aqWl3Sa7HVLNps"><IMG SRC="http://www.trafficmagnet.com/img/img_website.gif" WIDTH="197" HEIGHT="141" BORDER="1"></A></TD>
    <TD VALIGN="bottom"><A HREF="http://emaserver.trafficmagnet.net/trafficmagnet/www/r?1000001919.392.14.h1irpSHrAnukO4"><IMG SRC="http://www.trafficmagnet.com/img/img_signup.gif" WIDTH="62" HEIGHT="136" BORDER="0"></A></TD>
    </TR>
    </TABLE>
    <BR>
    You'll be surprised by the low cost, and by how effective this website promotion
    method can be. <BR>
    <BR>
    To find out more about TrafficMagnet and the cost for submitting your website
    to over 300,000 search engines and directories, visit <A HREF="http://emaserver.trafficmagnet.net/trafficmagnet/www/r?1000001919.392.17.mMbBN41CFU6kPZ">www.TrafficMagnet.com</A>.
    <BR>
    <BR>
    I would love to hear from you. <BR>
    <BR><BR>
    Best Regards,<BR><BR>
    Sarah Williams<BR>
    Sales and Marketing<BR>
    E-mail: [email protected]<BR>
    <A HREF="http://emaserver.trafficmagnet.net/trafficmagnet/www/r?1000001919.392.20.Pt+smp4Iv+3fQe">http://www.TrafficMagnet.com</A>
    <P>&nbsp;</P></TD>
    </TR>
    <TR>
    <TD><FONT COLOR="#999999">This email was sent to x.<BR>
    I understand that you may NOT wish to receive information from me by email.<BR>
    To be removed from this and other offers, simply <A HREF="http://emaserver.trafficmagnet.net/trafficmagnet/www/optoutredirect?UC=Lead&UI=6502058">click here</A>.<BR></FONT>
    </TD>
    </TR>
    </TABLE>
    <IMG SRC="http://emaserver.trafficmagnet.net/trafficmagnet/www/picture.jsp?UC=Lead&UI=6502058&CRID=392CR1000001919" ALT="." HEIGHT=1 WIDTH=1>
    </BODY>
    </HTML>
    --1132609206.1028199741671.JavaMail.SYSTEM.emaserver--
    Gary Harris - the artist formerly known as Dixiesys
    resident grumpy redneck
      0 Not allowed!

  2. #2
    Join Date
    Oct 2001
    Location
    Kansas City, MO
    Posts
    366
    I agree with you. These lists are ridiculous.
      0 Not allowed!

  3. #3
    Join Date
    Dec 2001
    Location
    Above The Clouds
    Posts
    6,999
    Spamcop sucks, so does Spews, Orbz, Osirsoft - the whole friggin lot need to be boxed up and launched on the next shuttle. I mean, is a spammer going to use his own server to spam through? Of course not. They scour for a victim.

    All IPs listed in these lists are legit hosts. I just had to reroute email through another IP on one of our servers because of these lists.
    Laurence Flynn @ atOmicVPS LTD
    Linux & Windows Cloud Hosting Solutions Powered by OnApp
    Fully Managed [Shared][Reseller][Cloud VPS] [Dedicated]
    Featuring the atOmicSTACK ● Speed ● Performance ● Reliability
      0 Not allowed!

  4. #4
    Join Date
    Aug 2000
    Location
    Tacoma, Washington
    Posts
    9,576
    I've fed the odd trafficmagnet one throygh SpamCop due to Sarah and her filthy spamming ways. From memory your own domain will show up in the report, but with the check box unchecked. You need to check that box first to get complaints sent to 'yourself'. Maybe someone you host did it?

    Just a guess.

    Greg Moore
    Former Webhost... now, just a guy.
      0 Not allowed!

  5. #5
    Join Date
    Jul 2002
    Posts
    206
    how to ban these SPAMming websites TrafficMagnet.net or trafficMagnet.com
      0 Not allowed!

  6. #6
    Join Date
    Apr 2001
    Location
    Palm Beach, FL
    Posts
    1,095

    Re: Spamcop - Oh here's a good one

    Originally posted by Dixiesys
    No I'm not really amused, it pisses me off really and they better fix this little "booboo" soon this is totally unacceptable.

    I'm not really a fan of these un-monitored uncontrolled vigilante blacklists, you can't have a trustworthy police force when no one has any control over them who's not a part of them. Just ask my granddad in Germany how it works out when the policing body isn't answerable to anyone and is controlled only by those with the same agenda.
    At least SpamCop has warm bodies on the other end that can fix problems like these. You can't say that for some other lists out there (SPEWS).

    I usually get problems with SpamCop resolved in a couple of hours.
      0 Not allowed!

  7. #7
    Join Date
    May 2002
    Location
    Michigan
    Posts
    1,799
    I don't get it. Are you being blacklisted for receiving spam?
    DANG DANG! DANG!!
    I know ***** ripped off everybody else, but they wouldn't do it to me.
    "When you use bottom feed for bait, you are only going to catch bottom feeders."
    "You do what you are, and you are what you do."
      0 Not allowed!

  8. #8
    Join Date
    Nov 2001
    Location
    Kansas City, Missouri
    Posts
    265
    Example of SPEWS Support:

    Message to them:

    I got listed by accident when we opened a new server with IMAIL that we forgot to turn off open relay during the first 24 hours, someone found it, and got us listed with you. Can you please test the IP that you found that caused you to block 2 whole Class C addresses that we own and unblock us?

    Message from them (exact paste):

    If you guys were not such dumbas*es you would not of got blacklisted. Maybe in 6 months you can send to people that use us, until then, you will learn not to support spam.


    Now how did I support spam, I explained to them what happened, and invited them to see that the problem was fixed. I am lost. How is this even legal to some extent???
    ICQ:176143736
      0 Not allowed!

  9. #9
    Join Date
    Jul 2002
    Posts
    206
      0 Not allowed!

  10. #10
    Join Date
    Jun 2000
    Location
    Alabama of course
    Posts
    1,576
    Node, the only reason spews is legal is the fact that the owner/operator runs around and hides in the shadows. Many other spam block lists that tried to do what spews does got sued and shut down (I don't remember the exact names or cases). So spews is probabbly doing a good bit of illegal stuff but by using russian servers and living god knows where spews seems to be hard to track down.
    KnownHost Managed VPS Specialists
    Fully Managed VPS, Hybrid,and Dedicated Servers
    KnownHost is hiring! Click here for more information!
      0 Not allowed!

  11. #11
    Join Date
    Apr 2001
    Location
    Palm Beach, FL
    Posts
    1,095
    Yet another reason why I abhore SPEWS.
    Alex Llera
    Professional Server Management
    FreeBSD|Linux|HSphere|Cpanel|Plesk
      0 Not allowed!

  12. #12
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,962
    Unlike SPEWS http://abuse.net/ is one of the few reputable ones that will actually work with you. I have gotten a responsive and courteous email back everytime I have contacted them.

    Negative section removed as a favor asked of me by a good friend.
    Last edited by Webdude; 08-07-2002 at 01:11 PM.
      0 Not allowed!

  13. #13
    Join Date
    Nov 2001
    Location
    The South
    Posts
    5,403
    Whoa dude, that's just mean. Of course I wouldn't submit with my real internet access (not that I'd condone this) but I'd get some 'free AOL' time to do it from I mean, no need in antagonizing these ... organizations with your real IP ya know. Not that I'd do this or condone anyone else with some free time and a grudge to do it either but I sure would make sure to use "throwaway" access.
    Gary Harris - the artist formerly known as Dixiesys
    resident grumpy redneck
      0 Not allowed!

  14. #14
    Join Date
    May 2002
    Location
    Michigan
    Posts
    1,799
    shhhh, you didn't really say that. At least I didn't hear it.

    btw, AOL isn't just a "throwaway" it is more like a "reformat away"
    DANG DANG! DANG!!
    I know ***** ripped off everybody else, but they wouldn't do it to me.
    "When you use bottom feed for bait, you are only going to catch bottom feeders."
    "You do what you are, and you are what you do."
      0 Not allowed!

  15. #15
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,962
    Spamcop interacts with Abuse.net. Keep all your stuff correct with Abuse.net and you really wont have a prob with Spamcop.

    Negative section removed as a favor asked of me by a good friend.
    Last edited by Webdude; 08-07-2002 at 01:11 PM.
      0 Not allowed!

  16. #16
    Join Date
    Jul 2002
    Posts
    206
    btw wats the website of SPEWS?
      0 Not allowed!

  17. #17
    Join Date
    Nov 2001
    Location
    Kansas City, Missouri
    Posts
    265
    ICQ:176143736
      0 Not allowed!

  18. #18
    Join Date
    Jan 2002
    Location
    Scotland, UK
    Posts
    2,687
    These Anti-Spam sites think their out to do the world a favour, but to be quite frank they would do us all more of a favour by shutting down.
    Chris Adams - CEO - Rochen Ltd. - chris (at) rochen (dot) com

    Now offering both US & UK premium business hosting, reseller hosting and managed virtualized services.
    rochen.com | rochen.co.uk | blog.rochen.com | forums.rochen.com | Twitter: @rochenhost
      0 Not allowed!

  19. #19
    Join Date
    Nov 2001
    Location
    Kansas City, Missouri
    Posts
    265
    When anti-spam sites came around, the ISP's were still not regulating the spam. Now that people are doing it, we do not need lists like this, as most webmail programs have a "block" feature in them.

    I am sick of it, as spews has blacklisted 2 full Class C's of mine, told me that it was because we were stupid, and refused to unlist me even though the problems were corrected.

    We have customers that now can not send to people that have done nothing wrong, and we have orders to people each day that we have to use hotmail or something because of these people. (Most are free email accounts, but it is still the point)

    Anyone have any ideas on how to go about getting rid of unregulated directories like SPEWS?
    ICQ:176143736
      0 Not allowed!

  20. #20
    Join Date
    Apr 2001
    Location
    St. Louis, MO
    Posts
    2,508
    Ugh... TrafficMagnet just irritates me.
    Mike @ Xiolink.com
    http://www.xiolink.com 1-877-4-XIOLINK
    Advanced Managed Microsoft Hosting
    "Your data... always within reach"
      0 Not allowed!

  21. #21
    Join Date
    Jun 2000
    Location
    Alabama of course
    Posts
    1,576
    Well... we could always do a coordinated dos attack against their servers... I mean they *are* in russia and its not like their gunna break their cloak of secrecy to go after anybody hehe

    Who knows... it could be fun! heh
    KnownHost Managed VPS Specialists
    Fully Managed VPS, Hybrid,and Dedicated Servers
    KnownHost is hiring! Click here for more information!
      0 Not allowed!

  22. #22
    Join Date
    Dec 2001
    Location
    Detroit, MI
    Posts
    1,067
    From a brief telephone conversation yesterday with Joe at osirusoft.com:
    In my attempt to walk on water I've found myself knee-deep in sh*t.
    Poor guy, accidentally blocked an entire /12 yesterday which I just happened to be a part of. Took care of it immediately, but this just goes to show that mistakes *do* happen with lists like these and innocents suffer from it.

    The bottom line is that they are trying to regulate something they hve no business regulating. The only way to really get rid of them is to stop acknowledging them, as hard as that may be.
    <!-- boo! -->
      0 Not allowed!

  23. #23
    You can't get rid of things like SPEWS. They are breaking no laws. Whether some ISP or network admin decides to use their listings is entirely up to that ISP or admin. SPEWS simply collects items from the .sightings newsgroup and lists them. It is rumored, but not confirmed, that nominations to SPEWS are accepted via the other email abuse newsgroup - I doubt this, personally. There is nothing illegal or even unethical about those actions. What people decide to do with the information presented in the lists is their choice. If it impacts you, then you should determine why that is: are you not taking care of spam complaints in a timely fashion, and thus landing yourself on the unreformed list? Are you buying connectivity from a company that is known not to deal with their spammers (Verio comes immediately to mind)? Are you being combatative when admins inform you of spammers or file abuse reports (this happens more than you would believe)? These "you"s are, of course, generic, and not directed at anyone in particular. It is simple enough to be removed from SPEWS if the problem has been addressed, and we have helped other people get off the listing by helping them root out spammers or by helping them find a different provider than the one they were using, who would not stop their customers from spamming. If you have major problems with some entity that uses the listings from SPEWS, then you should take those problems up directly with those people - after all, they are the ones blocking you, not SPEWS.

    I would imagine that trying any attacks against SPEWS would have some results that would be severely counterproductive to your life online.
    Annette
    Hosting Matters, Inc.
    Superior service. Sensible price.
      0 Not allowed!

  24. #24
    Join Date
    Apr 2002
    Location
    Canada
    Posts
    283
    Originally posted by RackMy.com
    Ugh... TrafficMagnet just irritates me.
    I got like 6 of those today!
    Jason Mansfield - jmansfie [at] uoguelph.ca
      0 Not allowed!

  25. #25
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,962
    Post removed as a favor asked of me by a good friend.
    Last edited by Webdude; 08-07-2002 at 01:09 PM.
      0 Not allowed!

  26. #26
    Join Date
    Jul 2002
    Location
    ... in my mind ...
    Posts
    150

    Give the old Cop a call...

    I received some very confusing garble from Spam Cop about eight months ago... accusations, threats... etc. And I don't even have a server, and I've never spammed anybody in my seven years on the net. I have nothing to spam. Someone at Cybercon, Inc., a NOC in St. Louis was somehow sending out zillions of emails with one of my domain names involved in the header info. How they did it, I'll never know. I had tried my hand at leasing a server there about three years ago. It was then I learned it's best if I know something about UNIX before spending all that money. Somehow, there was still some reference to my domain name on a server there.

    Since I didn't understand the CopTalk, I responded with an Email asking what it all meant. The response I received was (paraphrased): "How do we know you are a real live human being and not a robot trying to probe us? To prove you are real, do this, do that, stick your left foot in, stick your left foot out, stick your left foot in, and turn it all about..., blah blah, ad infinitum."

    So I jumped through the hoops, and finally got a response from old Wyatt Earp himself. The response was a technical explanation to a layman's question. I still didn't get it, and still didn't like being on anyone's "most wanted" list.

    So I checked to see if the Marshall had a jail I could call. Yep.
    WHOIS: Domain Name: SPAMCOP.NET
    Registrar: CORE INTERNET COUNCIL OF REGISTRARS

    Admin Contact, Technical Contact, Zone Contact:
    Julian Haight (COCO-254526) [email protected]
    206-362-5759

    I called him. He seemed somewhat surprised that I would call him, but nevertheless did his best to explain to me what was going on. I didn't get most of it, even hearing it from him, but what I did get from the conversation was his satisfaction that he had made a mistake... my address was being "spoofed" or something like that.

    Also, I must share my observations with you that the old Cop seemed rather meek "in person". After my third call to him, I believe he was regretting that his number was listed in the whois.

    I personally believe that SpamCop and other like minded organizations are indeed breaking the law somehow. I'm just not sure how yet. I would like to know by what authority they can disrupt another person's business. In the "live world", you just don't disrupt a business and cut off profits without due process of law. I think it's called "interfering with commerce, or free trade" or something like that. There are procedures that must be followed to protect the innocent.

    Regarding "Traffic Magnet". I've been receiving those for a couple of years. They are breaking copyright laws by duplicating your homepage in the Thumbnail graphic that accompanies their spam. There is no "Sarah". I've tried tracking this idiot down.
    WHOIS: Domain Name: TRAFFICMAGNET.COM
    Registrar: CORE INTERNET COUNCIL OF REGISTRARS
    Admin Contact, Technical Contact, Zone Contact:
    admin zhron9 (COCO-856023) [email protected]
    none
    ======
    Strange the registrar is the same as SpamCop's.

    If I could find him, and he was in the U.S., I would most likely take a trip to his office, and beat him to a pulp with my bare hands. I find that solution much more rewarding than attacking his computers. I would prefer teaching him a lesson that he can associate with extreme physical pain when he might again consider stealing the bandwidth of so many good people.

    When I get spam, I do my best to find a phone number associated with the spam. Even if the spammer has hired a third party 800 line, I call repeatedly, and complain bitterly to the operator, in the hopes that the third party 800 line will realize it's not worth the aggravation.

    I tracked down a spammer to an office in Los Angeles several months ago. Got the number AND address from whois. I called the office. A young, haughty girl answered. I told her I wanted to speak to whomever was responsible for the spam. She flippantly told me all I had to do was delete it, or click the "unsubscribe" list. She had a **** you attitude.

    I told her I lived about ten miles from her office, and that if I received one more spam email from them, I was going to drive over there, stake out the place for a couple of days, and when the opportunity presented itself, I was going to cut her throat. She asked, "What did you say?" I repeated, in all seriousness, "If I get one more spam from your office, I am coming over there and I am going to cut your throat."

    Her reply: "Are you threatening me?"
    Mothers of the world unite! Spank your sons and make them quit fighting...
      0 Not allowed!

  27. #27
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,962
    Oh yeah! I remember those guys now! That "thumbnail" part reminded me

    Yeah, I blocked them a long time ago from our system. None of our clients get their spam. That's why I didnt remember them, because I dont recieve them anymore
      0 Not allowed!

  28. #28
    Join Date
    Feb 2002
    Location
    Clearwater, FL
    Posts
    5
    if you dont support spammers, then you should have nothing to worry about.

    and if accidents happen, and you get listed, with alittle bit of reading on the spews.org faq, you will find out just how to get removed. it is pretty easy actually (as long as the problem is fixed) but if you can't read the faq, then dont expect anything to get done.

    i dont really agree with ""the powers to be"" and how things actually are being done, but i have learned that if you strive to understand, and do your homework, you'll figure out the how, why, and what you need to know to stay safe and clean.

    rava
      0 Not allowed!

  29. #29
    Originally posted by Webdude
    Spews may not technically be doing anything illegal. However, they are doing enough wrong to have lawsuits against them if they were available to file suit against. I myself have gotten blocks of IP's that were "already" blocked by spews. Contacting them yielded no results, not even an email back. I had to exchange those blocks.
    Really. What "wrongs" would those be, precisely?

    However, technically, bombarding their servers as stated above is actually a decent option. If you cant get to them legally, you can get to them other ways. As stated, they would have to make themselves available to lawsuits in order to come out and cry about what's happening to them.
    So, you advocate abuse right back at what you're crying abuse about? A canny person involved at the receiving end of an attack such as the one you advocate would simply blackhole anything related to you, forever and ever, amen.

    The hosts here at WHT arent the only ones pissed at spews. Almost every host on the web is very well aware of spews and wants them gone.
    I am not pissed at SPEWS. I don't care about them one way or the other, actually. I'd like to see the results of your survey that you can make such a sweeping generalization that the vast majority of the thousands and thousands of hosts "wants them gone". Many hosts have no clue what SPEWS is at all.

    Back when spammers started hammering unsuspecting clients on hosts when they were using formmail, spews listed a whole messload of hosts, along with their clients. Even after hosts banned formmail, they are still blacklisted....all because of a poorly written script.
    I'm afraid you don't understand SPEWS as well as you think you do if you think a simple formmail script is what lands people in SPEWS.

    If spews is doing so much good and nothing wrong, why are they forced to hide out in Russia to avoid the legal action from thousands of upstanding hosts (from small hosts to major ones) that strictly enforce anti-spam rules themselves? Apparently they are doing something wrong if even the good guys dont like them.
    Forced? I wouldn't call it that. More like expediency to avoid frivolous lawsuits.

    And what does that mean? If they are forcefully shut down by hundreds of hosts, it would have no effect on me.
    It would if you participated and someone got pissed enough at you to drop you into their blacklist. You think SPEWS is bad? Try getting out of the blackholes that some admins keep personally.

    Spews is nothing but a renegade web cop who doesnt follow the rules of engagement. You try to avoid casualties. For example, you dont bomb a crowded room to get the one bad guy. For lack of a better term, that is exactly what spews does. They take out the bad guy regardless who else it hurts.
    I think that's the first time I've ever heard anyone classify SPEWS as a single person. My understanding, based on activity I've seen at SPEWS, is a progressively wider mask on IP blocks that are listed due to inaction on the part of host or connectivity provider. Does SPEWS catch people collaterally? Yes, it does. I've said so on numerous occasions. I can see the point of it, though, if continued inaction is the only result from spam complaints. It isn't pretty, but let's face it: economics is the name of the game.

    Before you argue the points here, you better go do some google searching on spews and find out just how bad it really is out there with these guys.
    More sweeping generalizations. I already know about SPEWs and participate in the groups. One of the assists we did was for someone locked up not only with their inability to deal with spammers in their block, but with multiple associations with spamhausen. Before you presume to lecture someone about doing their homework, perhaps you should do some of your own - or at least make a cursory attempt.

    I have never had a direct problem with Spews that I couldnt resolve. That guy sure thinks he's high and mighty for someone who's hiding from the world. Ask yourself why Spews is in hiding while Spamcop and Abuse.net are not.. Even those guys really dont care much for Spews. Nobody does, except aparrently, You.
    Let's see: abuse.net doesn't provide anything other than contact databases and links to reporting forms. Spamcop provides the spamcop bl that no admin in their right mind uses. I can see how you could make a comparison between those two and SPEWS, which is not only more encompassing, but more broadly used and more likely to piss off people. Sure. And I must have missed any posts where Julian says he doesn't care for SPEWS, but if you'd like to point it/them out, that would be interesting reading, I'm sure.

    And such a vitriolic post arising from something very simple: you can't get rid of SPEWS unless you'd like to spend the thousands and thousands of dollars to track down the responsible parties. I don't believe tracking SPEWS down to be an impossible task. I'm surprised that you do. Where's your venom for Steve at Spamhaus.org - or, do you not have any, because you personally have never been affected by the listings there? What about Morely's refuse list, which he publishes in public for everyone to see? Going after SPEWS because they publish a list is foolish, just as it would be foolish to go after someone who publishes a list of movies that no one should ever watch when you find you can't rent one of those movies at your local video store.

    You don't seem to understand that SPEWS != something blocking you from anything. No one is under any obligation to carry your mail on their systems, just as you are under no obligation to carry anyone else's mail on systems you manage. If you want to change things, then you are going to have to convince the admins who use the SPEWS listings that their actions are causing more harm than good. I believe you'd have a hard time doing that, but more power to you.
    Last edited by Annette; 08-03-2002 at 03:03 AM.
    Annette
    Hosting Matters, Inc.
    Superior service. Sensible price.
      0 Not allowed!

  30. #30
    Join Date
    Dec 2001
    Location
    Above The Clouds
    Posts
    6,999
    edit
    Last edited by NexDog; 08-08-2002 at 02:28 AM.
    Laurence Flynn @ atOmicVPS LTD
    Linux & Windows Cloud Hosting Solutions Powered by OnApp
    Fully Managed [Shared][Reseller][Cloud VPS] [Dedicated]
    Featuring the atOmicSTACK ● Speed ● Performance ● Reliability
      0 Not allowed!

  31. #31

    *

    I guess it does save time to completely bypass discussing the issue in favor of jumping to personal attacks, doesn't it? Your comment certainly illuminates one thing, but I doubt it's what you had in mind.
    Annette
    Hosting Matters, Inc.
    Superior service. Sensible price.
      0 Not allowed!

  32. #32
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,962
    http://www.dotcomeon.com/tel_pacific.html

    http://australianit.news.com.au/arti...nbv%5e,00.html

    http://www.clickz.com/feedback/reader/print.php/1367091

    A search on anti-spam website SPEWS.org reveals that at least 50 Australian organisations - including the National Maritime Museum and the Consulate General of Israel - are named on anti-spam black lists.
    Wow, the National Maritime Museum and the Consulate General of Israel are spammers?? Who knew! Perhaps it is another screwup by Spews! Seems they block anyone on a whim. There's more I found in the articles above, but it's 3AM and I am hitting the sack. Perhaps others will read them closely and comment.

    There are plenty more. Basically what spews does is instead of blocking just the spammer's IP, the block the whole block of IP's. So if a spammer's one IP is xxx.xxx.xxx.100 you better hope your own ip is not between xxx.xxx.xxx.0 and xxx.xxx.xxx.256 or your screwed. Just to block one spammer, they just blocked over 200 innocent people. Not to mention, one of those newstories explains how Telestra was entirely blocked by Spews because of a disagreement.

    As I said, I have never had a problem with Spews, but I know what I see going on. Spews has become as bad, if not worse, than the spammers themselves. In the real world, you would have serious problems with the law if you obstructed business. Currently there is no serious regulations on Spammers or Anti-Spammers. What I see is a big war heating up between the two, and the rest of us are caught in the middle to suffer eventually.

    I do disagree that "spammers" should be taking action against anti-spammers. But this is hurting business of nonspammers. For example, our relays are closed. However, if someone signed up and then spammed out, we may be listed on Spews before we even know about the spammer.

    As for your comment on Formmail....read up. Once again, you are talking about something you know little about..

    Part of a recent email to our clients about us banning formmail::
    ###################################################################
    In case you are unaware of the risk FormMail poses to you, it is suffice to say that if a spammer finds it under your domain and spams through it, it looks like "you" are doing it, and can get your account shut down...and that is at any host. It is "very" insecure.

    Summary
    The CGI program Formmail.pl lacks adequate security checks and allows spammers to send anonymous e-mail using vulnerable host as mail relays.
    This vulnerability has already been exploit by spammers in many installations of Formmail.pl.


    Details
    Matt Wright's formmail.pl program does a "security check" on the HTTP_REFERER server variable. The security check is usually used to verify that information submitted from a form came from a proper or designated domain. This is usually done to prevent someone from creating a local, malicious form to submit to a script. This can be easily bypassed by passing a raw HTTP request, and faking the HTTP Referrer. This script also allows you to set the recipient's email address in the form. These two factors allow a malicious user to use the formmail.pl program two distribute their email (SPAM).

    Exploit:
    A URL such as the following:
    http://www.example.com/cgi-bin/FormMail.pl? [email protected]&message= Proof%20that%20FormMail.pl%20can%20be%20used%20to%20send%20anonymous%20spam.

    Will send an anonymous e-mail if the installed FormMail.pl is vulnerable.

    Workaround:
    1. Remove your formmail.pl script until the author provides a fix.
    or:
    2. Hard code the recipient's email address in the formmail.pl program. Do not rely on the address submitted by the user.
    ###################################################################
    I did neglect to mention that since we do both named and static IP hosting, it could cause whatever IP blocks (the entire thing) to be listed on anti-spam lists.

    Luckily I do rotate our IP blocks about every 6 months...which has done well in keeping us out of Spews most likely when we had the bout with spammers using our client's accounts to spam thru.
      0 Not allowed!

  33. #33
    Join Date
    Dec 2001
    Location
    Above The Clouds
    Posts
    6,999
    <removed>

    Before you presume to lecture someone about doing their homework, perhaps you should do some of your own - or at least make a cursory attempt.
    What a cheek and I'm sure the people who have been really affected by Spews and their ridiculous attitude resent your own lecture. Eloquently written, obviously educated but you started taken the snipes. What has been illuminated here is some chip on your shoulder.

    If you want to change things, then you are going to have to convince the admins who use the SPEWS listings that their actions are causing more harm than good. I believe you'd have a hard time doing that, but more power to you.
    That would be not addressing the root of the problem. Spews is one, the users are many. I mean, c'mon.....


    I don't know the inside workings as you appear to do. But I know why and how Spews will ban and the attitude with which they do it. Why are you defending them and how could you? I just managed to get an IP removed from Outblaze. It took one email request. Spews just laugh in your face and call you names.
    Last edited by Chicken; 10-22-2002 at 02:12 AM.
    Laurence Flynn @ atOmicVPS LTD
    Linux & Windows Cloud Hosting Solutions Powered by OnApp
    Fully Managed [Shared][Reseller][Cloud VPS] [Dedicated]
    Featuring the atOmicSTACK ● Speed ● Performance ● Reliability
      0 Not allowed!

  34. #34
    Laurence, if you would like to address any of the points made with anything approaching civility or something to back up what you claim, please feel free. That's not addressing the issue, but come on. Surely you can do something - anything - other than personally attack me just because you don't agree with what I'm saying on this.

    Why post in this topic, you ask? Because someone asked what could be done about SPEWS, and I offered my opinion. I believe my initial post was quite clear in its scope. I am not defending SPEWS. They don't need my help, and I have disagreed with some things in their listings from time to time as overly broad - as I mentioned, and as you seem to have skipped right over. I am saying that instead of whining about SPEWS and how bad it is, how about someone stepping up and talking (in a courteous, rational way) to the people who actually use the listings and try to give them some sort of evidence that their use of the list does more damage than it helps? It is, admittedly, not an easy task for someone who wants to do that, but I've always been a fan of people actually doing something about the things they complain about instead of just ranting about it to anyone who will listen.
    Annette
    Hosting Matters, Inc.
    Superior service. Sensible price.
      0 Not allowed!

  35. #35
    Join Date
    Dec 2000
    Location
    The Woodlands, Tx
    Posts
    5,962
    I am saying that instead of whining about SPEWS and how bad it is, how about someone stepping up and talking (in a courteous, rational way) to the people who actually use the listings and try to give them some sort of evidence that their use of the list does more damage than it helps?
    I know where Spews is(which is Australia by the way, not Russia). I dont know where all these others are.
      0 Not allowed!

  36. #36
    Originally posted by Webdude
    [snip links]

    Wow, the National Maritime Museum and the Consulate General of Israel are spammers?? Who knew! Perhaps it is another screwup by Spews! Seems they block anyone on a whim. There's more I found in the articles above, but it's 3AM and I am hitting the sack. Perhaps others will read them closely and comment.
    Sorry, had to break this into two replies, as otherwise it would be like reading Greer.

    Now, you know as well as I do that those people are not spammers. You also know as well as I do that SPEWS does have erroneous listings (if you follow the groups, you'll remember one huge slip of the keyboard that wound up listing several million addresses instead of (I believe) a single /24). Basing conclusions just on newspaper articles (in one case, where the reporter doesn't seem to have a grasp on much anyway) is not enough. And again, you're missing something, just as Telstra is: SPEWS does not block anyone. Individual admins do this.

    [Snipped basic lesson on SPEWS listing of blocks - yes, I know these things, thanks.]

    As I said, I have never had a problem with Spews, but I know what I see going on. Spews has become as bad, if not worse, than the spammers themselves. In the real world, you would have serious problems with the law if you obstructed business.
    And here, you have eloquently outlined the problem I see with people who constantly point to SPEWS as the big bad wolf. SPEWS is not obstructing anyone's business. Can you prove that they are?

    Example: Say you are trafficmagnet, distasteful as that might be. I, as an admin, reject mail from trafficmagnet, those persistent spammers. Say further I create a list: here are the spammers I know and reject. Nexdog uses that list to filter for his sites/servers (since he says he filters trafficmagnet, and who can blame him?). You, as trafficmagnet, suddenly find yourself unable to send your "I saw your site" mails to Nexdog, because he's used my list and your mail to him is bouncing. If he wanted to whitelist trafficmagnet on that list, he could do that. He chose not to, so your thumbnails of his site never reach their destination. It is not my fault that your mail is bouncing. Nexdog has used tools at his disposal to manage his systems as he sees fit. I am not obstructing your business, and Nexdog has no obligation to take your mail.


    I do disagree that "spammers" should be taking action against anti-spammers. But this is hurting business of nonspammers. For example, our relays are closed. However, if someone signed up and then spammed out, we may be listed on Spews before we even know about the spammer.
    I agree with your first part, but not the second. SPEWS is not a listing of open relays, and this is indicated directly in their FAQ. It appears to take quite some time to land in SPEWS for regular old folks like you and me unless we manage to get some IP block previously assigned to some spammer. That is also easy enough to fix unless the ultimate upstream has a wide mask listing. It's akin to earthlink bouncing mail from one of our servers because the IP range was previously assigned as a dialup range and was listed in their DULs - a polite note to them with the circumstance and current standing, and the problem is resolved.

    As for your comment on Formmail....read up. Once again, you are talking about something you know little about..
    Really? Can you show me a SPEWS listing based solely on formmail scripts? I'd like to see it.

    [Snip email to clients, as it has nothing to do with SPEWS]

    I did neglect to mention that since we do both named and static IP hosting, it could cause whatever IP blocks (the entire thing) to be listed on anti-spam lists.
    So do we. Ignoring spammers is not my forte, however.

    Luckily I do rotate our IP blocks about every 6 months...which has done well in keeping us out of Spews most likely when we had the bout with spammers using our client's accounts to spam thru.
    We've had spammers directly on the network. We've had spammers abuse client formmail scripts until we banned Matt's, while we tracked down the scripts and the users who had them. We've never had any problems with SPEWS because of either situation.

    With that, I bid you adieu for the time being (although I'd love to continue this discussion with at least you) as I have to work my you know what off this weekend since I have a jury duty summons for bright and early Monday. Civic duty calls...
    Last edited by Annette; 08-03-2002 at 05:15 AM.
    Annette
    Hosting Matters, Inc.
    Superior service. Sensible price.
      0 Not allowed!

  37. #37
    Your mail server received the spam and relayed it to the recipient mail server. That's a Bad Thing(tm)

    If you had secured your server then you wouldn't have any problems with Spamcop, or any other blacklists.
      0 Not allowed!

  38. #38
    Join Date
    Sep 2000
    Location
    Alberta, Canada
    Posts
    3,109
    Dixiesys, you had stated, "Ok here's the full message so maybe you can tell me what I'm missing" so allow me to step up to the plate.

    First: as mentioned by sinistre, it's always a good thing to "verify" that a Server will not Relay.

    Second: when the Spam was reported there are sometimes, boxes left "unchecked" with a message stating, "Do not check unless you know it came from them" or something close to those words. Have you ever used SpamCop yourself? Do you know for sure the person who reported the Spam did not incorrectly check the wrong box themselves?

    I know I've seen my own Email address or that of my NOC and the box was not checked. Had I checked it, a notice would have been sent, but that does not mean the Email address or IP would have been blacklisted.

    Your "report" to SpamCop shows you did not "take a minute to relax and reflect" on the situation and instead, sent them a knee-jerk, street-style, type notice. Understandable as we all do that sometimes, but hopefully you'll communicate again with SpamCop, in a more business-like manner. In your efforts to straighten this out, make sure you have "all" the facts first.


    Third: did you run the Headers through SpamCop yourself? I did, with the ones you first provided, and this is what it showed as origins:
    Please make sure this email IS spam:
    From: Sarah Williams <[email protected]> (www.x.net)
    --1132609206.1028199741671.JavaMail.SYSTEM.emaserver
    Content-Type: text/plain; charset=utf-8
    View full message

    Report Spam to:

    Re:211.101.236.180 (Administrator of network where email originates)
    To: [email protected] (Notes)
    To: [email protected] (Notes)
    To: [email protected] (Notes)
    To: [email protected] (Notes)

    Re:http://emaserver.trafficmagnet.net/trafficmagne... (Administrator of network hosting website referenced in spam)
    To: [email protected] (Notes)
    All boxes for the above were checked and I do not see where your Email address or IP is listed?

    Having used SpamCop (and recommending the service) for years, I know to look for the "first" Received line, as that is the originating Server. In this case:
    Received: from emaserver ([211.157.101.50]) by localhost.localdomain - this is not you.


    We cannot stop organizations like SpamCop nor would we want to. They are making great strides in cutting down on Spam. Also note, other sites and programs do the same thing in different areas. Search Engines for example, have been known to ban/block an IP address and heaven help those if it is a Shared IP.

    Hundreds of sites could be sharing that IP address, but if only one spammed the Search Engine and it blacklisted the IP, all the rest are SOL. Fair? Of course not, but that's life.

    Then there are the "Nanny" programs which seem to block sites willy-nilly. We don't even know about how many sites are blocked from those type programs. But, since what we don't know won't hurt us, most of don't care. Unless we hear back from someone using the program there is no justification in the time & effort to sort them out.

    Oh well.
    PotentProducts.com - for all your Hosting needs
    Helping people Host, Create and Maintain their Web Site
    ServerAdmin Services also available
      0 Not allowed!

  39. #39
    Join Date
    Aug 2001
    Posts
    1,210
    Originally posted by NexDog


    All IPs listed in these lists are legit hosts.
    That's the funniest thing I've read yet today.


    -Bob
      0 Not allowed!

  40. #40
    Join Date
    Aug 2001
    Posts
    1,210
    Originally posted by NodeHost
    Example of SPEWS Support:

    Message to them:
    Message to who, SPEWS? I don't think so. Spews does not contact anyone, does not have a contact address, nor do they respond to anyone either directly or indirectly - except through their listings.

    BTW, I saw in another post you were complaining about being "unfairly blocked" by SPEWS - I assume it's in reference to this:

    http://spews.org/html/S1573.html

    It looks like spam from "lotsofnakedchicks.com", who you are still hosting, is what landed you there.

    I'd be interested to hear your side of this.

    -Bob
      0 Not allowed!

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •