This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Date: Sat, 15 Dec 2001 17:54:05 -0800
To: svlug@svlug.org
From: Rafael <raffi@linwin.com>
Subject: [svlug] Large number of spam comes from related sources
I keep getting spam that can be traced back to the the same source:
supported by qwest.net, grindbind.com, and registered at joker.com
domain: beebeatwo.com
status: production
origin-c: borisb11209@yahoo.com#0
owner: Sajid Raza
...
------------------ domainstop.org
[whois.joker.com]
domain: domainstop.org
status: production
origin-c: tali987653@yahoo.com#0
owner: Taline Martin
email: tali987653@yahoo.com#0
address: 893 W 14th Street
city: NY
state: NY
postal-code: 10011
country: US
admin-c: tali987653@yahoo.com#0
...
nserver: dv1.grindbind.com
nserver: ns3.grindbind.com
registrar: JORE-1
created: 2001-10-06 02:01:20 UTC JORE-1
modified: 2001-10-10 17:47:09 UTC JORE-1
expires: 2002-10-05 20:00:59 UTC
source: joker.com
------------------ Domain Name: XEONWEB.NET
Administrative Contact:
Paul Xeon paul@xeonweb.net
Xeon Web Services
21 Dorado
El Paso, TX 31456
US
Phone- 000-000-0000
Fax-
Technical Contact:
Paul Xeon paul@xeonweb.net
Xeon Web Services
21 Dorado
El Paso, TX 31456
US
Phone- 000-000-0000
Fax-
Those 000 are verbatim! All fake information.
Few more can be seen at
http://www.linwin.com/spam+scam/index.html
I wonder why the registrars allow them to use yahoo email? My guess is
they don't verify/care what the email of the registrant is. joker.com seem
to be the worst and in over 90% of the spam related information I come
across.
It looks like somebody has a script that creates bogus businesses on the
fly. It shouldn't be too hard to trace back the benefactors of the spam,
real or virtual. I do not care about the lame arguments against this
technique as some have argued about on this and other mailing lists in the
past. I don't give a damn who or for what reason sent me URL for some
pornosite. They should all be sent to Afghanistan while bombing is still
going on!
Some of the spam I get lately has IPs without a relation to a domain name.
They think I going to do business with them using credit card. There is no
company information on their website, phone numbers, address, etc. That's
illegal business as far as I'm concerned and they should be shutdown or
DOSed off the net entirely.
It seems that many questionable business can be traced or are related
somehow to the same network of bandits:
Organization:
Creative Marketing Zone, Inc.
Technical Support
5393 Maplewood
Detroit, MI 48204
US
Phone: 313-231-2474
Email: grindbind@yahoo.com
Registrar Name....: Register.com
Registrar Whois...: whois.register.com
Registrar Homepage: http://www.register.com
Domain Name: GRINDBIND.COM
Created on..............: Tue, Aug 14, 2001
Expires on..............: Thu, Aug 14, 2003
Record last updated on..: Wed, Oct 10, 2001
Administrative Contact:
Creative Marketing Zone, Inc.
Technical Support
5393 Maplewood
Detroit, MI 48204
US
Phone: 313-231-2474
Email: grindbind@yahoo.com
Technical Contact, Zone Contact:
Register.Com
Domain Registrar
575 8th Avenue - 11th Floor
New York, NY 10018
US
Phone: 212-798-9200
Fax..: 212-629-9305
Email: domain-registrar@register.com
Domain servers in listed order:
NS1.GRINDBIND.COM 64.132.82.71
NS3.GRINDBIND.COM 65.160.45.60
NS4.GRINDBIND.COM 65.160.45.61
KO2.GRINDBIND.COM 24.178.61.20
KO1.GRINDBIND.COM 24.182.105.208
DV1.GRINDBIND.COM 4.60.111.133
NM2.GRINDBIND.COM 65.69.110.2
NM1.GRINDBIND.COM 65.69.110.1
DNS1.GRINDBIND.COM 208.178.236.187
DNS2.GRINDBIND.COM 208.178.236.188
NS2.GRINDBIND.COM 64.132.82.72
No honest business with a large number of (DNS) servers hides behind the
grindbind@yahoo.com email! I wish ISPs would just block those networks at
their entry points: http://www.spamhaus.org/top10.lasso
A lot of spam is possible because of idiot sysadmins that setup email
servers like http://www.linwin.com/spam+scan/2001-12/spammers-2001-12-12
with all kinds of ports open. It's my belief that system like that should
be disabled remotely by anybody capable of doing so. Don't like that?
Tough, it's a spam war out there and it's time we strike back from every
server on the net. Of course it's possible that some of the open servers
are part of the illegal operation which too should be DOSed as soon as
they are discovered.
I wish that feds with all the power they have to watch the net would track
down this email terrorism and start cutting off spamming teleban's
fingers. It's easy to find these f*ing bastards. Everybody knows who they
are http://www.spamhaus.org/sbl/sbl-major.lasso If nothing else works,
perhaps a visit from local "victims" is in order.
Email needs a major overhaul. Email protocols we are using were created
for use by honest people and on much smaller scale. The main problem I see
is in the fact that email is treated like snail mail which makes fighting
against spam more or less ineffective. A better protocol is needed
otherwise we'll all drown in spam sewage.
And last, to all spammers and other computerized idiots out there: I will
never do business with any of you regardless of what you promote. Don't
bother with telling me about your crap. I don't deal with loosers.
I wonder what's the average number of spam crap users get in a week?
===