woodcraft spam

Severesky?

I'm am not a spammer.

Reply to
LRod
Loading thread data ...

I have a 'thingy' in Firefox that generates a random email whenever I find myself dealing with a company that I think would sell my address to a Tattoine slave trader for two game credits.

Companies like those that pay guys in Indiastan to tell you that their name is "David Jones". ##

It generates an address like " snipped-for-privacy@mail.svenz.eu", which lives exactly long enough to check a confirmation email or two.

Then the email address disappears off the radar.

Bill

## As I explained to the last "David Jones", "Why would I want to do business with a company that pays people to lie to me as a matter of policy? After all, they've already proven that they can't be trusted."

Reply to
BillinDetroit

Sorry, guys (& gal).

Bill

Reply to
BillinDetroit

I just sent them mail again, and added more names to the list of recipients. Perhaps they will answer.

I used the contact e-mail on ther woodcraft.com web site. I also used the whois address for woodcraft, and the abuse@ and postmaster@ address at both woodcraft.com and woodcraftnews.com

BTW - at least 51 attempts were made to send spam to that address - which my server blocked. Some leaked through.

Some of the spam that leaked through looked like the storm virus. Earlier ones looked like the greeting card spam.

I suspect a machine with the list of all of the woodcraftnews e-mail addresses was infected with a virus.

Reply to
Maxwell Lol

That violates their stated policy on privacy. Personally - I don't think woodcraft is evil.

Reply to
Maxwell Lol

Their privacy policy is stated at

formatting link
We occasionally make our customer list (postal mailing list only) ^---NOTE----------------^

and on

formatting link
WOODCRAFT PROMISE: The e-mail information we collect is used to

So I don't believe this happened intentionally.

Reply to
Maxwell Lol

You don't run your own mail server, do you?

Reply to
Maxwell Lol

Then your ISP is doing a good job. I think the ratio is that for every legitimate e-mail, there are about 8-10 spam messages attempted.

Reply to
Maxwell Lol

Know the feeling ... spammers sucked so much bandwidth from one of our little Internet companies, that was doing very well otherwise, we got tired of fighting it and shut the whole thing down.

Should spammers ever incur the death penalty and executioners are in short supply, I'm available.

Reply to
Swingman

LRod wrote in news: snipped-for-privacy@4ax.com:

I was guessing the numbers as 11 or 37 depending as to whether he was a fighter or bomber guy. I am not a spammer either!

BTW here's a snip of the latest spam to that address:

Envelope-to: snipped-for-privacy@XXXXXXXXXXX.com X-EN-OrigIP: 208.10.2.8 X-EN-IMPSID: gHby1X01T0AMzso0000000 To: From: Sender: User odccza Date: Sat, 25 Aug 2007 13:35:58 -0400 Subject: MarkedSPAM Who is that your with? lol

LMAO, I cant believe you put this video online. Everyone can see your face there. LOL see for yourself...

formatting link

This youtube link is actually spoofed and goes to 65.167.186.170 a host at cfu.net and no I haven't gone there to see what adware or crap they could put on my computer.

Reply to
A Lurker

I love that analogy :)

That is the kind of horror story I was referring to. I don't know what I'm doing (or not doing), but my spam receipts - including those that are rule-directed to my junk mail folder- are rarely more than 3 or 4 per week. There could be more that are rule-deleted before I see them (Rule = From: not in my address book, To: not my email address, then Delete) but I wouldn't know how many of those there might be.

Tom Veatch Wichita, KS USA

Reply to
Tom Veatch

Get in line, Karl, get in line.

Reply to
Dave Gordon

Tom Veatch wrote in news: snipped-for-privacy@4ax.com:

Tom, it could be that your ISP is helping out. I know that Comcast is pretty good at reducing the flow substantially. It's one of the reasons I put up with their (expensive) services.

That, and I guess I don't really want to change addresses very much.

Patriarch

Reply to
Patriarch

While this spam seems safe....

The HTML shows it as a youtube video, but the raw data has it going to an address that uses numbers instead of a hostname.

This I believe is the Peacomm/Storm virus. When you go there, it asks you to download a "Secure Login Applet" (applet.exe). And when you do, your machine becomes infected with the Trojan/virus. It's been a problem for IT people, because the applet morphs, making detection difficult.

I've seen this youtube virus send out text such as:

Jeez, what were you thinking? this is too crazy, but she was hot If your dad sees this video you made, he is gonna kill you. OMG, what are you doing man. This video of you is all over the net. HAHAHAHAHAHA, man your insane LMAO, your crazy man sheesh man, what are you thinkin Man you have got to tell me where you picked her up where did you hook up with that? You can see your face right in the video. its all over the web dude. You need to take this offline, it is in everyones email.

Checking the spam I got addressed to my woodcraft account, a lot of the spam looks like a virus/trojan attempt. (ecard, Storm), but then I see two stock spams for ERMX.

I guess that someone at Woodcraft or woodcraftnews got infected. Trouble was, the machine that was infected had my email account in the address book. I'm getting virus-based spam, and now stock spams sent to my woodcraft email account.

I'd guess the virus writers are working with the ERMX stock spammers.

Reply to
Maxwell Lol

I don't know that he's still there, but try don snipped-for-privacy@woodcraft.com

He works in the internet department, or did. Don't tell him Charlie Self sent you. As far as I know, since they let me go about 3-1/2 years ago, I'm still on their shit list.

Reply to
Charlie Self

You have to understand that a dictionary crack does not rely exclusively on a dictionary as you know it. They often build user names from combinations of of words, letters, numbers, etc. It's not uncommon to see your mail server hit by snipped-for-privacy@haha.com snipped-for-privacy@haha.com ... until it hits snipped-for-privacy@haha.com. You get the point.

I'm not trying to absolve woodcraft, but I wouldn't rule out a dictionary crack. I administer several mail servers and I used to see these things all the time. Fortunately sendmail has a macro to stop these sorts of attacks.

Reply to
Jeff

I know exactly what a dictionary attack is. I watch my logs, (I see each and every attempt to guess every account) and I notice when this happens.

Most of the time I see guesses that try accounts like "info" "guest" etc. I would have noticed attempts where thousands of accounts fail.

Yes. I use sendmail.

Reply to
Maxwell Lol

In particular, I use define(`confBAD_RCPT_THROTTLE', `3')dnl

So each IP address can have 3 guesses. It's pretty hard to go through

100,000 guesses at that rate.
Reply to
Maxwell Lol

Czapla RWD 14 It was a high wing recon plane.

Reply to
Edwin Pawlowski

Lucky you. In the past 12 days my Deleted Items folder has accumulated 2470 items.

Reply to
J. Clarke

HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.