You are seeing a failure case of some sort rather than an actual bounce and that needs trouble shooting
I hate to break it to you but this isn't a plot against your weird and wonderful notions of smtp and filtering - it is just those notions running up against a busy mailserver cluster
--srs
> On 14-Apr-2016, at 9:08 PM, andre(a)ox.co.za wrote:
>
> On Thu, 14 Apr 2016 20:52:30 +0530
> Suresh Ramasubramanian <ops.lists(a)gmail.com> wrote:
>
>> Post hoc ergo propter hoc
> maybe...
>
> maybe if nobody cares what others are doing, then it all makes no
> difference.
>
> but yet, when what others are doing affects your own wallet, then you
> may actually care?
>
> When email is transported over the Internet servers understand how to
> communicate with each other as their are defined protocols.
>
> These are not immutable laws, but they are and serve, as a method that
> makes things work, and up to now, I believed in the fairness of it all.
>
> Basically, if I receive a bounce from gmail saying that they think my
> email is spam, i sent the same bounce to my client - so that they can
> fix / adjust their behavior...
>
> Looks like their is some seriosu new implications for email abuse, as
> we are all now starting to re-write headers and Google is teaching us
> this unethical and abusive behavior - by making it a defacto standard?
>
> So, I can now also start re-writing bounces saying : Gmail.com
> Technical failure, gmail.com is completely unreachable o9n the
> Internet, etc etc and if anyone and everyone is now going to start
> sending lies and fake bounces then life is about to get interesting...
>
> When a company, which is very close to a monopoly already, grows their
> userbase by lying to their customers, this is simply abuse in itself.
> If I am wrong and it is not abuse, is it ethical?
>
> This is most assuredly a topic for this ripe wg
>
> as this type of abuse, if Google now starts making this a new standard,
> has the effect of disrupting communications and other far reaching
> implications commercially = or help me and explain to me why this is
> okay and I am wrong, please?
>
> andre
>
>
>
>
>> --srs
>>
>>> On 14-Apr-2016, at 8:38 PM, andre(a)ox.co.za wrote:
>>>
>>> On Thu, 14 Apr 2016 20:24:11 +0530
>>> Suresh Ramasubramanian <ops.lists(a)gmail.com> wrote:
>>>
>>>> I don't work for gmail fyi (as a quick google search will tell you,
>>>> or a Bing if you hate google so much) and I don't use sorbs either,
>>>> not since the late 2000s anyway.
>>>>
>>>> Without seeing a smtp txn with logging all the way up or a tcpdump
>>>> I am not sure what is going on but a read error probably means
>>>> you're dropping the smtp connection right after the 5xx without
>>>> giving gmail the time to gracefully QUIT the smtp session. Or
>>>> vice versa
>>>
>>> No.
>>>
>>> This is a gmail bounce to a gmail customer (for example my own gmail
>>> account)
>>>
>>> nothing to do with @ox.co.za - except that @ox.co.za sends:
>>> JunkMail rejected - is in an RBL, see Client host blocked using
>>> Barracuda Reputation, see
>>> http://www.barracudanetworks.com/reputation/?r=1 etc etc.
>>>
>>> so, when Gmail cannot deliver to @ox.co.za - because of dnsbl
>>> (whether it is SORBS, SpamCop, SpamID.net or whomever, Gmail does
>>> not tell the customer that the mail is being returned because just
>>> a minute earlier google tried to drop 1000 phish on ox.co.za -
>>> instead tells the customer: "read error" technical failure -- it is
>>> not a technical failure at all! - it is simply that google is
>>> sp[amming (or being used by their users to distribute spyware/phish
>>> or whatever) and it is NOT A technical read error at all!
>>>
>>>
>>>
>>>> --srs
>>>>
>>>>> On 14-Apr-2016, at 8:05 PM, andre(a)ox.co.za wrote:
>>>>>
>>>>> On Thu, 14 Apr 2016 19:51:27 +0530
>>>>> Suresh Ramasubramanian <ops.lists(a)gmail.com> wrote:
>>>>>> This isn't quite mailop but anyway - what specifically do you
>>>>>> mean by replace here?
>>>>> Yes, but is is an abuse wok group - it is important that the group
>>>>> also discusses abuse, more so if their is abusive behavior from a
>>>>> huge multinational.
>>>>>
>>>>>> Do you strip mime parts that you consider spam or malware and
>>>>>> replace them with a suitable message? And is the gmail mta not
>>>>>> reacting well to that?
>>>>>>
>>>>>> Examples would be interesting - certainly much more interesting
>>>>>> than a vague rant.
>>>>> Not a vague rant at all - the original post already contains the
>>>>> information. Gmail is behaving poorly/abusively.
>>>>>
>>>>> maybe you require me to add additional information? - as there is
>>>>> ZERO chance that you do not know what I am complaining about...
>>>>>
>>>>> I do wonder why you are not simply replying honestly and openly?
>>>>>
>>>>> ... Gmail customer sends email from Gmail to @ox.co.za
>>>>>
>>>>> ox.co.za responds: Listed at SORBS Currently sending SPAM!
>>>>>
>>>>> Gmail sends "improved" bounce report to Gmail customer:
>>>>>
>>>>> example:
>>>>>
>>>>>> Date: 14 April 2016 at 14:09:39 SAST
>>>>>> To: customer(a)gmail.com
>>>>>>
>>>>>> Delivery to the following recipient failed permanently:
>>>>>>
>>>>>> andre(a)ox.co.za
>>>>>>
>>>>>> Technical details of permanent failure:
>>>>>> read error: generic::failed_precondition: read error (0): error
>>>>>>
>>>>>> ----- Original message -----
>>>>>
>>>>>
>>>>>> --srs
>>>>>
>>>>> andre
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>>> On 14-Apr-2016, at 7:17 PM, andre(a)ox.co.za wrote:
>>>>>>>
>>>>>>> Hello,
>>>>>>>
>>>>>>> Incase anyone receives weird NON RFC bounces, from @gmail.com
>>>>>>> customers saying:
>>>>>>>
>>>>>>> Technical details of permanent failure:
>>>>>>> read error: generic::failed_precondition: read error (0): error
>>>>>>>
>>>>>>> What this means is:
>>>>>>>
>>>>>>> Google Inc does REPLACE the "Blocked for abuse / spam /scams /
>>>>>>> phish / virus / spyware messages from the various filters
>>>>>>>
>>>>>>> and sens a cryptic non RFC message to their users implying that
>>>>>>> the receivers email server is broken in some way....
>>>>>>>
>>>>>>> This is truly EVIL of Google to do...
>>>>>>>
>>>>>>> As they, Google are the ones sending PHISH / VIRUS/ SCAMS /
>>>>>>> SPAM!
>>>>>>>
>>>>>>> Example: @209.85.218.43
>>>>>>>
>>>>>>> http://www.scammed.by/scam.php?id=185816
>>>>>>>
>>>>>>>
>>>>>>> Instead of SOLVING the abuse - Google chooses to send CRYPTIC
>>>>>>> technical failure messages...
>>>>>>>
>>>>>>> Because they are a monopoly and they are simply just too large
>>>>>>> to care??
>>>>>>>
>>>>>>> Yes, of course!
>>>>>>>
>>>>>>> Andre
>
Post hoc ergo propter hoc
--srs
> On 14-Apr-2016, at 8:38 PM, andre(a)ox.co.za wrote:
>
> On Thu, 14 Apr 2016 20:24:11 +0530
> Suresh Ramasubramanian <ops.lists(a)gmail.com> wrote:
>
>> I don't work for gmail fyi (as a quick google search will tell you,
>> or a Bing if you hate google so much) and I don't use sorbs either,
>> not since the late 2000s anyway.
>>
>> Without seeing a smtp txn with logging all the way up or a tcpdump I
>> am not sure what is going on but a read error probably means you're
>> dropping the smtp connection right after the 5xx without giving gmail
>> the time to gracefully QUIT the smtp session. Or vice versa
>
> No.
>
> This is a gmail bounce to a gmail customer (for example my own gmail
> account)
>
> nothing to do with @ox.co.za - except that @ox.co.za sends:
> JunkMail rejected - is in an RBL, see Client host blocked using Barracuda Reputation,
> see http://www.barracudanetworks.com/reputation/?r=1 etc etc.
>
> so, when Gmail cannot deliver to @ox.co.za - because of dnsbl (whether it
> is SORBS, SpamCop, SpamID.net or whomever, Gmail does not tell the
> customer that the mail is being returned because just a minute earlier
> google tried to drop 1000 phish on ox.co.za - instead tells the
> customer: "read error" technical failure -- it is not a technical
> failure at all! - it is simply that google is sp[amming (or being used
> by their users to distribute spyware/phish or whatever) and it is NOT A
> technical read error at all!
>
>
>
>> --srs
>>
>>> On 14-Apr-2016, at 8:05 PM, andre(a)ox.co.za wrote:
>>>
>>> On Thu, 14 Apr 2016 19:51:27 +0530
>>> Suresh Ramasubramanian <ops.lists(a)gmail.com> wrote:
>>>> This isn't quite mailop but anyway - what specifically do you mean
>>>> by replace here?
>>> Yes, but is is an abuse wok group - it is important that the group
>>> also discusses abuse, more so if their is abusive behavior from a
>>> huge multinational.
>>>
>>>> Do you strip mime parts that you consider spam or malware and
>>>> replace them with a suitable message? And is the gmail mta not
>>>> reacting well to that?
>>>>
>>>> Examples would be interesting - certainly much more interesting
>>>> than a vague rant.
>>> Not a vague rant at all - the original post already contains the
>>> information. Gmail is behaving poorly/abusively.
>>>
>>> maybe you require me to add additional information? - as there is
>>> ZERO chance that you do not know what I am complaining about...
>>>
>>> I do wonder why you are not simply replying honestly and openly?
>>>
>>> ... Gmail customer sends email from Gmail to @ox.co.za
>>>
>>> ox.co.za responds: Listed at SORBS Currently sending SPAM!
>>>
>>> Gmail sends "improved" bounce report to Gmail customer:
>>>
>>> example:
>>>
>>>> Date: 14 April 2016 at 14:09:39 SAST
>>>> To: customer(a)gmail.com
>>>>
>>>> Delivery to the following recipient failed permanently:
>>>>
>>>> andre(a)ox.co.za
>>>>
>>>> Technical details of permanent failure:
>>>> read error: generic::failed_precondition: read error (0): error
>>>>
>>>> ----- Original message -----
>>>
>>>
>>>> --srs
>>>
>>> andre
>>>
>>>
>>>
>>>
>>>
>>>
>>>>> On 14-Apr-2016, at 7:17 PM, andre(a)ox.co.za wrote:
>>>>>
>>>>> Hello,
>>>>>
>>>>> Incase anyone receives weird NON RFC bounces, from @gmail.com
>>>>> customers saying:
>>>>>
>>>>> Technical details of permanent failure:
>>>>> read error: generic::failed_precondition: read error (0): error
>>>>>
>>>>> What this means is:
>>>>>
>>>>> Google Inc does REPLACE the "Blocked for abuse / spam /scams /
>>>>> phish / virus / spyware messages from the various filters
>>>>>
>>>>> and sens a cryptic non RFC message to their users implying that
>>>>> the receivers email server is broken in some way....
>>>>>
>>>>> This is truly EVIL of Google to do...
>>>>>
>>>>> As they, Google are the ones sending PHISH / VIRUS/ SCAMS / SPAM!
>>>>>
>>>>> Example: @209.85.218.43
>>>>>
>>>>> http://www.scammed.by/scam.php?id=185816
>>>>>
>>>>>
>>>>> Instead of SOLVING the abuse - Google chooses to send CRYPTIC
>>>>> technical failure messages...
>>>>>
>>>>> Because they are a monopoly and they are simply just too large to
>>>>> care??
>>>>>
>>>>> Yes, of course!
>>>>>
>>>>> Andre
>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In message , andre(a)ox.co.za writes
>Incase anyone receives weird NON RFC bounces, from @gmail.com customers
>saying:
>
>Technical details of permanent failure:
>read error: generic::failed_precondition: read error (0): error
>
>What this means is:
>
>Google Inc does REPLACE the "Blocked for abuse / spam /scams / phish /
>virus / spyware messages from the various filters
>
>and sens a cryptic non RFC message to their users implying that the
>receivers email server is broken in some way....
>
>This is truly EVIL of Google to do...
>
>As they, Google are the ones sending PHISH / VIRUS/ SCAMS / SPAM!
>
>Example: @209.85.218.43
>
>http://www.scammed.by/scam.php?id=185816
This is a complex example involving an email delivered to a gmail
account and forwarded from there to Yahoo
I cannot see "failed_precondition" anywhere on that page at all :-(
- --
richard Richard Clayton
Those who would give up essential Liberty, to purchase a Benjamin
little temporary Safety, deserve neither Liberty nor Safety. Franklin
-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1
iQA/AwUBVw+uJju8z1Kouez7EQLTHQCg/Pmx1aoc8dggv+u24arozup8p7MAnjw0
R0+PztMI5ooo3trIcOro7Ecv
=yK7e
-----END PGP SIGNATURE-----
I don't work for gmail fyi (as a quick google search will tell you, or a Bing if you hate google so much) and I don't use sorbs either, not since the late 2000s anyway.
Without seeing a smtp txn with logging all the way up or a tcpdump I am not sure what is going on but a read error probably means you're dropping the smtp connection right after the 5xx without giving gmail the time to gracefully QUIT the smtp session. Or vice versa
--srs
> On 14-Apr-2016, at 8:05 PM, andre(a)ox.co.za wrote:
>
> On Thu, 14 Apr 2016 19:51:27 +0530
> Suresh Ramasubramanian <ops.lists(a)gmail.com> wrote:
>> This isn't quite mailop but anyway - what specifically do you mean by
>> replace here?
> Yes, but is is an abuse wok group - it is important that the group also
> discusses abuse, more so if their is abusive behavior from a huge
> multinational.
>
>> Do you strip mime parts that you consider spam or malware and replace
>> them with a suitable message? And is the gmail mta not reacting well
>> to that?
>>
>> Examples would be interesting - certainly much more interesting than
>> a vague rant.
> Not a vague rant at all - the original post already contains the
> information. Gmail is behaving poorly/abusively.
>
> maybe you require me to add additional information? - as there is ZERO
> chance that you do not know what I am complaining about...
>
> I do wonder why you are not simply replying honestly and openly?
>
> ... Gmail customer sends email from Gmail to @ox.co.za
>
> ox.co.za responds: Listed at SORBS Currently sending SPAM!
>
> Gmail sends "improved" bounce report to Gmail customer:
>
> example:
>
>> Date: 14 April 2016 at 14:09:39 SAST
>> To: customer(a)gmail.com
>>
>> Delivery to the following recipient failed permanently:
>>
>> andre(a)ox.co.za
>>
>> Technical details of permanent failure:
>> read error: generic::failed_precondition: read error (0): error
>>
>> ----- Original message -----
>
>
>> --srs
>
> andre
>
>
>
>
>
>
>>> On 14-Apr-2016, at 7:17 PM, andre(a)ox.co.za wrote:
>>>
>>> Hello,
>>>
>>> Incase anyone receives weird NON RFC bounces, from @gmail.com
>>> customers saying:
>>>
>>> Technical details of permanent failure:
>>> read error: generic::failed_precondition: read error (0): error
>>>
>>> What this means is:
>>>
>>> Google Inc does REPLACE the "Blocked for abuse / spam /scams /
>>> phish / virus / spyware messages from the various filters
>>>
>>> and sens a cryptic non RFC message to their users implying that the
>>> receivers email server is broken in some way....
>>>
>>> This is truly EVIL of Google to do...
>>>
>>> As they, Google are the ones sending PHISH / VIRUS/ SCAMS / SPAM!
>>>
>>> Example: @209.85.218.43
>>>
>>> http://www.scammed.by/scam.php?id=185816
>>>
>>>
>>> Instead of SOLVING the abuse - Google chooses to send CRYPTIC
>>> technical failure messages...
>>>
>>> Because they are a monopoly and they are simply just too large to
>>> care??
>>>
>>> Yes, of course!
>>>
>>> Andre
>
This isn't quite mailop but anyway - what specifically do you mean by replace here?
Do you strip mime parts that you consider spam or malware and replace them with a suitable message? And is the gmail mta not reacting well to that?
Examples would be interesting - certainly much more interesting than a vague rant.
--srs
> On 14-Apr-2016, at 7:17 PM, andre(a)ox.co.za wrote:
>
> Hello,
>
> Incase anyone receives weird NON RFC bounces, from @gmail.com customers
> saying:
>
> Technical details of permanent failure:
> read error: generic::failed_precondition: read error (0): error
>
> What this means is:
>
> Google Inc does REPLACE the "Blocked for abuse / spam /scams / phish /
> virus / spyware messages from the various filters
>
> and sens a cryptic non RFC message to their users implying that the
> receivers email server is broken in some way....
>
> This is truly EVIL of Google to do...
>
> As they, Google are the ones sending PHISH / VIRUS/ SCAMS / SPAM!
>
> Example: @209.85.218.43
>
> http://www.scammed.by/scam.php?id=185816
>
>
> Instead of SOLVING the abuse - Google chooses to send CRYPTIC technical
> failure messages...
>
> Because they are a monopoly and they are simply just too large to care??
>
> Yes, of course!
>
> Andre
>
Hello,
Incase anyone receives weird NON RFC bounces, from @gmail.com customers
saying:
Technical details of permanent failure:
read error: generic::failed_precondition: read error (0): error
What this means is:
Google Inc does REPLACE the "Blocked for abuse / spam /scams / phish /
virus / spyware messages from the various filters
and sens a cryptic non RFC message to their users implying that the
receivers email server is broken in some way....
This is truly EVIL of Google to do...
As they, Google are the ones sending PHISH / VIRUS/ SCAMS / SPAM!
Example: @209.85.218.43
http://www.scammed.by/scam.php?id=185816
Instead of SOLVING the abuse - Google chooses to send CRYPTIC technical
failure messages...
Because they are a monopoly and they are simply just too large to care??
Yes, of course!
Andre
Dear colleagues,
The RIPE NCC has published a transparency report that details the nature
of the requests we received from law enforcement agencies (LEAs) in 2015.
https://www.ripe.net/ripe/docs/ripe-664
Kind regards,
Athina Fragkouli
Legal Counsel
RIPE NCC
Another millionth phishing that I get of this provider - Aruba.it - managed by motherfuckers. Criminal psychopaths. A provider above the law, rules and regulations. A provider managed by greedy psychopaths.
For years this provider (Aruba.it) has been complicit in this practice of crime - phishing.
Nobody does anything. If only these domains were blocked, more days less days, Aruba would have to stop practicing crime.
And gmail-google and Cert.br and RIPE, partners of this criminal activity, do nothing. Psychopaths greedy. Mobsters.
No one, no one has the right to complain about my impoliteness. Two years complaining, denouncing without solution, gives me the right to qualify them as they deserve. Learn to respect to be respected, motherfuckers. Block my email is hard work, is not motherfucker?
I'm impressed. The lack of ethics, turpitude, the rascality, greed and lack of respect for people shows a rotten globalized economy where even the ISIS is a lesser evil, much smaller. Volkswagen is the caricature of all of you. The agenda is "cheat if you can, if possible try don't get caught as Volkswagen, HSBC, Chartered, FIFA, Brazilian government, Petrobras, Odebrecht...” God save NSA! Long live the NSA! Fuck the spammers, scammers, ISPs and Registrars!
From: toolbar(a)netcraft.com
Sent: Friday, April 08, 2016 12:41 PM
To: marilson.mapa
Subject: Thank you from Netcraft
The URL you recently submitted has been accepted as a phishing site by
Netcraft.
URL:
http://www. art-design.uz/ rt.php
Netcraft
McAfee Home→Customer URL Ticketing System
Categorization in URL Filter database version '192766'
Parte superior do formulário
URL
Status
Categorization
Reputation
http://www.art-design.uz
Categorized URL
- Phishing
High Risk
https://sitecheck.sucuri.net/results/art-design.uz
Free Website Malware and Security Scanner
--------------------------------------------------------------------------------
· SiteCheck Results
· Website Details
· Blacklist Status
Warning: Malicious Code Detected on This Website!
Website:
art-design.uz
Status:
Infected With Malware. Immediate Action is Required.
Web Trust:
Blacklisted (10 Blacklists Checked): Indicates that a major security company (such as Google, McAfee, Norton, etc) is blocking access to your website for security reasons. Please see our recommendation below to fix this issue and restore your traffic.
Scan
Result
Severity
Recommendation
WebsiteBlacklisting
Detected
Critical
CLEAN UP Clean Up & Remove Blacklisting
Malware
Detected
Critical
GET YOUR SITE CLEANED
ISSUE DETECTED
DEFINITION
INFECTED URL
Website Malware
MW:JS:GEN2?web.js.malware.fake_jquery.001
http://art-design.uz/about-us ( View Payload )
Website Malware
MW:JS:GEN2?web.js.malware.fake_jquery.001
http://art-design.uz/gallery ( View Payload )
Website Malware
MW:JS:GEN2?web.js.malware.fake_jquery.001
http://art-design.uz/uslugi ( View Payload )
Website Malware
MW:JS:GEN2?web.js.malware.fake_jquery.001
http://art-design.uz/akciya ( View Payload )
Website Malware
MW:JS:GEN2?web.js.malware.fake_jquery.001
http://art-design.uz/clients ( View Payload )
http://quttera.com/detailed_report/www.art-design.uz
Warning: Malware Detected On This Website!
Normalized URL:
http://www.art-design.uz:80
Submission date:
Fri Apr 8 16:16:56 2016
Server IP address:
62.209.133.18
Country:
Uzbekistan
Server:
nginx
Malicious files:
53
https://www.virustotal.com/en-gb/url/60cf806ef36cd83e6efeaf20dfea7a07cce066…
URL:
http://www.art-design.uz/
URL Scanner
Result
Quttera
Malicious site
Marilson
HEADER
Delivered-To: marilson.mapa(a)gmail.com
Received: by 10.182.44.36 with SMTP id b4csp19994obm;
Fri, 8 Apr 2016 06:53:45 -0700 (PDT)
X-Received: by 10.28.68.70 with SMTP id r67mr4134160wma.80.1460123625854;
Fri, 08 Apr 2016 06:53:45 -0700 (PDT)
Return-Path: <afdg(a)www.avvocatiforosmcv.com>
Received: from smtplqs-out29.aruba.it (smtplqs-out29.aruba.it. [62.149.158.69])
by mx.google.com with ESMTPS id wt3si13493944wjb.215.2016.04.08.06.53.45
for <marilson.mapa(a)gmail.com>
(version=TLS1 cipher=AES128-SHA bits=128/128);
Fri, 08 Apr 2016 06:53:45 -0700 (PDT)
Received-SPF: neutral (google.com: 62.149.158.69 is neither permitted nor denied by best guess record for domain of afdg(a)www.avvocatiforosmcv.com) client-ip=62.149.158.69;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 62.149.158.69 is neither permitted nor denied by best guess record for domain of afdg(a)www.avvocatiforosmcv.com) smtp.mailfrom=afdg(a)www.avvocatiforosmcv.com
Received: from webxc49s04.ad.aruba.it ([62.149.145.90])
by smartcmd03.ad.aruba.it with bizsmtp
id fptl1s00n1xEgfS01ptlUt; Fri, 08 Apr 2016 15:53:45 +0200
Received: (qmail 13573 invoked by uid 19189154); 8 Apr 2016 13:53:45 -0000
To: marilson.mapa(a)gmail.com
Subject: Cadastramento
X-PHP-Originating-Script: 19189154:index.php
Date: Fri, 8 Apr 2016 15:53:45 +0200
From: Santander-GH <afdg(a)www.avvocatiforosmcv.com>
Message-ID: <0b5f83583bdb7ab60b5f53ef0173eb8b(a)www.futurochateau.it>
X-Priority: 3
X-Mailer: PHPMailer [version 1.73]
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/html; charset="iso-8859-1"
TEXT – hiperlink removed - URL http:// www.art-design.uz/ rt.php
From: Santander-GH
Sent: Friday, April 08, 2016 10:53 AM
To: marilson.mapa(a)gmail.com
Subject: Cadastramento
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
From: Marilson
Sent: Friday, April 01, 2016 9:28 PM
To: abuse(a)staff.aruba.it ; abuse(a)cdmon.com
Cc: gmail-abuse(a)google.com ; mail-abuse(a)cert.br ; reportphishing(a)apwg.org
Subject: Conspiracy and crime
This must be the millionth phishing that I get of this provider - Aruba.it - managed by motherfuckers. Criminal psychopaths.
And gmail-google and Cert.br, partners of this criminal activity, do nothing. Psychopaths greedy. Mobsters.
https://www.virustotal.com/en-gb/url/1aedbf1bd01aa36211bb92a638922849bfcc78…
URL Scanner Result
Netcraft Malicious site
Fortinet Phishing site
Kaspersky Phishing site
-----Mensagem Original-----
From: toolbar(a)netcraft.com
Sent: Friday, April 01, 2016 5:36 PM
To: marilson.mapa
Subject: Thank you from Netcraft
The URL you recently submitted has been accepted as a phishing site by Netcraft.
URL: http:// www. hospital-macarena.com/ nf.php
Netcraft
As you all will keep practicing crime and protecting criminals without legal consequences, with your government pretending nothing see, to ensure the billing and the jobs of the natives, I suggest taking this phishing spam, to print and wipe your ass, incompetents of shit!
You are all part of the same gang of criminals, specialists in irritate and steal money from the planet's population, and with the knowledge and blessing of your governments and sociopaths security forces.
The lack of ethics, turpitude, the rascality, greed and lack of respect for people shows a rotten globalized economy where even the ISIS is a lesser evil, much smaller. Volkswagen and HSBC are the caricature of all of you. Fuck all of you!
Marilson
HEADER
Delivered-To: marilson.mapa(a)gmail.com
Received: by 10.182.44.36 with SMTP id b4csp375487obm;
Fri, 1 Apr 2016 10:41:00 -0700 (PDT)
X-Received: by 10.194.205.138 with SMTP id lg10mr6118887wjc.153.1459532459975;
Fri, 01 Apr 2016 10:40:59 -0700 (PDT)
Return-Path: <faze_postmaster(a)ristorantepizzeriacasanova.comsaiserramenti.com>
Received: from smtplqs-out29.aruba.it (smtplqs-out29.aruba.it. [62.149.158.69])
by mx.google.com with ESMTPS id v3si17901444wjf.31.2016.04.01.10.40.59
for <marilson.mapa(a)gmail.com>
(version=TLS1 cipher=AES128-SHA bits=128/128);
Fri, 01 Apr 2016 10:40:59 -0700 (PDT)
Received-SPF: neutral (google.com: 62.149.158.69 is neither permitted nor denied by best guess record for domain of faze_postmaster(a)ristorantepizzeriacasanova.comsaiserramenti.com) client-ip=62.149.158.69;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 62.149.158.69 is neither permitted nor denied by best guess record for domain of faze_postmaster(a)ristorantepizzeriacasanova.comsaiserramenti.com) smtp.mailfrom=faze_postmaster(a)ristorantepizzeriacasanova.comsaiserramenti.com
Received: from webxc55s03.ad.aruba.it ([62.149.145.127])
by smartcmd03.ad.aruba.it with bizsmtp
id d5gz1s00w2l8Z9J015gzp0; Fri, 01 Apr 2016 19:40:59 +0200
Received: (qmail 47889 invoked by uid 19142460); 1 Apr 2016 17:40:59 -0000
To: marilson.mapa(a)gmail.com
Subject: Santander-NET
X-PHP-Originating-Script: 19142460:index.php
Date: Fri, 1 Apr 2016 19:40:59 +0200
From: "COMUNICADO." <faze_postmaster(a)ristorantepizzeriacasanova.comsaiserramenti.com>
Message-ID: <808a17e0f1497ac6c4edf17c37e9decb(a)www.asdjacquescousteau.com>
X-Priority: 3
X-Mailer: PHPMailer [version 1.73]
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/html; charset="iso-8859-1"
TEXT URL http:// www. hospital-macarena.com/ nf.php
From: COMUNICADO.
Sent: Friday, April 01, 2016 2:40 PM
To: marilson.mapa(a)gmail.com
Subject: Santander-NET
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
From: Marilson
Sent: Wednesday, March 23, 2016 1:02 PM
To: abuse(a)staff.aruba.it ; info(a)colombiahosting.com.co
Cc: gmail-abuse(a)google.com ; mail-abuse(a)cert.br ; crime.internet(a)dpf.gov.br
Subject: Conspiracy and crime
Gentlemen,
You are practicing crime sending phishing - http:// zringenieriasa.com.co/ default.
This phishing website is owned by ColombiaHosting S.A.S.
VIRUSTOTAL: https://www.virustotal.com/en-gb/url/5529e29a93e1d37b3a77b29dfb6ec06808c5e2…
URL Scanner Result
CRDF Malicious site
Netcraft Malicious site
Opera Malicious site
Sophos Malicious site
Fortinet Phishing site
Kaspersky Phishing site
As you all will keep practicing crime and protecting criminals without legal consequences, with your government pretending nothing see, to ensure the billing and the jobs of the natives, I suggest taking this phishing spam, to print and wipe your ass, incompetents of shit!
So Aruba.it, I don’t care if the criminal is using your hostname and IP – smtplqs-out34.aruba.it IP 62.149.158.74 - to send scam. But, shame on you! What matters is who is hosting the phishing website practicing scam and stealing financial data from incautious people. You are all part of the same gang of criminals, specialists in irritate and steal money from the planet's population, and with the knowledge and blessing of your governments and sociopaths security forces.
The lack of ethics, turpitude, the rascality, greed and lack of respect for people shows a rotten globalized economy where even the ISIS is a lesser evil, much smaller. Volkswagen and HSBC are the caricature of all of you.
Marilson
HEADER
Delivered-To: marilson.mapa(a)gmail.com
Received: by 10.31.194.70 with SMTP id s67csp2289994vkf;
Tue, 22 Mar 2016 09:30:33 -0700 (PDT)
X-Received: by 10.28.99.6 with SMTP id x6mr22382468wmb.46.1458664233774;
Tue, 22 Mar 2016 09:30:33 -0700 (PDT)
Return-Path: <hosting.windows(a)aruba.it>
Received: from smtplqs-out34.aruba.it (smtplqs-out34.aruba.it. [62.149.158.74])
by mx.google.com with ESMTP id h12si19235152wme.92.2016.03.22.09.30.33
for <marilson.mapa(a)gmail.com>;
Tue, 22 Mar 2016 09:30:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of hosting.windows(a)aruba.it designates 62.149.158.74 as permitted sender) client-ip=62.149.158.74;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of hosting.windows(a)aruba.it designates 62.149.158.74 as permitted sender) smtp.mailfrom=hosting.windows(a)aruba.it
Received: from websn1s056.aruba.it ([31.11.32.66])
by smartcmd04.ad.aruba.it with bizsmtp
id Z4WZ1s0041Rc5db014WZAP; Tue, 22 Mar 2016 17:30:33 +0100
Received: from websn1s056 ([127.0.0.1]) by websn1s056.aruba.it with Microsoft SMTPSVC(8.5.9600.16384);
Tue, 22 Mar 2016 17:30:32 +0100
Date: Tue, 22 Mar 2016 17:30:32 +0100
Subject: Prezado(a) marilson.mapa(a)gmail.com | Protocolo: [13448]
To: marilson.mapa(a)gmail.com
From: Suporte ltaú <post26432>
Reply-To:Suporte ltaú <post26432>
X-Mailer: Interspire5.2.14MIME-Version: 1.0
Content-type: text/html; charset=ISO-8859-1
Return-Path: hosting.windows(a)aruba.it
Message-ID: <WEBSN1S056qGngOZ2L30000f3af(a)websn1s056.aruba.it>
X-OriginalArrivalTime: 22 Mar 2016 16:30:32.0972 (UTC) FILETIME=[27C5D4C0:01D18458]
TEXT – URL http:// zringenieriasa.com.co/ default
From: post26432
Sent: Tuesday, March 22, 2016 1:30 PM
To: marilson.mapa(a)gmail.com
Subject: Prezado(a) marilson.mapa(a)gmail.com | Protocolo: [13448]
10th March 2016
Denis wrote:
>> I was not making any decision just expressing an opinion just as Elvis
>> expressed his opinion on my implementation :)
Randy Bush replied:
> your opinion was of elvis not his position.? this is called ad homina,
> which you seem to repeat
Tell me Mr Bush, when you wrote, about me, at
Fri, 04 Mar 2016 08:28:10 -0800
>>> and i always love ad hominem attacks; a sure sign of a loser.
were you marking your position or insulting a wg member?
Sander Steffann wrote:
> Excuse me, but you do not get to decide that a fellow working group
> member's contribution does not carry much weight. That is the working
> group chairs' job when deciding on consensus, and from experience I know
> that even the chairs only do that in very rare circumstances. Consensus is
> based on content and supporting arguments, not on whether you judge
> somebody worthy...
Whenever someone attacks the status quo, the keepers of this status quo,
care to disqualify morally who requires changes. Obviously you guys do not
have enough moral stature to give moral lesson anyone.
> Consensus is based on content and supporting arguments, not on whether you
> judge somebody worthy...
My complaints, my arguments, against abuse, were blocked, thrown in the
trash by the status quo guardians. Who put the finger on the wound will be
persecuted and disqualified. What remains is the certainty that we are not
greedy psychopaths and want an ethical and honest email marketing.
Marilson
-----Mensagem Original-----
From: anti-abuse-wg-request(a)ripe.net
Sent: Saturday, March 12, 2016 1:29 AM
To: anti-abuse-wg(a)ripe.net
Subject: anti-abuse-wg Digest, Vol 53, Issue 27
Send anti-abuse-wg mailing list submissions to
anti-abuse-wg(a)ripe.net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
or, via email, send a message with subject or body 'help' to
anti-abuse-wg-request(a)ripe.net
You can reach the person managing the list at
anti-abuse-wg-owner(a)ripe.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of anti-abuse-wg digest..."
Today's Topics:
1. Re: [db-wg] objection to RIPE policy proposal 2016-01
(Sander Steffann)
2. Fw: [db-wg] objection to RIPE policy proposal 2016-01
(ripedenis(a)yahoo.co.uk)
3. Re: Fw: [db-wg] objection to RIPE policy proposal 2016-01
(Brian Nisbet)
4. Re: [db-wg] Fw: objection to RIPE policy proposal 2016-01
(ripedenis(a)yahoo.co.uk)
----------------------------------------------------------------------
Message: 1
Date: Fri, 11 Mar 2016 16:54:34 +0100
From: Sander Steffann <sander(a)steffann.nl>
To: denis <ripedenis(a)yahoo.co.uk>
Cc: Database WG <db-wg(a)ripe.net>, "anti-abuse-wg(a)ripe.net"
<anti-abuse-wg(a)ripe.net>
Subject: Re: [anti-abuse-wg] [db-wg] objection to RIPE policy proposal
2016-01
Message-ID: <BECAB65B-1EAB-477C-A3EC-4E1224ADE378(a)steffann.nl>
Content-Type: text/plain; charset="windows-1252"
Hello Denis,
> Sorry Elvis but you are neither a software engineer nor a regular user
> inputting data into the RIPE Database. So your unsubstantiated statement
> of 'poor' does not carry much weight.
Excuse me, but you do not get to decide that a fellow working group member's
contribution does not carry much weight. That is the working group chairs'
job when deciding on consensus, and from experience I know that even the
chairs only do that in very rare circumstances. Consensus is based on
content and supporting arguments, not on whether you judge somebody
worthy...
Cheers,
Sander
