03-25-2009, 08:19 AM
|
|
|
Confirmed User
Industry Role:
Join Date: Aug 2006
Location: Nassau, Bahamas
Posts: 3,133
|
Quote:
Originally Posted by eroticsexxx
A spambot swarm seems to be using the name Menshealth.com in the "from" field, but the actual return address usually matches the address that the spam was sent to.
I've been tracking them and the links in the message body have been changed several times, but all lead to online pharmaceutical sites.
This is the registrant of the latest version (vipeager.com - 220.248.186.101 (chinese IP)):
DONGFANGCHANGQIN
HUACAOGONGYINGGONGSI
[email protected]
YINYUE, 2005451
A DNS trace for that domain leads to this guy:
Name : GAOLU
Organization : GAOLU
Address : GANGSHENLU72
City : huaianshi
Province/State : jiangsusheng
Country : china
Postal Code : 223058
Phone Number : 86-0517-58621036
Fax : 86-0517-58621036
Email : [email protected]
Sohu.cn is actually sohu.com - a chinese portal |
Quote:
Originally Posted by eroticsexxx
Getting the same type of email from Drugs.com. (same guys) The difference is that it is with a .CN online domain, instead of the recently registered .COM, and leads to a penis enlargement site.
The guys below are the ones to contact as they maintain the country-code top-level domain designated for China.
My suggestion other than a nice email? Forward all of the spam directly to them.
Administrative contact:
Hualin Qian
Computer Network Information Center,
Chinese Academy of Sciences
No.4, South 4th Street
Zhong Guan Cun
Beijing 100080
China
Email: [email protected]
Voice: +86 10 58812270
Fax: +86 10 58812290
Technical Contact:
Xiaodong LEE
China Internet Network Information Center
No.4, South 4th Street
Zhong Guan Cun
Beijing 100080
China
Email: [email protected]
Voice: +86 10 58813020
Fax: +86 10 58812666 103 |
__________________
|
|
|