Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: What to do about websites that spam

  1. #1
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    22,648
    Thanks
    3,304
    Thanked 2,676 Times in 2,257 Posts
    Blog Entries
    12

    Question What to do about websites that spam

    I've got 2 unsolicited emails today promoting a website. The website is actually interesting and normally I'd post a link to it. But there is clearly a spam problem here because there are a heck of a lot of complaints about people receiving spam emails promoting the site.

    The two emails were from different gmail accounts. Both of which don't exist! A case where the identity of the sender has been deliberately hidden.

    The website owner is trying to say that it's nothing to do with him - somebody must have liked the site and thought we all needed to know about it. I'm not buying that.

    Any advice or suggestions?

  2. #2
    Platinum Member Chatmaster's Avatar
    Join Date
    Aug 2006
    Location
    Cape Town
    Posts
    1,065
    Thanks
    107
    Thanked 99 Times in 63 Posts
    Dave have you checked the message properties to confirm the path the email took to your mailbox? The thing is Gmail cannot be used for anonymous spam as far as I know, because it requires a login and password regardless of where you send the mail from. Under View->options in MS Outlook.
    Roelof Vermeulen (Entrepreneurship in large organizations)
    Roelof Vermeulen| Rock flaps south africa

  3. #3
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    22,648
    Thanks
    3,304
    Thanked 2,676 Times in 2,257 Posts
    Blog Entries
    12
    Here is the message envelope - I've just edited where my email address shows:
    Return-path: <atractnews@gmail.com>
    Envelope-to: my email addy
    Delivery-date: Mon, 18 Feb 2008 09:25:18 +0200
    Received: from mx6.vodamail.co.za ([196.11.146.165] helo=vodamail.co.za)
    by server1.za-dns.com with esmtp (Exim 4.68)
    (envelope-from <atractnews@gmail.com>)
    id 1JR0NA-0005ny-1t
    for my email addy; Mon, 18 Feb 2008 09:25:18 +0200
    Received: from localhost (localhost [127.0.0.1])
    by mx2.vodamail.co.za (Postfix) with ESMTP id 00F7717FB0E
    for <my email addy>; Mon, 18 Feb 2008 09:20:32 +0200 (SAST)
    Received: from vodamail.co.za ([127.0.0.1])
    by localhost (mx1.vodamail.co.za [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id 05290-01-4 for <my email addy>;
    Mon, 18 Feb 2008 09:20:32 +0200 (SAST)
    Received: from vc-196-207-33-198.3g.vodacom.co.za (unknown [10.71.191.64])
    by mx2.vodamail.co.za (Postfix) with SMTP id B23E717D517
    for <my email addy>; Mon, 18 Feb 2008 09:20:14 +0200 (SAST)
    From: "todays news" <expose.news24@gmail.com >
    To: "dave" <my email addy>
    Subject: Internet tv news station 24/7
    Date: Mon, 18 Feb 2008 09:22:19 +0000
    Organization: BBC
    MIME-Version: 1.0
    Content-Type: multipart/alternative;
    boundary="----=_NextPart_000_0000_01C6527E.AE8904D0"
    Message-Id: <20080218072019.B23E717D517@mx2.vodamail.co.za>
    X-Virus-Scanned: amavisd-new at vodamail.co.za
    X-Spam-Status: No, score=-0.4
    X-Spam-Score: -3
    X-Spam-Bar: /
    X-Spam-Flag: NO
    It's not being sent from gmail - it's just claiming to be from a gmail account.

    If you try to send a message to this email address, you get
    This is the Postfix program at host ctb-mesg7.saix.net.

    I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.

    For further assistance, please send mail to <postmaster>

    If you do so, please include this problem report. You can delete your own text from the attached returned message.

    The Postfix program

    <atractnews@gmail.com>: host gmail-smtp-in.l.google.com[64.233.183.27] said:
    550 5.1.1 No such user c5si2891136nfi.2 (in reply to RCPT TO command)
    Last edited by Dave A; 18-Feb-08 at 02:23 PM.

  4. #4
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    22,648
    Thanks
    3,304
    Thanked 2,676 Times in 2,257 Posts
    Blog Entries
    12
    Here's the actual email content - less the link to the site.
    We spent one night in Hillbrow, the heart of Johannesburg nightlife and the New York of Africa. We filmed two sets of policemen taking bribe money from illegal immigrants.

    Andre reports on the freedom of the press that is under threat in South Africa. This is scary!

    One of our viewers told us he did some research and that our web broadcast station is unique.

    We are truly international and our hits keep growing hthanks guys.

    Scroll down and have a look at the map that shows wher our hits come from. You will be amazed

    (link to spamming site)

    Reporting without bias and without fear

  5. #5
    Platinum Member Chatmaster's Avatar
    Join Date
    Aug 2006
    Location
    Cape Town
    Posts
    1,065
    Thanks
    107
    Thanked 99 Times in 63 Posts
    You can read this article for assistance. I have only done this once before and for some reason cannot figure out your source IP, hopefully you have more luck than me.
    Roelof Vermeulen (Entrepreneurship in large organizations)
    Roelof Vermeulen| Rock flaps south africa

  6. #6
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    22,648
    Thanks
    3,304
    Thanked 2,676 Times in 2,257 Posts
    Blog Entries
    12
    Basically, that means the spammer was using the vodamail SMTP service to send the message. So Vodacom should be able to trace the subscriber/s who sent the emails then.

  7. #7
    Email problem daveob's Avatar
    Join Date
    Feb 2008
    Location
    Amanzimtoti
    Posts
    655
    Thanks
    107
    Thanked 118 Times in 103 Posts
    You do realise the task you're about to undertake ?? -- to get a competant vodacom person ( a REAL person, not an IVR system ) to actually agree to help YOU ( assumably ) a non-vodacom client, and then convince them to take action or give you the details of the sender of the mail ?

    Good Luck Dave !!!
    Watching the ships passing by.

  8. #8
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    22,648
    Thanks
    3,304
    Thanked 2,676 Times in 2,257 Posts
    Blog Entries
    12
    Technically, I suspect they're obliged to follow through in terms of the ECA legislation. I'm not going to put any resources into it though; the trail is unlikely to lead back to the site. More likely it's a compromised computer enslaved in a spam botnet.

    So the question about what, if anything, can be done about the site remains unanswered so far. As the only beneficiary of clearly illegal volume spamming techniques - what measures can be taken against the site?

    So far they've lost what actually would have been a regular visitor - if not promoter - if they hadn't gone about things the wrong way.

  9. #9
    Platinum Member Chatmaster's Avatar
    Join Date
    Aug 2006
    Location
    Cape Town
    Posts
    1,065
    Thanks
    107
    Thanked 99 Times in 63 Posts
    I suspect this guy sent the email from his local host (based on the IP "127.0.0.1") which makes it possible that Vodacom might be able to trace him. The reason I had trouble reading it is I am not sure whether or not the mail was sent to your vodacom email address or received through it.
    Roelof Vermeulen (Entrepreneurship in large organizations)
    Roelof Vermeulen| Rock flaps south africa

  10. #10
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    22,648
    Thanks
    3,304
    Thanked 2,676 Times in 2,257 Posts
    Blog Entries
    12
    Vodacom wasn't a part of my receiving it and it came off my company domain server, server1.za-dns.com.

    I should think Vodacom will have no problem tracing the source connection out of their logs. And with it being a Vodacom connection, it's unlikely to be off a server - the trail should lead directly to the service subscriber.

    It's interesting that collecting the mail off the server doesn't generate an entry in the envelope.

Page 1 of 3 123 LastLast

Similar Threads

  1. Spam Mails
    By Faan in forum Technology Forum
    Replies: 15
    Last Post: 25-Feb-08, 12:44 PM
  2. How to stop spam.
    By Dave A in forum General Business Forum
    Replies: 14
    Last Post: 07-Feb-08, 08:35 AM
  3. Spam telephone calls
    By Dave A in forum General Business Forum
    Replies: 17
    Last Post: 19-Nov-07, 10:42 AM

Tags for this Thread

Did you like this article? Share it with your favourite social network.

Did you like this article? Share it with your favourite social network.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •