Earlier this evening, I started getting emails saying that a message I supposedly tried to send could not be delivered for the past 4 hours, with this type of text:
---- Transcript of session follows -----
bgr@freecasinoplay.info... Deferred: Operation timed out with google.com.
Warning: message still undelivered after 4 hours
Will keep trying until message is 5 days old
Attached is a copy of the message I supposedly sent, giving the supposed recipient a log on and password to a forum I own.
However, I did not send such an email. I received several more, each one to a freecasinoplay.info domain, and each one with a different set of 3 letters before the @ symbol.
I did a search on the domain, and came up with:
Domain owner:
Looking for 'freecasinoplay.info'
Domain zone 'INFO' is for information
URL for registration of domains: www.afilias.info/register/
Server 'whois.afilias.net' reply [3099 bytes in raw data]:
Domain ID:D6138773-LRMS
Domain Name:FREECASINOPLAY.INFO
Created On:25-Aug-2004 06:36:20 UTC
Last Updated On:25-Oct-2005 20:48:23 UTC
Expiration Date:25-Aug-2006 06:36:20 UTC
Sponsoring Registrar:EstDomains, Inc. (R295-LRMS)
Status:OK
Registrant ID:C9374285-LRMS
Registrant Name:Alexander Makshin
Registrant Organization:Colanters Ltd
Registrant Street1:Nevskiy pr 12-54
Registrant Street2:
Registrant Street3:
Registrant City:St. peterburg
Registrant State/Province:Russia
Registrant Postal Code:335684
Registrant Country:RU
Registrant Phone:+910.81223072561
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:wm@only18plus.com
I also went further, did a search for the domain of only18plus.com and found this:
Domain owner:
Looking for 'only18plus.com'
Domain zone 'COM' is for commercial purposes
URL for registration of domains: www.internic.net/origin.html
Server 'whois.directnic.com' reply [2115 bytes in raw data]:
Registration and WHOIS Service provided by directNIC.com
Intercosmos Media Group, Inc. provides the data in the directNIC.com
Registrar WHOIS database for informational purposes only. The information
may only be used to assist in obtaining information about a domain name's
registration record.
directNIC makes this information available "as is", and does not guarantee
its accuracy.
Registrant:
Sbac LLC
709 Woodside ave.
Wilmington, DE 19809
US
1.866.420.7070
Domain Name: ONLY18PLUS.COM
Administrative Contact:
Smirnov, Andrey dilip@yobucks.com
709 Woodside ave.
Wilmington, DE 19809
US
1.866.420.7070
(A further search for the domain, yobucks.com, returns the same contact, Smirnov, Andrey)
Now that I have this information, I can use any/all suggestions on how to stop the spammers, who to report them to, and anything else I can do.
I sent copies of the spam email to: abuse@above.net
as well as to network-abuse@cc.yahoo-inc.com
Any help would be greatly appreciated.
---- Transcript of session follows -----
bgr@freecasinoplay.info... Deferred: Operation timed out with google.com.
Warning: message still undelivered after 4 hours
Will keep trying until message is 5 days old
Attached is a copy of the message I supposedly sent, giving the supposed recipient a log on and password to a forum I own.
However, I did not send such an email. I received several more, each one to a freecasinoplay.info domain, and each one with a different set of 3 letters before the @ symbol.
I did a search on the domain, and came up with:
Domain owner:
Looking for 'freecasinoplay.info'
Domain zone 'INFO' is for information
URL for registration of domains: www.afilias.info/register/
Server 'whois.afilias.net' reply [3099 bytes in raw data]:
Domain ID:D6138773-LRMS
Domain Name:FREECASINOPLAY.INFO
Created On:25-Aug-2004 06:36:20 UTC
Last Updated On:25-Oct-2005 20:48:23 UTC
Expiration Date:25-Aug-2006 06:36:20 UTC
Sponsoring Registrar:EstDomains, Inc. (R295-LRMS)
Status:OK
Registrant ID:C9374285-LRMS
Registrant Name:Alexander Makshin
Registrant Organization:Colanters Ltd
Registrant Street1:Nevskiy pr 12-54
Registrant Street2:
Registrant Street3:
Registrant City:St. peterburg
Registrant State/Province:Russia
Registrant Postal Code:335684
Registrant Country:RU
Registrant Phone:+910.81223072561
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:wm@only18plus.com
I also went further, did a search for the domain of only18plus.com and found this:
Domain owner:
Looking for 'only18plus.com'
Domain zone 'COM' is for commercial purposes
URL for registration of domains: www.internic.net/origin.html
Server 'whois.directnic.com' reply [2115 bytes in raw data]:
Registration and WHOIS Service provided by directNIC.com
Intercosmos Media Group, Inc. provides the data in the directNIC.com
Registrar WHOIS database for informational purposes only. The information
may only be used to assist in obtaining information about a domain name's
registration record.
directNIC makes this information available "as is", and does not guarantee
its accuracy.
Registrant:
Sbac LLC
709 Woodside ave.
Wilmington, DE 19809
US
1.866.420.7070
Domain Name: ONLY18PLUS.COM
Administrative Contact:
Smirnov, Andrey dilip@yobucks.com
709 Woodside ave.
Wilmington, DE 19809
US
1.866.420.7070
(A further search for the domain, yobucks.com, returns the same contact, Smirnov, Andrey)
Now that I have this information, I can use any/all suggestions on how to stop the spammers, who to report them to, and anything else I can do.
I sent copies of the spam email to: abuse@above.net
as well as to network-abuse@cc.yahoo-inc.com
Any help would be greatly appreciated.
posted by:
|
Atlanta
|
