- anti-abuse-wg - mailman.ripe.net

Re: [anti-abuse-wg] Abuse: Too big to fail
by Ronald F. Guilmette 19 Jun '17

19 Jun '17

ox <andre(a)ox.co.za> wrote: >"Ronald F. Guilmette" <rfg(a)tristatelogic.com> wrote: >> Personally, I've never seen a single piece of *email* spam >> from Twitter. So this is news to me. Can you post a sample >> please? ... >Envelope-to: x What's this? Did you redact it? If so, why? We already know what your email address is. >To: x <x> What's this? Did you redact it? If so, why? We already know what your email address is. Anyway, have you ever tried to figure out why you are so lucky? I mean why -you- get all of these alleged spam emails from Twitter and yet some other people who also have Twitter accounts... such as me for example... aren't being blessed with any such? And anyway, if you don't like the gunk you are getting from this one domain, twitter.com, why don't you just block all emails from twitter.com? Do you not know how to do that? If not, maybe we can find someone who can help you with setting up domain-specific blocking for your specific email client. covfefe

2 1

Re: [anti-abuse-wg] Abuse: Too big to fail
by Ronald F. Guilmette 19 Jun '17

19 Jun '17

ox <andre(a)ox.co.za> wrote: >Firstly, someone cannot just start sending you bulk emails each day >without you ever having asked for those emails. > >Anyone can maybe send you one email and check if they have the correct >email address and, if you do not reply or respond, maybe two or even >three 'confirmation' emails.. > >Twitter specifically, sends out the same confirmation emails, forever > >And; > >Twitter does not require opt in, to start sending you spam. Once they >have your email address, the spam keeps on coming and coming. Yes. Failure to do proper "confirmed opt in" is indeed a common and widespread failing on the part of -many- big companies. I would be willing to believe that Twitter is one such company. I do not and never will condone such selfish, greedy, sloppy, and anti-social practices, no matter what companies engage in them, and regardless of the sizes of such companies. However this problem is easily handled by those individual users who are specifically the victims of such sloppy practices. They can block inbound email from the offending domain(s) themselves, in their own mail programs. (This is sometimes called "voting with your feet".) As long as the companies involved do not begin to use so-called "snowshoe" spamming tactics, it is easy for all those they offend with their sloppy and anti-social practices to simply block their mails. If enough millions of people do that, then eventually they will go out of business and good riddance to them. But blocking spams from specific and individual "point sources" like this isn't something that is only in the hands of Spamcop or Spamhaus or any other blacklist. This is somdething that indivduals can and should do for themselves. covfefe

1 0

Re: [anti-abuse-wg] Abuse: Too big to fail
by Richard Hartmann 19 Jun '17

19 Jun '17

I might be missing something, but that email body contains an opt-out link, the header includes List-Unsubscribe:, and you seem to receive the email. Isn't there a somewhat obvious path to improvement, here? Richard

2 1

Re: [anti-abuse-wg] Abuse: Too big to fail
by Ronald F. Guilmette 19 Jun '17

19 Jun '17

Andre wrote: >Twitter has millions of 'fake' accounts, and accounts that use >spamtrap email addresses, from stolen data. How is that a problem for anyone but Twitter? (Coincidentally, I happened to be discussing the Twitter fake accounts problem with some other folks recently. One guy who works for a security firm claims to have spotted one set of around 200,000 of them. I myself saw someone on a hacker forum claiming to have just simply "bought" 30,000 Twitter followers. My reaction to both of these bits of news is just to yawn. I don't see how any of it affects -me-. This is Twitter's problem. It's their walled garden. If they elect not to properly police it, well then, as the old saying goes, they are shitting where they eat, and it will catch up to them eventually. As long as they are not sending spam -to me- ... which they aren't... I don't see why I should give a damn.) You also wrote: >Twitter is by far the worst spammer of all the multinationals, Personally, I've never seen a single piece of *email* spam from Twitter. So this is news to me. Can you post a sample please?

2 1

Re: [anti-abuse-wg] Abuse: Too big to fail
by Suresh Ramasubramanian 19 Jun '17

19 Jun '17

On 19-Jun-2017, at 10:55 AM, ox <andre(a)ox.co.za> wrote: > > Of course, you would not be asking that question :) True. I have other and better questions to ask.

2 1

Re: [anti-abuse-wg] Abuse: Too big to fail
by ox 19 Jun '17

19 Jun '17

On Mon, 19 Jun 2017 07:07:19 +0200 ox <andre(a)ox.co.za> wrote: > The largest white listed spammer on the planet is so powerful.... > is this spammer a criminal? Oh, no, this spammer is regarded so > highly, that it, like many other huge multi nationals, can simply do > anything they want or like. > Nobody can file complaints at SpamCop.net (/dev/nul) as quite simply > it is a waste of time. > try it for yourself. I have personally filed thousands of reports, > daily over many years, and it is simply a waste of time. > > When one looks at sender reputation, it is so very simple to just see > how much "sender score" actually means and how much it is about money > and power. > For example, one IP number: > http://multirbl.valli.org/lookup/199.16.156.171.html > > had this been your or my IP number, we would not be able to relay > emails anywhere. > > but, the playing field is not level. > > Multinationals run the planet and as I have said elsewhere, many > times, we no longer buy products, we are the products. We are like > chickens in a chicken factory, simply marking time, ignorant of our > purpose. > So, what can a RIPE abuse WG discuss about such powerful abusers? > Nothing, as we are all powerless against this spammer. > Interestingly, we (as in us, the people) are becoming less and less > in control each and every day. And, not, this is not my tinfoil hat > that needs adjustment, this is simple statistical fact. > And, yes, to be clear - this is a Twitter IP number. But you can also do similar searches on other multinationals... Twitter is by far the worst spammer of all the multinationals, at least some of the others 'pretend' to care... The behavior is much the same - They are too big to fail (or care) Andre

1 0

Re: [anti-abuse-wg] Abuse: Too big to fail
by Suresh Ramasubramanian 19 Jun '17

19 Jun '17

That is a Twitter IP What email from twitter are you receiving that isn’t because you have a twitter account? And what blocklist out there except the obscure and kooky is actually listing twitter? --srs On 19/06/17, 10:39 AM, "anti-abuse-wg on behalf of ox" <anti-abuse-wg-bounces(a)ripe.net on behalf of andre(a)ox.co.za> wrote: For example, one IP number: http://multirbl.valli.org/lookup/199.16.156.171.html had this been your or my IP number, we would not be able to relay emails anywhere. but, the playing field is not level.

2 1

Abuse: Too big to fail
by ox 19 Jun '17

19 Jun '17

Hi, The largest white listed spammer on the planet is so powerful.... is this spammer a criminal? Oh, no, this spammer is regarded so highly, that it, like many other huge multi nationals, can simply do anything they want or like. Nobody can file complaints at SpamCop.net (/dev/nul) as quite simply it is a waste of time. try it for yourself. I have personally filed thousands of reports, daily over many years, and it is simply a waste of time. When one looks at sender reputation, it is so very simple to just see how much "sender score" actually means and how much it is about money and power. For example, one IP number: http://multirbl.valli.org/lookup/199.16.156.171.html had this been your or my IP number, we would not be able to relay emails anywhere. but, the playing field is not level. Multinationals run the planet and as I have said elsewhere, many times, we no longer buy products, we are the products. We are like chickens in a chicken factory, simply marking time, ignorant of our purpose. So, what can a RIPE abuse WG discuss about such powerful abusers? Nothing, as we are all powerless against this spammer. Interestingly, we (as in us, the people) are becoming less and less in control each and every day. And, not, this is not my tinfoil hat that needs adjustment, this is simple statistical fact. Andre

1 0

Delivery Status Notification (Delay)
by a61ec514＠opayq.com 09 Jun '17

09 Jun '17

** Delivery incomplete ** There was a temporary problem delivering your message to curtiskwong9(a)gmail.com. Gmail will retry for 47 more hours. You'll be notified if the delivery fails permanently. /Np TGzfcoEJwNTs82+zhpVW8ry+p7cVhTsls8nZKquRImtJlgaENE+TCS837ZKF4Mt8pe= k+ RVAwl2/jS+SspnDaRxYHkujwvQN7HdMqlZ4cMPsAJIoAfrxxRMihHEDVJZJI4y3dPh= Is MDPW5hz8ra1DArFbEJqU7EUNkbJiQ50rM3sQ1nqNhXHRzySkLIm2JNw34uwpzvSq5c= D3 En3h5fUrsYnGYD9mdnV/PkV2rfVBTJYnBLCkDOj7GlG1OMkiR3tciVv8UFb9soHgdP= Nc 6R9w=3D=3D ARC-Message-Signature: i=3D1; a=3Drsa-sha256; c=3Drelaxed/relaxed; d=3Dgoog= le.com; s=3Darc-20160816; h=3Dlist-subscribe:list-help:list-post:list-archive:list-unsubscrib= e :list-unsubscribe:list-id:precedence:message-id:date:subject:to :reply-to:sender:from:content-transfer-encoding:mime-version :dkim-signature:delivery-date:arc-authentication-results; bh=3DRbDY+KHNsHEJrNiQ200DRGWs+VIOyNGiqp3CGAdYa4c=3D; b=3DFzt13oYX74lW4WJG4ND0VxrYd8qpL/26ObPR3iFSoHz1JihkvXbcdQXyqLnt4DD= fOw rTUrEK2AjJiqsiIqH0khptLmTMZrFF/w+gZAiH6Fzt4dQOT/mewBY+Dp3wZTttF/TO= I4 EVnW9eAOINfNiJX7cPvYW2+EKjvU+AOVQt0K/CjP+AiSzgVBBuXYIYbP94ZqLFYrb9= 9V aR9W0wmqMQ3J1BXhcG3DIo2yRqKpNZ1fHTONPcG4TJ/fBteXnCizts1mx0JXtr9VZV= 26 mS4EYIZw0PH5YQbYzekVE6j2owhDG90AR0q6PpBw3s2ZivZwI3W0BYVri5zXGFb6ip= Uw gCvw=3D=3D ARC-Authentication-Results: i=3D1; mx.google.com; dkim=3Dpass header.i=3D(a)opayq.com; spf=3Dpass (google.com: domain of fwd-737rbylmfnauyc3majicxikoeumwa5= zdjqqbam2cea5uadvegkaagbqahmagmmrdbqstb4afvaacaaba(a)opayq.com designates 184= .105.182.157 as permitted sender) smtp.mailfrom=3DFWD-737RBYLMFNAUYC3MAJICX= IKOEUMWA5ZDJQQBAM2CEA5UADVEGKAAGBQAHMAGMMRDBQSTB4AFVAACAABA(a)opayq.com; dmarc=3Dpass (p=3DNONE sp=3DNONE dis=3DNONE) header.from=3Dopayq.com Return-Path: <FWD-737RBYLMFNAUYC3MAJICXIKOEUMWA5ZDJQQBAM2CEA5UADVEGKAAGBQAH= MAGMMRDBQSTB4AFVAACAABA(a)opayq.com> Received: from opayq-out-07.junkemailfilter.com (opayq-out-07.junkemailfilt= er.com. [184.105.182.157]) by mx.google.com with ESMTPS id t3si4083833pgq.235.2017.06.08.03.00= .28 for <curtiskwong9(a)gmail.com> (version=3DTLS1_2 cipher=3DECDHE-RSA-AES128-GCM-SHA256 bits=3D128/1= 28); Thu, 08 Jun 2017 03:00:28 -0700 (PDT) Received-SPF: pass (google.com: domain of fwd-737rbylmfnauyc3majicxikoeumwa= 5zdjqqbam2cea5uadvegkaagbqahmagmmrdbqstb4afvaacaaba(a)opayq.com designates 18= 4.105.182.157 as permitted sender) client-ip=3D184.105.182.157; Authentication-Results: mx.google.com; dkim=3Dpass header.i=3D(a)opayq.com; spf=3Dpass (google.com: domain of fwd-737rbylmfnauyc3majicxikoeumwa5= zdjqqbam2cea5uadvegkaagbqahmagmmrdbqstb4afvaacaaba(a)opayq.com designates 184= .105.182.157 as permitted sender) smtp.mailfrom=3DFWD-737RBYLMFNAUYC3MAJICX= IKOEUMWA5ZDJQQBAM2CEA5UADVEGKAAGBQAHMAGMMRDBQSTB4AFVAACAABA(a)opayq.com; dmarc=3Dpass (p=3DNONE sp=3DNONE dis=3DNONE) header.from=3Dopayq.com Delivery-date: Thu, 08 Jun 2017 03:00:28 -0700 Received: from smtp2.opayq.com ([54.235.124.91]:60738) helo=3D[54.235.124.9= 1] by opayq-outbound.junkemailfilter.com with esmtps (TLSv1.2:AES256-SHA256:2= 56) (Exim 4.89) id 1dIuEu-0003Vp-7M on interface=3D184.105.182.150 for curtiskwong9(a)gmail.com; Thu, 08 Jun 2017 03:00:28 -0700 DKIM-Signature: v=3D1; d=3Dopayq.com; t=3D1496916026; b=3DJ2JOf5ffWgrWiTkQL= aSgIzvY/22hE2DBtjrvUyVc/IrIroNzv9KFTRV0udM/WfDG3pWB/WwtzDCd5lGw2lVD+/LOzfaO= 8ig10hNzgwjAF8XOXlxkv/tUujb7Jixr5Hj6+QcRCQN+8zW4O+lT686osO/VZsCMz9pNuTOcmuM= WcVQ=3D; s=3Dabine; c=3Drelaxed/relaxed; a=3Drsa-sha256; bh=3DRbDY+KHNsHEJr= NiQ200DRGWs+VIOyNGiqp3CGAdYa4c=3D; h=3DDate:From:Reply-To:Subject:To:List-U= nsubscribe; MIME-Version: 1.0 Content-Type: text/plain; charset=3D"us-ascii" Content-Transfer-Encoding: 7bit X-GetAbine-Processed: 1 From: "ripe.net [Masked]" <FWD-737RBYLMFNAUYC3MAJICXIKOEUMWA5ZDJQQBAM2CEA5U= ADVEGKAAGBQAHMAGMMRDBQSTB4AFVAACAABA(a)opayq.com> Sender: "ripe.net [Masked]" <FWD-737RBYLMFNAUYC3MAJICXIKOEUMWA5ZDJQQBAM2CEA= 5UADVEGKAAGBQAHMAGMMRDBQSTB4AFVAACAABA(a)opayq.com> Reply-To:=20 FWD-737RBYLMFNAUYC3MAJICXIKOEUMWA5ZDJQQBAM2CEA5UADVEGKAAGBQAHMAGMMRDBQSTB4= AFVAACAABA(a)opayq.com To: a61ec514(a)opayq.com X-GetAbine-Sender: anti-abuse-wg-bounces(a)ripe.net X-GetAbine-Disposable: a61ec514(a)opayq.com X-GetAbine-Host-Address: 54.235.124.91 Subject: anti-abuse-wg Digest, Vol 67, Issue 9 Date: Thu, 08 Jun 2017 12:00:01 +0200 Message-ID: <mailman.3.1496916001.25760.anti-abuse-wg(a)ripe.net> X-BeenThere: anti-abuse-wg(a)ripe.net X-Mailman-Version: 2.1.15 Precedence: list List-Id: Discussion of anti-abuse measures <anti-abuse-wg.ripe.net> List-Unsubscribe: <https://lists.ripe.net/mailman/options/anti-abuse-wg>, <mailto:anti-abuse-wg-request@ripe.net?subject=3Dunsubscribe> List-Unsubscribe: <mailto:unsubscribe-1334138444-a61ec514@opayq.com>, <http= s://emails.abine.com/disableDisposable?fwd=3DFWD-737RBYLMFNAUYC3MAJICXIKOEU= MWA5ZDJQQBAM2CEA5UADVEGKAAGBQAHMAGMMRDBQSTB4AFVAACAABA(a)opayq.com> List-Archive: <https://lists.ripe.net/ripe/mail/archives/anti-abuse-wg/> List-Post: <mailto:anti-abuse-wg@ripe.net> List-Help: <mailto:anti-abuse-wg-request@ripe.net?subject=3Dhelp> List-Subscribe: <https://lists.ripe.net/mailman/listinfo/anti-abuse-wg>, <mailto:anti-abuse-wg-request@ripe.net?subject=3Dsubscribe> X-ACL-Warn: Delaying message X-RIPE-Spam-Level: ------- X-RIPE-Spam-Report: Spam Total Points: -7.5 points pts rule name description ---- ---------------------- ------------------------------------ -7.5 ALL_TRUSTED Passed through trusted hosts only via SMTP -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain X-RIPE-Signature: 42ad8bc48037709f38a0a0f01575857a00a0f549b986e48286c0970a0= 33c3c02 X-Sender-Domain: ripe.net X-Spamfilter-host: plato.junkemailfilter.com - http://www.junkemailfilter.c= om X-Key-ID: YTYxZWM1MTRAb3BheXEuY29tIGFudGktYWJ1c2Utd2ctYm91bmNlc0ByaXBlLm5ld= CAyMDE3LTA2LTA4IDAzOjAwOjEzIDFkSXVFZi0wMDA1anItR28=3D X-Content-flags: contact email-adr https link mailto member optout please q= uestions request text-plain thankyou time-ref unsubscribe utf-8=20 X-Domain-list: ripe.net opayq.com X-Mail-from: anti-abuse-wg-bounces(a)ripe.net X-Sender-Host-Address: 193.0.19.113 X-Sender-Host-Name: molamola.ripe.net X-Key-ID: Y3VydGlza3dvbmc5QGdtYWlsLmNvbSBmd2QtNzM3cmJ5bG1mbmF1eWMzbWFqaWN4a= WtvZXVtd2E1emRqcXFiYW0yY2VhNXVhZHZlZ2thYWdicWFobWFnbW1yZGJxc3RiNGFmdmFhY2Fh= YmFAb3BheXEuY29tIDIwMTctMDYtMDggMDM6MDA6MjggMWRJdUV1LTAwMDNWcC03TQ=3D=3D -------------------------Blur------------------------- This email is forwarded from a MASKED EMAIL you created using Blur. (https= ://dnt.abine.com/#help/faq/faq-whataremaskedemails). IF THIS IS SPAM, CLICK HERE TO BLOCK: https://dnt.abine.com/#/block_email/a61ec514@opayq.com/FWD-737RBYLMFNAUYC3M= AJICXIKOEUMWA5ZDJQQBAM2CEA5UADVEGKAAGBQAHMAGMMRDBQSTB4AFVAACAABA(a)opayq.com Want to shop safely and privately online? Go Premium: https://dnt.abine.com= /?pk_campaign=3DmaskHeader#premium -------------------------by Abine------------------------- Send anti-abuse-wg mailing list submissions to anti-abuse-wg(a)ripe.net To subscribe or unsubscribe via the World Wide Web, visit https://lists.ripe.net/mailman/listinfo/anti-abuse-wg or, via email, send a message with subject or body 'help' to anti-abuse-wg-request(a)ripe.net You can reach the person managing the list at anti-abuse-wg-owner(a)ripe.net When replying, please edit your Subject line so it is more specific than "Re: Contents of anti-abuse-wg digest..." Today's Topics: 1. Mailing List Conduct (Brian Nisbet) 2. Mailing List Conduct (Hostmaster) ---------------------------------------------------------------------- Message: 1 Date: Wed, 7 Jun 2017 14:34:10 +0100 From: Brian Nisbet <brian.nisbet(a)heanet.ie> To: "'anti-abuse-wg(a)ripe.net'" <anti-abuse-wg(a)ripe.net>, aa-wg-chair(a)ripe.net Subject: [anti-abuse-wg] Mailing List Conduct Message-ID: <469dd12a-94eb-3452-d233-df77e851a4a5(a)heanet.ie> Content-Type: text/plain; charset=3Dutf-8 Colleagues, It greatly saddens me to be writing another mail like this after such a short period of time, but unfortunately action needed to be taken. After a number of unfounded accusations and implied threats towards a number of members of the mailing list Tobias & I have asked the RIPE NCC to ban marilson.mapa(a)gmail.com from the list. This has been completed. We would ask that you do not forward any mails from banned members to the list. While we really do try to keep discussion open and accessible here and while there is no bar on differing opinions, all of this must take place in the context of community and collaboration. Neither ad hominem attacks nor threats are part of that community. We would very much like to see this mailing list return to a place of useful discussion and work around anti-abuse topics in the RIPE community, but we cannot do that without you. So please do engage, in that spirit of community and collaboration! If you have any questions or queries about this action or any other, please don't hesitate to contact aa-wg-chair(a)ripe.net Thanks, Brian & Tobias Co-Chairs, RIPE Anti-Abuse Working Group ------------------------------ Message: 2 Date: Wed, 7 Jun 2017 15:45:46 +0200 From: "Hostmaster" <hostmaster(a)atvirtual.net> To: <anti-abuse-wg(a)ripe.net> Subject: [anti-abuse-wg] Mailing List Conduct Message-ID: <!&!AAAAAAAAAAAuAAAAAAAAAGG5i171BJREoiOyoYeGPzQBAMO2jhD3dRHOtM0AqgC7tuYAAA= AAAA4AABAAAAB4NGkie3HgRKXzbIxPFJrkAQAAAAA=3D(a)atvirtual.net> =09 Content-Type: text/plain; charset=3D"utf-8" -----Urspr?ngliche Nachricht----- Von: Brian Nisbet [mailto:brian.nisbet@heanet.ie]=20 Gesendet: Mittwoch, 7. Juni 2017 15:43 An: Hostmaster <hostmaster(a)atvirtual.net>; aa-wg-chair(a)ripe.net Betreff: Re: AW: [anti-abuse-wg] Mailing List Conduct Martin, I'm sorry you feel that way. Obviously Tobias and I disagree. We spoke to Marilson repeatedly in an attempt to make him moderate his own behaviour, he simply accused us of more wrong doings. Hence the course of action we took. If you wish to unsubscribe from the list that is entirely up to you. Thanks, Brian Co-Chair, RIPE Anti-Abuse WG On 07/06/2017 14:40, Hostmaster wrote: > Brian,=20 >=20 > it greatly saddens me to be on a list which is banning.=20 >=20 > There is not a single excuse for such a ban.=20 >=20 > Please ban me too. >=20 > Martin Fischer >=20 End of anti-abuse-wg Digest, Vol 67, Issue 9 ********************************************

1 0

Mailing List Conduct
by Hostmaster 07 Jun '17

07 Jun '17

-----Ursprüngliche Nachricht----- Von: Brian Nisbet [mailto:brian.nisbet@heanet.ie] Gesendet: Mittwoch, 7. Juni 2017 15:43 An: Hostmaster <hostmaster(a)atvirtual.net>; aa-wg-chair(a)ripe.net Betreff: Re: AW: [anti-abuse-wg] Mailing List Conduct Martin, I'm sorry you feel that way. Obviously Tobias and I disagree. We spoke to Marilson repeatedly in an attempt to make him moderate his own behaviour, he simply accused us of more wrong doings. Hence the course of action we took. If you wish to unsubscribe from the list that is entirely up to you. Thanks, Brian Co-Chair, RIPE Anti-Abuse WG On 07/06/2017 14:40, Hostmaster wrote: > Brian, > > it greatly saddens me to be on a list which is banning. > > There is not a single excuse for such a ban. > > Please ban me too. > > Martin Fischer >

1 0