Results 1 to 23 of 23
  1. #1
    Join Date
    Nov 2000
    Location
    Pennsylvania
    Posts
    472

    Angry Spews!!!!!!! Grrrrrr!!!!!!!!!!!

    Why do so many web hosts and ISP's listen to the fools over at spews.org? I run 3 Paid to read email sites. People who wish to be a member have to put in their email then CONFIRM that they wish to signup for the paid emails. Well SPEWS has blocked all the IPS of the host that is hosting my 3 sites and hundreds of other PTRE sites. How can they block a legit company? There is no spam coming from the server because the reason lists all the domains of the different paid email sites.

    If you ask me SPEWS people need to pull their heads of of their a$$es and block the real spammers.

    Because of these losers I now have to post on my 3 sites that members who have an email thats blocking us have 24 hours or lose their account. When they start complaining they lost all the money I owe them and the downline they have earned I will tell them to complain to their stupid ISP and SPEWS.





    SPEWS

  2. #2
    Join Date
    Jun 2001
    Location
    Kalamazoo
    Posts
    33,190
    Complainin' ta spews won't get em no where.
    Complainin' ta their ISPs might help though.
    There is no best host. There is only the host that's best for you.

  3. #3
    Join Date
    Sep 2002
    Location
    Mansfield
    Posts
    314
    Whats the "reason" they gave ? Post the IP's and case number.
    Just went through this w/ a class C.
    GUI admin tools have no honor. It is a good day to vi.

  4. #4
    Join Date
    Nov 2000
    Location
    Pennsylvania
    Posts
    472
    Heres the URL of the report...
    http://spews.org/html/S2084.html

  5. #5
    Join Date
    Nov 2000
    Location
    Pennsylvania
    Posts
    472
    I dont see how, when the people have to put in their email then click a link in that email and fill out a form, it could be considered spam.

    The host is also blocked by http://spamblock.outblaze.com/12.42.86.4


    How stupid are these people?

  6. #6
    Join Date
    Jun 2001
    Location
    Kalamazoo
    Posts
    33,190
    Originally posted by venomx
    . . . . . . . . . .
    How stupid are these people?
    What? You didn't read the last thread on them? Something about being run by idiots.
    There is no best host. There is only the host that's best for you.

  7. #7
    Join Date
    Nov 2000
    Location
    Pennsylvania
    Posts
    472
    Yeah... Gotta love it.. get 9,000,000 emails a day asking me if I want a bigger d*ck yet let you send PAID emails to people who REQUESTED it they block you... LMAO
    Last edited by venomx; 10-22-2002 at 11:43 PM.

  8. #8
    Join Date
    Oct 2002
    Posts
    122
    I looked at the listing and checked into the programs. On the surface it looks good (if someone consents to receive email, and prove that it is their email through confirmation, then it isn't spam), but I do note some problems. One of the programs I entered my email at sent me a confirmation email that did not have any sort of token in it. Thus, if you know the URL that will be sent in the confirmation email, you can falsify a confirmation by simply inserting the person whose email address you are falsifying in the expected URL. It can also be a problem if the confirmation code is generated by encoding or hashing the email address, rather than generating it randomly. If someone manages to falsify a confirmation, then you are sending spam, because the actual owner of the email address didn't ask for the mail. Spammers run around trying to get antispammers on mailing lists all the time to stir up trouble. Ditto if any of these programs start sending the advertising emails before someone has confirmed with a random unique code.

    I can also see in Google that there has been occasional referrer spam, but as it seems to be fairly well controlled, it is unlikely that SPEWS would list for that.

    The troubling thing is that the email header shown in the evidence file is what is typically shown when those who run SPEWS receive a spam in one of their personal mailboxes or a spamtrap, and neither SPEWS nor their spamtraps go around signing up for mailing lists. The problem for you is that if any one of these other email for cash programs slips just a little bit, you all get SPEW'd because you're all on the same mailhost. Check with myecom to make sure they are reading their abuse mailbox, and make sure they tighten up on the requirements for confirmation codes. Something else that could be added that will deter spammers and other people looking to listbomb someone is to put the IP that submitted the email address in the confirmation email.

    One other issue that the myecom.net folks should take care of is the contact information in their WHOIS. SPEWS doesn't list for bad contact information, but having false or incomplete contact information is typical of spammers. The registrars are also starting to crack down on it because ICANN is leaning on them under the terms of their contracts.

  9. #9
    Join Date
    Sep 2002
    Location
    Mansfield
    Posts
    314
    Quick search of the usual haunts for myecom.net shows a lot of get rich quick spam.
    If it looks like a duck....
    GUI admin tools have no honor. It is a good day to vi.

  10. #10
    Join Date
    Nov 2000
    Location
    Pennsylvania
    Posts
    472
    get rich quick spam?

    Ummm sorry I doubt anyone would get rich from 1 to 10 cent an email.... but sure if thats what you think.


    In my opinion these members I have warned dont wish to change their emails Ill take the money in their accounts. No problem. If they support a lame ISP who supports a backwards site like spews then thats there problem. From all the bounces it looks like most are from Italy and Russia where what we pay members in one mone is like a years income so its them losing out.

  11. #11
    Join Date
    Oct 2002
    Posts
    122
    I am now starting to get the list emails from one of these programs in spite of not having confirmed, although the emails are not coming from myecom.net. Since I did in fact enter my email address, I can't call it spam, but this could be used to spam people.

  12. #12
    Join Date
    Nov 2000
    Location
    Pennsylvania
    Posts
    472
    You shouldnt be. What site is it so I may email John at Myecom and let him know he needs to either upgrade that persons scripts or fix it.

    See we all use to run scripts from Create A Click, which did that. Then the host that CAC used started dumping us because these sites can use alot fo resources once you get alot of members. Well Myecom started making addons and patches for the scripts for people then decided to go ahead and just make his own script and start up a hosting division.

    The scripts made by Myecom should not send emails if you have not confirmed. If the one you signed up for is sending you the emails it is either not hosted by MEC, john missed upgradeing it to his scripts, or there is a bug in his script and he will fix it ASAP.

    So please which site is it?
    Last edited by venomx; 10-23-2002 at 12:16 PM.

  13. #13
    Join Date
    Oct 2002
    Posts
    122
    This is one that was linked off the front page under the "New Ways to Earn $$$" section, it is splocc.com, but I don't think it is hosted at myecom.net. They're now saying I need a password to unsubscribe.

    But the upshot is that someone has managed to land something in one of SPEWS's spamtraps. Have myecom check carefully to make sure that the scripts use a true random token, and not something like a hash that could be compromised if leaked out.

  14. #14
    Join Date
    Nov 2000
    Location
    Pennsylvania
    Posts
    472
    Nope splocc.com is not hosted by MEC and it uses the CAC scripts which WILL do what you are saying.

  15. #15
    Join Date
    Oct 2002
    Posts
    122
    Are all of the emails on everybody's lists fully confirmed, or is it possible that some people have some they brought with them from the old CAC days? Is is possible for people to add email addresses to their lists by any way other than the normal signup/confirmation method?

  16. #16
    Join Date
    Nov 2000
    Location
    Pennsylvania
    Posts
    472
    That could be a posability. Ill have Myecom email the webmasters for them to check. I kinda doubt it though because most of us have been with myecom for a while now and we all now have a way to delete all members who are inactive per X amount of days. Most of us use 30 days to delete inactives.

    The only way they could add peopel is to edit the mysql database and the way myecom has it set up I think it would be more trouble than its worth because he keeps the personal info seperate in the database. They would have to create the different tables for the personal info and then for the earnings.

    I also posted about this in alt.www.webmaster and someone gave me yahyahfindit.com which is a safelist hosted by Myecom. But if you look at their page they are a paid signup. So who would pay to sign up someone to spam them?
    Last edited by venomx; 10-23-2002 at 02:02 PM.

  17. #17
    Join Date
    Oct 2002
    Posts
    122
    yahyahfindit is not the list that is cited by SPEWS. There are numerous reports of spam from yahyahfindit in NANAS, but they are all from one person. I'm a realist, I know that idiots do in fact sign up for things and then either forget or maliciously report them as spam. It also happens that people leave ISP's, and then their email gets recycled, which is why it is important to tend to your bounces (glad to see that you're on top of that). But even if yahyahfindit is a paid list, they still need to confirm their members, because $3.95 is not going to stand in the way of spammers trying to spread a little hate for antispammers around.

    The spam cited in the SPEWS evidence file came from PaidMailINC. I tested their list, it appears to be properly confirmed, and no mail has started arriving without confirmation. The only thing I can think of is that myecom's confirmation process has been compromised somehow, and without knowing the details, I can't comment further on that.

  18. #18
    Join Date
    Oct 2002
    Posts
    122
    For those who were following this matter, it turns out that the token that myecom was using for confirmation is fairly easy to guess, and someone was abusing them by signing up other people's email addresses. John is working on getting everything locked down, and the email lists will be cleaned of the false signups.

    Case closed!

  19. #19
    Join Date
    Nov 2000
    Location
    Pennsylvania
    Posts
    472
    That part is closed but since I have been posting that SPEWS is flawed and stuff my spam and worm/virus emails have tripled.

    Just because I disagree with people about SPEWS doesnt mean I should be attacked in this manner! And these spam, worm, and virus emails are different. They are sending them as from me to me.

    Shows me how mature that group of people is. Well they wont get me because my anti virus, firewall, and router all protect me from that junk. And like I would really open an email from me to me? LMAO!!

  20. #20
    You really have to love the leaps of logic evident in some of these posts. It's more likely to be because you've posted using an unmunged (or untagged) address to a group that is constantly trolled and whose members are usually bombarded by these things even moreso than other groups. Either munge your address when posting to nanae or use something like [email protected], as most scrapers will discard abuse addresses as a matter of course.
    Last edited by Annette; 10-26-2002 at 10:17 PM.
    Annette
    Hosting Matters, Inc.
    Superior service. Sensible price.

  21. #21
    Join Date
    Oct 2002
    Posts
    122
    Venom, I've said it before and I'll say it again. There are numerous spammers that hang out in NANAE who take any opportunity to make antispammers look bad. That's what this whole thing with breaking the hash at myecom was about, to try to make trouble between people who are on the same side of the spam war. Don't fall for it. The number one rule of real antispammers is, "Don't fight abuse with abuse." Believe me, if real antispammers wanted to make life difficult for you, you wouldn't even be able to get on the internet, much less post here. Don't let yourself be dragged down to the same level as someone who can't control themselves when a spammer throws a little chum in the water by attacking you.

  22. #22
    Join Date
    Jul 2002
    Posts
    3,729
    Believe me, if real antispammers wanted to make life difficult for you, you wouldn't even be able to get on the internet, much less post here.
    It's this kind of talk that makes one hold both spammers and militant anti-spammers in the same regard.

  23. #23
    Join Date
    Nov 2000
    Location
    Pennsylvania
    Posts
    472
    I am sorry if I sounded like a kid but it just pissed me off. I know John, John (Myecom) is a very nice man and would never knowingly host a spammer. I hate spam just like everyone else. Back when I was a CAC site if someone signed people up under them and the people emailed em and told me they didnt sign up I investigated and removed the person who did it plus the ones who said they never signed up.

    The whole idea behind John taking and making his own script is because there was a need. CAC was the only AFFORDABLE paid email script but it used ALOT of resources. He started hosting us when other hosts started closeing accounts because sending 10,000+/- emails a few times a day and getting about that many hits and stuff to textfile database caused alot of strain on the servers. John started taking us on and decided the text database and cgi files were too much on the server so he made his own with PHP and mysql.

    John has been upgrading the servers and added a second T1 so he could host us with no problems. This man does more for us then any other person I know does for there members. You can email him about a bug in a script he didnt make and he will go in and fix it. When people attack him I dont take it too lightly.

    Then to be called a spammer from a bunch of people that dont know what they are talking about..... Ok I am rambling Ill shut up now....

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •