Spammer War Part 2

Posted: Sat Mar 29, 2003 1:55 am

WOW, would you guys believe that the dorks at GKG.net actually put a SPAM FILTER UP? I mailbombed all the spammers again today with a new updated page based on their attacks from the post the other day, well they tried to send me more and I retaliated.

Mirrored Site
Mail Bomb

Heres one that was blocked, no problem, easy to get around. They are dead meat.

SPAM: -------------------- Start SpamAssassin results ----------------------
SPAM: This mail is probably spam. The original message has been altered
SPAM: so you can recognise or block similar unwanted mail in future.
SPAM: See http://spamassassin.org/tag/ for more details.
SPAM:
SPAM: Content analysis details: (31.90 hits, 5 required)
SPAM: NO_REAL_NAME (-0.3 points) From: does not include a real name
SPAM: CALL_FREE (-0.7 points) BODY: Contains a tollfree number
SPAM: EXCUSE_14 (-0.2 points) BODY: Tells you how to stop further SPAM
SPAM: EXCUSE_15 (-0.1 points) BODY: Claims to be legitimate email
SPAM: BEEN_TURNED_DOWN (3.5 points) BODY: Have you been turned down?
SPAM: CLICK_BELOW_CAPS (2.4 points) BODY: Asks you to click below (in caps)
SPAM: CLICK_TO_REMOVE_2 (2.2 points) BODY: Click-to-remove with mailto: found beforehand
SPAM: EXCUSE_3 (1.9 points) BODY: Claims you can be removed from the list
SPAM: ALL_CAP_PORN (1.7 points) BODY: Possible porn - in ALL CAPS
SPAM: RICH (1.7 points) BODY: If only it were that easy
SPAM: OFFER (1.6 points) BODY: Free Offer
SPAM: EXCUSE_10 (1.3 points) BODY: "if you do not wish to receive any more"
SPAM: WE_HONOR_ALL (0.9 points) BODY: Claims to honor removal requests
SPAM: CLICK_BELOW (0.3 points) BODY: Asks you to click below
SPAM: HTML_FONT_COLOR_RED (-1.2 points) BODY: HTML font color is red
SPAM: LINES_OF_YELLING_2 (-0.7 points) BODY: 2 WHOLE LINES OF YELLING DETECTED
SPAM: HTML_FONT_FACE_ODD (-0.7 points) BODY: HTML font face is not a commonly used face
SPAM: HTML_FONT_COLOR_GRAY (-0.6 points) BODY: HTML font color is gray
SPAM: HTML_FONT_COLOR_UNSAFE (-0.5 points) BODY: HTML font color not within safe 6x6x6 palette
SPAM: BIG_FONT (-0.4 points) BODY: FONT Size +2 and up or 3 and up
SPAM: SPAM_PHRASE_08_13 (-0.1 points) BODY: Spam phrases score is 08 to 13 (medium)
SPAM: [score: 12]
SPAM: HTML_FONT_COLOR_MAGENTA (3.5 points) BODY: HTML font color is magenta
SPAM: HTML_FONT_COLOR_CYAN (1.1 points) BODY: HTML font color is cyan
SPAM: HTML_FONT_COLOR_BLUE (0.8 points) BODY: HTML font color is blue
SPAM: HTML_FONT_COLOR_YELLOW (0.6 points) BODY: HTML font color is yellow
SPAM: HTML_FONT_COLOR_NAME (0.3 points) BODY: HTML font color has unusual name
SPAM: LINES_OF_YELLING (0.3 points) BODY: A WHOLE LINE OF YELLING DETECTED
SPAM: MAILTO_LINK (-0.6 points) BODY: Includes a URL link to send an email
SPAM: CLICK_HERE_CAPS_LINK (1.7 points) BODY: Tells you to click on a URL (in caps)
SPAM: CLICK_HERE_LINK (1.6 points) BODY: Tells you to click on a URL
SPAM: HTTP_USERNAME_USED (3.0 points) URI: Uses a username in a URL
SPAM: NORMAL_HTTP_TO_IP (2.4 points) URI: Uses a dotted-decimal IP address in URL
SPAM: MAILTO_WITH_SUBJ (1.7 points) URI: Includes a link to send a mail with a subject
SPAM: MAILTO_TO_SPAM_ADDR (1.0 points) URI: Includes a link to a likely spammer email address
SPAM: CTYPE_JUST_HTML (0.7 points) HTML-only mail, with no text version
SPAM: UPPERCASE_25_50 (1.8 points) message body is 25-50% uppercase
SPAM:
SPAM: -------------------- End of SpamAssassin results ---------------------

Posted: Tue Apr 01, 2003 2:14 pm

I am proud to report that GKG.net has acceptability
and responsibility regarding the registration of spammers.

Yes people, the president of their company, called me.
Begging me to stop mailbombing them with spam!

When confronted that the spam orginated on their side,
from scumbags they registered, his tune changed.

Long story short, they will implement stricter guidelines and
routines for registering spammers, in accordance
with ICANN regulations.

However, such cases as the old lady being harrassed, will
be more stringently reviewed at the time of registering for
prevention of this ever happening again. More
attention to the obvious idiot information. Such as the case
of Marty McFly from Brookland NY. Ya know, Dalorian Inc. (Idiot cant even spell)

They were very willing to cooperate, especially after I mentioned,
I was bringing it to 2 Congressmen for a bill introduction.

I promised to cease and desist, was given the presidents personal
email account, and if I ever get it again, send it to him.

Lastly, I will work with them on locating and identifying, the spam
software they have in their accounts. Its a cgi program,
sometimes the name is changed, but it has only ONE purpose,
to spam. He agreed, and will have his support teams,
scour the domains for the existence of this program.

I call this a compromised victory

Spammer war against gkg.net is over. Hopefully.

Joined: Jan 31, 2004 Posts: -88

fancy bringing down another site??? Wink

I'm resuming my campaign against the recently resurrected customoffers.com to whom I've unsubscribed and had shut down more than once.

This time however, I'm bringing down that entire web host because of their refusal to shut this site down permanently (well actually, they've refused to shut the site down full stop - I shut it down the not so legal way the first 2 times).

I wander if they mind my email server bouncing 99 copies of every email they send me right back at them???

AI

Joined: Jan 31, 2004 Posts: -88

ok. the following 2 web hosts have just joined my hit list for hosts to shut down pending their failure to sort their clientelle out.

register.com

networksolutions.com

AI

Posted: Tue Apr 01, 2003 3:53 pm

smoothe AI. Thats similar to what I did to those spammers. those two registrars are next for me as well. Laughing

Major Joined: Jan 13, 2003 Posts: 892

Good thing the "Ponds" between you 2 or ya'd both be crawlin home from the pub after comparing notes.

Posted: Tue Apr 01, 2003 10:10 pm

yea your right!!! and a BIG pond it is.

Joined: Jan 31, 2004 Posts: -88

I can swim Wink

ok. here's the email I sent NetworkSolutions.com:

Quote:

To whoever bothers reading this email.
Your client, as identified below:
Domain Name: JUNO.COM
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: AUTHNS.LAX.UNTD.COM
Name Server: AUTHNS.NYC.UNTD.COM
Name Server: AUTHNS.WLV.UNTD.COM
Status: ACTIVE
Updated Date: 31-oct-2002
Creation Date: 17-dec-1994
Expiration Date: 16-dec-2004

Registrant:
United Online, Inc. (GRATIS-DOM)
2555 Townsgate Rd.
WESTLAKE VILLAGE,
CA 91361 US

Domain Name: JUNO.COM
Administrative Contact, Technical Contact:
United Online, Inc. (E4184-OR) hostmaster@noc.untd.com
United Online, Inc.
2555 Townsgate Rd.
WESTLAKE VILLAGE,
CA 91361 US
805 418 2000
fax: 805 418 2002

Record expires on 16-Dec-2004.
Record created on 17-Dec-1994.
Database last updated on 1-Apr-2003 18:13:18 EST.
Domain servers in listed order:
AUTHNS.WLV.UNTD.COM 64.136.16.21
AUTHNS.NYC.UNTD.COM 64.136.20.21
AUTHNS.LAX.UNTD.COM 64.136.28.21
Has been sending unsolicited emails of an adult nature to myself and other people I know. At no point have we subscribed to these emails, and after multiple attepmts are unsubscribing ourselves and contacting this company, we're still receiving them.
Furthermore, I have been lead to believe that this company has been selling my information to other companies without obtaining my prior permission, which is illegal in the UK and in the US under the Data Protection acts of 1982 and 1998 and under the Computer Abuse and Misuse acts respectively.
I would like to point out to you, if you haven't already figured this out, that the fact that they're sending this unsolicited (spam) email out which does contain adult material without checking our ages, this also is majorly worrying as who knows what ages people are receiving these emails from this company.
If immediate action isn't taken by yourselves to shut this customer of yours down permanently, I will be contacting the authorities and reporting both this company for essentially giving porn email to minors, but you also, for your failure to take action when it's your responsibility to do so as their domain registrar after it has been reported to you.

Regards

AI