fchan at molsci
Apr 11, 2012, 5:38 PM
Post #8 of 8
(449 views)
Permalink
|
On 30-03-2012 16:08, Frank Chan wrote:
> On 30-03-2012 10:11, Robert Schetterer wrote:
>> Am 30.03.2012 17:44, schrieb Richard Doyle:
>>> On 03/29/2012 05:10 PM, Frank Chan wrote:
>>>> On 02-03-2012 15:49, Frank Chan wrote:
>>>>> Here are some samples of this spam in pastebin:
>>>>>
>>>>> http://pastebin.com/djidF7dg
>>>>> http://pastebin.com/DQan00ve
>>>>> http://pastebin.com/1PizAzMv
>>>>> http://pastebin.com/Hd6vVpYi
>>>>>
>>>>> Thank you,
>>>>> Frank
>>>>>
>>>>> On 02-03-2012 14:31, Jeremy McSpadden wrote:
>>>>>> Pastebin some emails + headers
>>>>>>
>>>>>> --
>>>>>> Jeremy McSpadden
>>>>>> Flux Labs, Inc
>>>>>> http://www.fluxlabs.net<http://www.fluxlabs.net/>
>>>>>> Endless Solutions
>>>>>> Office : 850-588-4626
>>>>>> Cell : 850-890-2543
>>>>>> Fax : 850-254-2955
>>>>>>
>>>>>> From: Frank Chan<fchan [at] molsci<mailto:fchan [at] molsci>>
>>>>>> Date: Fri, 2 Mar 2012 14:24:04 -0800
>>>>>> To:<users [at] spamassassin<mailto:users [at] spamassassin>>
>>>>>>
>>>>>>
>>>>>> Subject: Spam from Moniker Privacy Services.
>>>>>>
>>>>>> I'm getting a bunch spam from Moniker Privacy Services& other
>>>>>> domain
>>>>>> privacy services but they seem host their smtp servers everywhere in
>>>>>> the world (mostly in the US) and below are some examples of what I
>>>>>> got when I did a whois on the some of the domains:
>>>>>>
>>>>>> a-trigano.com
>>>>>> 66.197.198.131
>>>>>> OrgName: Network Operations Center Inc.
>>>>>> OrgId: NOC
>>>>>> Address: PO Box 591
>>>>>> City: Scranton
>>>>>> StateProv: PA
>>>>>> PostalCode: 18501-0591
>>>>>> Country: US
>>>>>>
>>>>>> irjaws.com
>>>>>> 74.199.140.202
>>>>>> OrgName: Metroglobe
>>>>>> OrgId: METRO-339
>>>>>> Address: 3675 S Rainbow Blvd
>>>>>> Address: 107-181
>>>>>> City: Las Vegas
>>>>>> StateProv: NV
>>>>>> PostalCode: 89103
>>>>>> Country: US
>>>>>>
>>>>>> But these domains (and many more) are registered to:
>>>>>>
>>>>>> Moniker Privacy Services
>>>>>> 20 SW 27th Ave. Suite 201
>>>>>> Pompano Beach FL 33069
>>>>>> US
>>>>>>
>>>>>> I'm checking if anyone else seen this and has anyone able to stop
>>>>>> this tspam from these domains hiding behind (or they just a front
>>>>>> for) these domain privacy services for spammers. The spam scores for
>>>>>> some of this spam are just below my spam score threshold so they are
>>>>>> slipping through.
>>>>>>
>>>>>> Thank you,
>>>>>> Frank
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>> Does anyone have a idea how to stop this type of spam messages from
>>>> Moniker Privacy Services, Enom and other domain name hiding
>>>> services. I
>>>> noticed that these domains will get blacklisted from various services
>>>> but not until afterwards which I have the spam message on my system.
>>>>
>>>> Thank you,
>>>> Frank
>>>>
>>> Most of the problem domains are new. Quarantine/block/score on
>>> domain age.
>> a few days ago, new domains with spam, moniker was involved was
>> discussed here use list archive
>>
>> or try here
>> http://anonwhois.org/usage.html#sa
> Hi Robert,
> Thank you for the link and I will try this to prevent this spam.
>
> Again thank you,
> Frank
>
>
After using anonwhois.org and Spam Easting Monkey and tuning it for week
now this seems reduce the amount of this anonymous domain spam.
Thank you for your assistance,
Frank
|
