Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: SpamAssassin: users

Spam from Moniker Privacy Services.

 

 

SpamAssassin users RSS feed   Index | Next | Previous | View Threaded


fchan at molsci

Mar 2, 2012, 2:24 PM

Post #1 of 8 (1114 views)
Permalink
Spam from Moniker Privacy Services.

I'm getting a bunch spam from Moniker Privacy Services & other domain
privacy services but they seem host their smtp servers everywhere in the
world (mostly in the US) and below are some examples of what I got when
I did a whois on the some of the domains:

a-trigano.com
66.197.198.131
OrgName: Network Operations Center Inc.
OrgId: NOC
Address: PO Box 591
City: Scranton
StateProv: PA
PostalCode: 18501-0591
Country: US

irjaws.com
74.199.140.202
OrgName: Metroglobe
OrgId: METRO-339
Address: 3675 S Rainbow Blvd
Address: 107-181
City: Las Vegas
StateProv: NV
PostalCode: 89103
Country: US

But these domains (and many more) are registered to:

Moniker Privacy Services
20 SW 27th Ave. Suite 201
Pompano Beach FL 33069
US

I'm checking if anyone else seen this and has anyone able to stop this
tspam from these domains hiding behind (or they just a front for) these
domain privacy services for spammers. The spam scores for some of this
spam are just below my spam score threshold so they are slipping through.

Thank you,
Frank


fchan at molsci

Mar 2, 2012, 3:49 PM

Post #2 of 8 (1062 views)
Permalink
Re: Spam from Moniker Privacy Services. [In reply to]

Here are some samples of this spam in pastebin:

http://pastebin.com/djidF7dg
http://pastebin.com/DQan00ve
http://pastebin.com/1PizAzMv
http://pastebin.com/Hd6vVpYi

Thank you,
Frank

On 02-03-2012 14:31, Jeremy McSpadden wrote:
> Pastebin some emails + headers
>
> --
> Jeremy McSpadden
> Flux Labs, Inc
> http://www.fluxlabs.net<http://www.fluxlabs.net/>
> Endless Solutions
> Office : 850-588-4626
> Cell : 850-890-2543
> Fax : 850-254-2955
>
> From: Frank Chan<fchan [at] molsci<mailto:fchan [at] molsci>>
> Date: Fri, 2 Mar 2012 14:24:04 -0800
> To:<users [at] spamassassin<mailto:users [at] spamassassin>>
> Subject: Spam from Moniker Privacy Services.
>
> I'm getting a bunch spam from Moniker Privacy Services& other domain privacy services but they seem host their smtp servers everywhere in the world (mostly in the US) and below are some examples of what I got when I did a whois on the some of the domains:
>
> a-trigano.com
> 66.197.198.131
> OrgName: Network Operations Center Inc.
> OrgId: NOC
> Address: PO Box 591
> City: Scranton
> StateProv: PA
> PostalCode: 18501-0591
> Country: US
>
> irjaws.com
> 74.199.140.202
> OrgName: Metroglobe
> OrgId: METRO-339
> Address: 3675 S Rainbow Blvd
> Address: 107-181
> City: Las Vegas
> StateProv: NV
> PostalCode: 89103
> Country: US
>
> But these domains (and many more) are registered to:
>
> Moniker Privacy Services
> 20 SW 27th Ave. Suite 201
> Pompano Beach FL 33069
> US
>
> I'm checking if anyone else seen this and has anyone able to stop this tspam from these domains hiding behind (or they just a front for) these domain privacy services for spammers. The spam scores for some of this spam are just below my spam score threshold so they are slipping through.
>
> Thank you,
> Frank
>
>


fchan at molsci

Mar 29, 2012, 5:10 PM

Post #3 of 8 (973 views)
Permalink
Re: Spam from Moniker Privacy Services. [In reply to]

On 02-03-2012 15:49, Frank Chan wrote:
> Here are some samples of this spam in pastebin:
>
> http://pastebin.com/djidF7dg
> http://pastebin.com/DQan00ve
> http://pastebin.com/1PizAzMv
> http://pastebin.com/Hd6vVpYi
>
> Thank you,
> Frank
>
> On 02-03-2012 14:31, Jeremy McSpadden wrote:
>> Pastebin some emails + headers
>>
>> --
>> Jeremy McSpadden
>> Flux Labs, Inc
>> http://www.fluxlabs.net<http://www.fluxlabs.net/>
>> Endless Solutions
>> Office : 850-588-4626
>> Cell : 850-890-2543
>> Fax : 850-254-2955
>>
>> From: Frank Chan<fchan [at] molsci<mailto:fchan [at] molsci>>
>> Date: Fri, 2 Mar 2012 14:24:04 -0800
>> To:<users [at] spamassassin<mailto:users [at] spamassassin>>
>> Subject: Spam from Moniker Privacy Services.
>>
>> I'm getting a bunch spam from Moniker Privacy Services& other domain
>> privacy services but they seem host their smtp servers everywhere in
>> the world (mostly in the US) and below are some examples of what I
>> got when I did a whois on the some of the domains:
>>
>> a-trigano.com
>> 66.197.198.131
>> OrgName: Network Operations Center Inc.
>> OrgId: NOC
>> Address: PO Box 591
>> City: Scranton
>> StateProv: PA
>> PostalCode: 18501-0591
>> Country: US
>>
>> irjaws.com
>> 74.199.140.202
>> OrgName: Metroglobe
>> OrgId: METRO-339
>> Address: 3675 S Rainbow Blvd
>> Address: 107-181
>> City: Las Vegas
>> StateProv: NV
>> PostalCode: 89103
>> Country: US
>>
>> But these domains (and many more) are registered to:
>>
>> Moniker Privacy Services
>> 20 SW 27th Ave. Suite 201
>> Pompano Beach FL 33069
>> US
>>
>> I'm checking if anyone else seen this and has anyone able to stop
>> this tspam from these domains hiding behind (or they just a front
>> for) these domain privacy services for spammers. The spam scores for
>> some of this spam are just below my spam score threshold so they are
>> slipping through.
>>
>> Thank you,
>> Frank
>>
>>
>
>
>
Does anyone have a idea how to stop this type of spam messages from
Moniker Privacy Services, Enom and other domain name hiding services. I
noticed that these domains will get blacklisted from various services
but not until afterwards which I have the spam message on my system.

Thank you,
Frank


rdoyle at islandnetworks

Mar 30, 2012, 8:44 AM

Post #4 of 8 (975 views)
Permalink
Re: Spam from Moniker Privacy Services. [In reply to]

On 03/29/2012 05:10 PM, Frank Chan wrote:
> On 02-03-2012 15:49, Frank Chan wrote:
>> Here are some samples of this spam in pastebin:
>>
>> http://pastebin.com/djidF7dg
>> http://pastebin.com/DQan00ve
>> http://pastebin.com/1PizAzMv
>> http://pastebin.com/Hd6vVpYi
>>
>> Thank you,
>> Frank
>>
>> On 02-03-2012 14:31, Jeremy McSpadden wrote:
>>> Pastebin some emails + headers
>>>
>>> --
>>> Jeremy McSpadden
>>> Flux Labs, Inc
>>> http://www.fluxlabs.net<http://www.fluxlabs.net/>
>>> Endless Solutions
>>> Office : 850-588-4626
>>> Cell : 850-890-2543
>>> Fax : 850-254-2955
>>>
>>> From: Frank Chan<fchan [at] molsci<mailto:fchan [at] molsci>>
>>> Date: Fri, 2 Mar 2012 14:24:04 -0800
>>> To:<users [at] spamassassin<mailto:users [at] spamassassin>>
>>> Subject: Spam from Moniker Privacy Services.
>>>
>>> I'm getting a bunch spam from Moniker Privacy Services& other domain
>>> privacy services but they seem host their smtp servers everywhere in
>>> the world (mostly in the US) and below are some examples of what I
>>> got when I did a whois on the some of the domains:
>>>
>>> a-trigano.com
>>> 66.197.198.131
>>> OrgName: Network Operations Center Inc.
>>> OrgId: NOC
>>> Address: PO Box 591
>>> City: Scranton
>>> StateProv: PA
>>> PostalCode: 18501-0591
>>> Country: US
>>>
>>> irjaws.com
>>> 74.199.140.202
>>> OrgName: Metroglobe
>>> OrgId: METRO-339
>>> Address: 3675 S Rainbow Blvd
>>> Address: 107-181
>>> City: Las Vegas
>>> StateProv: NV
>>> PostalCode: 89103
>>> Country: US
>>>
>>> But these domains (and many more) are registered to:
>>>
>>> Moniker Privacy Services
>>> 20 SW 27th Ave. Suite 201
>>> Pompano Beach FL 33069
>>> US
>>>
>>> I'm checking if anyone else seen this and has anyone able to stop
>>> this tspam from these domains hiding behind (or they just a front
>>> for) these domain privacy services for spammers. The spam scores for
>>> some of this spam are just below my spam score threshold so they are
>>> slipping through.
>>>
>>> Thank you,
>>> Frank
>>>
>>>
>>
>>
>>
> Does anyone have a idea how to stop this type of spam messages from
> Moniker Privacy Services, Enom and other domain name hiding services. I
> noticed that these domains will get blacklisted from various services
> but not until afterwards which I have the spam message on my system.
>
> Thank you,
> Frank
>

Most of the problem domains are new. Quarantine/block/score on domain age.


robert at schetterer

Mar 30, 2012, 10:11 AM

Post #5 of 8 (972 views)
Permalink
Re: Spam from Moniker Privacy Services. [In reply to]

Am 30.03.2012 17:44, schrieb Richard Doyle:
> On 03/29/2012 05:10 PM, Frank Chan wrote:
>> On 02-03-2012 15:49, Frank Chan wrote:
>>> Here are some samples of this spam in pastebin:
>>>
>>> http://pastebin.com/djidF7dg
>>> http://pastebin.com/DQan00ve
>>> http://pastebin.com/1PizAzMv
>>> http://pastebin.com/Hd6vVpYi
>>>
>>> Thank you,
>>> Frank
>>>
>>> On 02-03-2012 14:31, Jeremy McSpadden wrote:
>>>> Pastebin some emails + headers
>>>>
>>>> --
>>>> Jeremy McSpadden
>>>> Flux Labs, Inc
>>>> http://www.fluxlabs.net<http://www.fluxlabs.net/>
>>>> Endless Solutions
>>>> Office : 850-588-4626
>>>> Cell : 850-890-2543
>>>> Fax : 850-254-2955
>>>>
>>>> From: Frank Chan<fchan [at] molsci<mailto:fchan [at] molsci>>
>>>> Date: Fri, 2 Mar 2012 14:24:04 -0800
>>>> To:<users [at] spamassassin<mailto:users [at] spamassassin>>
>>>>
>>>> Subject: Spam from Moniker Privacy Services.
>>>>
>>>> I'm getting a bunch spam from Moniker Privacy Services& other domain
>>>> privacy services but they seem host their smtp servers everywhere in
>>>> the world (mostly in the US) and below are some examples of what I
>>>> got when I did a whois on the some of the domains:
>>>>
>>>> a-trigano.com
>>>> 66.197.198.131
>>>> OrgName: Network Operations Center Inc.
>>>> OrgId: NOC
>>>> Address: PO Box 591
>>>> City: Scranton
>>>> StateProv: PA
>>>> PostalCode: 18501-0591
>>>> Country: US
>>>>
>>>> irjaws.com
>>>> 74.199.140.202
>>>> OrgName: Metroglobe
>>>> OrgId: METRO-339
>>>> Address: 3675 S Rainbow Blvd
>>>> Address: 107-181
>>>> City: Las Vegas
>>>> StateProv: NV
>>>> PostalCode: 89103
>>>> Country: US
>>>>
>>>> But these domains (and many more) are registered to:
>>>>
>>>> Moniker Privacy Services
>>>> 20 SW 27th Ave. Suite 201
>>>> Pompano Beach FL 33069
>>>> US
>>>>
>>>> I'm checking if anyone else seen this and has anyone able to stop
>>>> this tspam from these domains hiding behind (or they just a front
>>>> for) these domain privacy services for spammers. The spam scores for
>>>> some of this spam are just below my spam score threshold so they are
>>>> slipping through.
>>>>
>>>> Thank you,
>>>> Frank
>>>>
>>>>
>>>
>>>
>>>
>> Does anyone have a idea how to stop this type of spam messages from
>> Moniker Privacy Services, Enom and other domain name hiding services. I
>> noticed that these domains will get blacklisted from various services
>> but not until afterwards which I have the spam message on my system.
>>
>> Thank you,
>> Frank
>>
>
> Most of the problem domains are new. Quarantine/block/score on domain age.

a few days ago, new domains with spam, moniker was involved was
discussed here use list archive

or try here
http://anonwhois.org/usage.html#sa
--
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria


fchan at molsci

Mar 30, 2012, 3:50 PM

Post #6 of 8 (972 views)
Permalink
Re: Spam from Moniker Privacy Services. [In reply to]

On 30-03-2012 08:44, Richard Doyle wrote:
> On 03/29/2012 05:10 PM, Frank Chan wrote:
>> On 02-03-2012 15:49, Frank Chan wrote:
>>> Here are some samples of this spam in pastebin:
>>>
>>> http://pastebin.com/djidF7dg
>>> http://pastebin.com/DQan00ve
>>> http://pastebin.com/1PizAzMv
>>> http://pastebin.com/Hd6vVpYi
>>>
>>> Thank you,
>>> Frank
>>>
>>> On 02-03-2012 14:31, Jeremy McSpadden wrote:
>>>> Pastebin some emails + headers
>>>>
>>>> --
>>>> Jeremy McSpadden
>>>> Flux Labs, Inc
>>>> http://www.fluxlabs.net<http://www.fluxlabs.net/>
>>>> Endless Solutions
>>>> Office : 850-588-4626
>>>> Cell : 850-890-2543
>>>> Fax : 850-254-2955
>>>>
>>>> From: Frank Chan<fchan [at] molsci<mailto:fchan [at] molsci>>
>>>> Date: Fri, 2 Mar 2012 14:24:04 -0800
>>>> To:<users [at] spamassassin<mailto:users [at] spamassassin>>
>>>>
>>>> Subject: Spam from Moniker Privacy Services.
>>>>
>>>> I'm getting a bunch spam from Moniker Privacy Services& other domain
>>>> privacy services but they seem host their smtp servers everywhere in
>>>> the world (mostly in the US) and below are some examples of what I
>>>> got when I did a whois on the some of the domains:
>>>>
>>>> a-trigano.com
>>>> 66.197.198.131
>>>> OrgName: Network Operations Center Inc.
>>>> OrgId: NOC
>>>> Address: PO Box 591
>>>> City: Scranton
>>>> StateProv: PA
>>>> PostalCode: 18501-0591
>>>> Country: US
>>>>
>>>> irjaws.com
>>>> 74.199.140.202
>>>> OrgName: Metroglobe
>>>> OrgId: METRO-339
>>>> Address: 3675 S Rainbow Blvd
>>>> Address: 107-181
>>>> City: Las Vegas
>>>> StateProv: NV
>>>> PostalCode: 89103
>>>> Country: US
>>>>
>>>> But these domains (and many more) are registered to:
>>>>
>>>> Moniker Privacy Services
>>>> 20 SW 27th Ave. Suite 201
>>>> Pompano Beach FL 33069
>>>> US
>>>>
>>>> I'm checking if anyone else seen this and has anyone able to stop
>>>> this tspam from these domains hiding behind (or they just a front
>>>> for) these domain privacy services for spammers. The spam scores for
>>>> some of this spam are just below my spam score threshold so they are
>>>> slipping through.
>>>>
>>>> Thank you,
>>>> Frank
>>>>
>>>>
>>>
>>>
>>>
>> Does anyone have a idea how to stop this type of spam messages from
>> Moniker Privacy Services, Enom and other domain name hiding services. I
>> noticed that these domains will get blacklisted from various services
>> but not until afterwards which I have the spam message on my system.
>>
>> Thank you,
>> Frank
>>
>
> Most of the problem domains are new. Quarantine/block/score on domain
> age.
>
>
Hi Richard,
Yes noticed that when I did an WHOIS on these spam messages so I will
see if scoring by domain age will work in prevent this type of spam.

Thank you,
Frank


fchan at molsci

Mar 30, 2012, 4:08 PM

Post #7 of 8 (978 views)
Permalink
Re: Spam from Moniker Privacy Services. [In reply to]

On 30-03-2012 10:11, Robert Schetterer wrote:
> Am 30.03.2012 17:44, schrieb Richard Doyle:
>> On 03/29/2012 05:10 PM, Frank Chan wrote:
>>> On 02-03-2012 15:49, Frank Chan wrote:
>>>> Here are some samples of this spam in pastebin:
>>>>
>>>> http://pastebin.com/djidF7dg
>>>> http://pastebin.com/DQan00ve
>>>> http://pastebin.com/1PizAzMv
>>>> http://pastebin.com/Hd6vVpYi
>>>>
>>>> Thank you,
>>>> Frank
>>>>
>>>> On 02-03-2012 14:31, Jeremy McSpadden wrote:
>>>>> Pastebin some emails + headers
>>>>>
>>>>> --
>>>>> Jeremy McSpadden
>>>>> Flux Labs, Inc
>>>>> http://www.fluxlabs.net<http://www.fluxlabs.net/>
>>>>> Endless Solutions
>>>>> Office : 850-588-4626
>>>>> Cell : 850-890-2543
>>>>> Fax : 850-254-2955
>>>>>
>>>>> From: Frank Chan<fchan [at] molsci<mailto:fchan [at] molsci>>
>>>>> Date: Fri, 2 Mar 2012 14:24:04 -0800
>>>>> To:<users [at] spamassassin<mailto:users [at] spamassassin>>
>>>>>
>>>>> Subject: Spam from Moniker Privacy Services.
>>>>>
>>>>> I'm getting a bunch spam from Moniker Privacy Services& other domain
>>>>> privacy services but they seem host their smtp servers everywhere in
>>>>> the world (mostly in the US) and below are some examples of what I
>>>>> got when I did a whois on the some of the domains:
>>>>>
>>>>> a-trigano.com
>>>>> 66.197.198.131
>>>>> OrgName: Network Operations Center Inc.
>>>>> OrgId: NOC
>>>>> Address: PO Box 591
>>>>> City: Scranton
>>>>> StateProv: PA
>>>>> PostalCode: 18501-0591
>>>>> Country: US
>>>>>
>>>>> irjaws.com
>>>>> 74.199.140.202
>>>>> OrgName: Metroglobe
>>>>> OrgId: METRO-339
>>>>> Address: 3675 S Rainbow Blvd
>>>>> Address: 107-181
>>>>> City: Las Vegas
>>>>> StateProv: NV
>>>>> PostalCode: 89103
>>>>> Country: US
>>>>>
>>>>> But these domains (and many more) are registered to:
>>>>>
>>>>> Moniker Privacy Services
>>>>> 20 SW 27th Ave. Suite 201
>>>>> Pompano Beach FL 33069
>>>>> US
>>>>>
>>>>> I'm checking if anyone else seen this and has anyone able to stop
>>>>> this tspam from these domains hiding behind (or they just a front
>>>>> for) these domain privacy services for spammers. The spam scores for
>>>>> some of this spam are just below my spam score threshold so they are
>>>>> slipping through.
>>>>>
>>>>> Thank you,
>>>>> Frank
>>>>>
>>>>>
>>>>
>>>>
>>> Does anyone have a idea how to stop this type of spam messages from
>>> Moniker Privacy Services, Enom and other domain name hiding services. I
>>> noticed that these domains will get blacklisted from various services
>>> but not until afterwards which I have the spam message on my system.
>>>
>>> Thank you,
>>> Frank
>>>
>> Most of the problem domains are new. Quarantine/block/score on domain age.
> a few days ago, new domains with spam, moniker was involved was
> discussed here use list archive
>
> or try here
> http://anonwhois.org/usage.html#sa
Hi Robert,
Thank you for the link and I will try this to prevent this spam.

Again thank you,
Frank


fchan at molsci

Apr 11, 2012, 5:38 PM

Post #8 of 8 (951 views)
Permalink
Re: Spam from Moniker Privacy Services. [In reply to]

On 30-03-2012 16:08, Frank Chan wrote:
> On 30-03-2012 10:11, Robert Schetterer wrote:
>> Am 30.03.2012 17:44, schrieb Richard Doyle:
>>> On 03/29/2012 05:10 PM, Frank Chan wrote:
>>>> On 02-03-2012 15:49, Frank Chan wrote:
>>>>> Here are some samples of this spam in pastebin:
>>>>>
>>>>> http://pastebin.com/djidF7dg
>>>>> http://pastebin.com/DQan00ve
>>>>> http://pastebin.com/1PizAzMv
>>>>> http://pastebin.com/Hd6vVpYi
>>>>>
>>>>> Thank you,
>>>>> Frank
>>>>>
>>>>> On 02-03-2012 14:31, Jeremy McSpadden wrote:
>>>>>> Pastebin some emails + headers
>>>>>>
>>>>>> --
>>>>>> Jeremy McSpadden
>>>>>> Flux Labs, Inc
>>>>>> http://www.fluxlabs.net<http://www.fluxlabs.net/>
>>>>>> Endless Solutions
>>>>>> Office : 850-588-4626
>>>>>> Cell : 850-890-2543
>>>>>> Fax : 850-254-2955
>>>>>>
>>>>>> From: Frank Chan<fchan [at] molsci<mailto:fchan [at] molsci>>
>>>>>> Date: Fri, 2 Mar 2012 14:24:04 -0800
>>>>>> To:<users [at] spamassassin<mailto:users [at] spamassassin>>
>>>>>>
>>>>>>
>>>>>> Subject: Spam from Moniker Privacy Services.
>>>>>>
>>>>>> I'm getting a bunch spam from Moniker Privacy Services& other
>>>>>> domain
>>>>>> privacy services but they seem host their smtp servers everywhere in
>>>>>> the world (mostly in the US) and below are some examples of what I
>>>>>> got when I did a whois on the some of the domains:
>>>>>>
>>>>>> a-trigano.com
>>>>>> 66.197.198.131
>>>>>> OrgName: Network Operations Center Inc.
>>>>>> OrgId: NOC
>>>>>> Address: PO Box 591
>>>>>> City: Scranton
>>>>>> StateProv: PA
>>>>>> PostalCode: 18501-0591
>>>>>> Country: US
>>>>>>
>>>>>> irjaws.com
>>>>>> 74.199.140.202
>>>>>> OrgName: Metroglobe
>>>>>> OrgId: METRO-339
>>>>>> Address: 3675 S Rainbow Blvd
>>>>>> Address: 107-181
>>>>>> City: Las Vegas
>>>>>> StateProv: NV
>>>>>> PostalCode: 89103
>>>>>> Country: US
>>>>>>
>>>>>> But these domains (and many more) are registered to:
>>>>>>
>>>>>> Moniker Privacy Services
>>>>>> 20 SW 27th Ave. Suite 201
>>>>>> Pompano Beach FL 33069
>>>>>> US
>>>>>>
>>>>>> I'm checking if anyone else seen this and has anyone able to stop
>>>>>> this tspam from these domains hiding behind (or they just a front
>>>>>> for) these domain privacy services for spammers. The spam scores for
>>>>>> some of this spam are just below my spam score threshold so they are
>>>>>> slipping through.
>>>>>>
>>>>>> Thank you,
>>>>>> Frank
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>> Does anyone have a idea how to stop this type of spam messages from
>>>> Moniker Privacy Services, Enom and other domain name hiding
>>>> services. I
>>>> noticed that these domains will get blacklisted from various services
>>>> but not until afterwards which I have the spam message on my system.
>>>>
>>>> Thank you,
>>>> Frank
>>>>
>>> Most of the problem domains are new. Quarantine/block/score on
>>> domain age.
>> a few days ago, new domains with spam, moniker was involved was
>> discussed here use list archive
>>
>> or try here
>> http://anonwhois.org/usage.html#sa
> Hi Robert,
> Thank you for the link and I will try this to prevent this spam.
>
> Again thank you,
> Frank
>
>
After using anonwhois.org and Spam Easting Monkey and tuning it for week
now this seems reduce the amount of this anonymous domain spam.

Thank you for your assistance,
Frank

SpamAssassin users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.