Home |
Search |
Today's Posts |
#2
Posted to rec.photo.digital,news.admin.net-abuse.email,rec.audio.pro,misc.legal
|
|||
|
|||
The recent flood to rec.photo.digital,news.admin.net-abuse.email, rec.audio.pro,misc.legal
On Tue, 27 Jun 2006 13:21:12 -0400, admin
opined: Hello, It is with some regret that I am posting here to clarify a problem that your newsgroup and I as the administrator of tsbbearings.net are experiencing. I, for one, very much appreciate your courtesy in addressing this issue. -- Displayed Email Address is a SPAM TRAP Our DNSRBL - Eliminate Spam at the Source: http://www.TQMcube.com Don't Subsidize Criminals: http://boulderpledge.org SPEWS Delisting FAQ: http://tqmcube.com/spews.php |
#3
Posted to rec.photo.digital,news.admin.net-abuse.email,rec.audio.pro,misc.legal
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal
"Gary L. Burnore" wrote in message ... On Tue, 27 Jun 2006 13:21:12 -0400, admin wrote: Hello, It is with some regret that I am posting here to clarify a problem that your newsgroup and I as the administrator of tsbbearings.net are experiencing. You are seeing a lot of annoying, nonsensical, very rude, explicit post with the following headers: Organization: TSB Bearings USA X-Trace: tsbbearings.net 209.51.186.226 Original-NNTP-Posting-Host: 209.51.186.226 X-Complaints-To: Lines: 61 Newsgroups: microsoft.public.test.here,rec.photo.digital NNTP-Posting-Host: host32.200-117-180.telecom.net.ar 200.117.180.32 These posts did not originated for tsbbearings.net. The IP in question is one of our web servers and does not accept or propagate nntp connections at all. Port 119 is closed. The person who is doing this is exploiting a computer that has been compromised by a trojan. that computer is on a dynamic IP address that belongs to telecom.net.ar. If you would like to compalint to them the abuse address is: I apologize for the disruption that has inadvertently been attributed to my server. Bowtie doesn't do anything inadvertently. You must have said something to upset him. -- gburnore at DataBasix dot Com --------------------------------------------------------------------------- How you look depends on where you go. --------------------------------------------------------------------------- Gary L. Burnore | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³ | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³ Official .sig, Accept no substitutes. | ÝÛ³ºÝ³Þ³ºÝ³³Ýۺݳ޳ºÝ³Ý³Þ³ºÝ³ÝÝÛ³ | ÝÛ 0 1 7 2 3 / Ý³Þ 3 7 4 9 3 0 Û³ Black Helicopter Repair Services, Ltd.| Official Proof of Purchase ================================================== ========================= Could Lamie have done this? -- GNUEMAIL Postmaster postmasteratgnuemail.com --- |
#4
Posted to rec.audio.pro
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal
"David Cary Hart" wrote in message... I, for one, very much appreciate your courtesy in addressing this issue. I only hope they DO help address the issue. This is a lot more informative than the '****-off, it's not our IP' response that I got earlier. I'm not a web guru, I was just looking for help to stop the problem. |
#5
Posted to rec.audio.pro
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal
In article 1oeog.26995$Xn.10585@trnddc05,
David Morgan \(MAMS\) wrote: "David Cary Hart" wrote in message... I, for one, very much appreciate your courtesy in addressing this issue. I only hope they DO help address the issue. This is a lot more informative than the '****-off, it's not our IP' response that I got earlier. I'm not a web guru, I was just looking for help to stop the problem. In general, the telecom.net.ar guys aren't going to address anything, and getting a UDP organized these days is a major pain. This is the sad state that Usenet has fallen into today. Talk to your news admin and have him run cleanfeed. Cleanfeed is a wonderful thing and drops all binary posts to discussion groups on the ground, as well as multiposts and all kinds of spam. It comes bundled with INN and I think you can install it even with old CNEWS servers. Cleanfeed makes Usenet a much better place and if more sites ran it, nobody would be seeing any of this junk. --scott -- "C'est un Nagra. C'est suisse, et tres, tres precis." |
#6
Posted to rec.audio.pro
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal
"Scott Dorsey" wrote in message ... In article 1oeog.26995$Xn.10585@trnddc05, David Morgan \(MAMS\) wrote: "David Cary Hart" wrote in message... I, for one, very much appreciate your courtesy in addressing this issue. I only hope they DO help address the issue. This is a lot more informative than the '****-off, it's not our IP' response that I got earlier. I'm not a web guru, I was just looking for help to stop the problem. In general, the telecom.net.ar guys aren't going to address anything, and getting a UDP organized these days is a major pain. This is the sad state that Usenet has fallen into today. Talk to your news admin and have him run cleanfeed. Cleanfeed is a wonderful thing and drops all binary posts to discussion groups on the ground, as well as multiposts and all kinds of spam. It comes bundled with INN and I think you can install it even with old CNEWS servers. Cleanfeed makes Usenet a much better place and if more sites ran it, nobody would be seeing any of this junk. I wrote Verizon at 3:30 am.... the same time I write to TSB Bearings USA. Apparently the perp either got tired and went to bed or the ISP took action. There were no more posts here after 9:30 am. DM |
#7
Posted to rec.photo.digital,news.admin.net-abuse.email,rec.audio.pro,misc.legal
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal
Le 27 Jun 2006, "GNUEMAIL Postmaster" a écrit :
Could Lamie have done this? Unfortunately, no, he’s far too stupid. -- My little NANAE hangout: http://etaoin.zapto.org To e-mail me KEEP THE ".nospam" portion of my address !!! NSA snoop trigger: “When he was a kid, the president of the United Cigar Stores liked to kill time by throwing water bombs at anthills”. Have you hugged a cat today??? |
#8
Posted to rec.photo.digital,news.admin.net-abuse.email,rec.audio.pro,misc.legal
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email,rec.audio.pro,misc.legal
admin wrote:
Hello, It is with some regret that I am posting here to clarify a problem that your newsgroup and I as the administrator of tsbbearings.net are experiencing. You are seeing a lot of annoying, nonsensical, very rude, explicit post with the following headers: Organization: TSB Bearings USA X-Trace: tsbbearings.net 209.51.186.226 Original-NNTP-Posting-Host: 209.51.186.226 X-Complaints-To: Lines: 61 Newsgroups: microsoft.public.test.here,rec.photo.digital NNTP-Posting-Host: host32.200-117-180.telecom.net.ar 200.117.180.32 These posts did not originated for tsbbearings.net. The IP in question is one of our web servers and does not accept or propagate nntp connections at all. Port 119 is closed. The person who is doing this is exploiting a computer that has been compromised by a trojan. that computer is on a dynamic IP address that belongs to telecom.net.ar. If you would like to compalint to them the abuse address is: I apologize for the disruption that has inadvertently been attributed to my server. Is there anyway we can block his posts? Dave Cohen |
#9
Posted to rec.audio.pro
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal
|
#10
Posted to rec.photo.digital,news.admin.net-abuse.email,rec.audio.pro,misc.legal
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email,rec.audio.pro,misc.legal
In article o5hog.1399$%67.355@trndny02, Dave Cohen wrote:
Is there anyway we can block his posts? 1. Ask your ISP to run cleanfeed, or get their feed from someone who does. 2. Put /^Path:*telecom.net.ar*/ in your killfile. --scott -- "C'est un Nagra. C'est suisse, et tres, tres precis." |
#11
Posted to rec.photo.digital,news.admin.net-abuse.email,rec.audio.pro,misc.legal
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal
"Scott Dorsey" wrote in message ... In article o5hog.1399$%67.355@trndny02, Dave Cohen wrote: Is there anyway we can block his posts? 1. Ask your ISP to run cleanfeed, or get their feed from someone who does. 2. Put /^Path:*telecom.net.ar*/ in your killfile. --scott -- "C'est un Nagra. C'est suisse, et tres, tres precis." For me I found it a trivial exercise to simply delete them. |
#12
Posted to rec.photo.digital,news.admin.net-abuse.email,rec.audio.pro,misc.legal
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal
"Pete D" wrote ...
For me I found it a trivial exercise to simply delete them. While most of the subject lines were clearly garbage, some of them were realistic enought to fool me. The malware writers are getting better (unfortunately :-( |
#13
Posted to rec.photo.digital,news.admin.net-abuse.email,rec.audio.pro,misc.legal
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal
"Richard Crowley" wrote in message ... "Pete D" wrote ... For me I found it a trivial exercise to simply delete them. While most of the subject lines were clearly garbage, some of them were realistic enought to fool me. The malware writers are getting better (unfortunately :-( I am not really sure what the idea of swamping a newsgroup with rubbish but I guess they have a reason, they probably just need to take the red pill! |
#14
Posted to rec.photo.digital,news.admin.net-abuse.email,rec.audio.pro,misc.legal
|
|||
|
|||
The recent flood to rec.photo.digital,news.admin.net-abuse.email, rec.audio.pro,misc.legal
Further information with regard to the abusive messages posted here.
We have further determined that the posts trojan computer is being controlled from a US IP address, 71.244.99.41, a Verizon wireless address as well as 71.123.37.227, a Verizon non-wireless address. A search has revealed previous posts from an individual to these groups, and discussions are underway with administrators at Verizon to determine the culprit involved. The trojan looks to have been shut down, however others may be in place and so determining the exact source of the abuse is continuing. If anyone has further additional information we would be happy to receive it. Hello, It is with some regret that I am posting here to clarify a problem that your newsgroup and I as the administrator of tsbbearings.net are experiencing. You are seeing a lot of annoying, nonsensical, very rude, explicit post with the following headers: Organization: TSB Bearings USA X-Trace: tsbbearings.net 209.51.186.226 Original-NNTP-Posting-Host: 209.51.186.226 X-Complaints-To: Lines: 61 Newsgroups: microsoft.public.test.here,rec.photo.digital NNTP-Posting-Host: host32.200-117-180.telecom.net.ar 200.117.180.32 These posts did not originated for tsbbearings.net. The IP in question is one of our web servers and does not accept or propagate nntp connections at all. Port 119 is closed. The person who is doing this is exploiting a computer that has been compromised by a trojan. that computer is on a dynamic IP address that belongs to telecom.net.ar. If you would like to compalint to them the abuse address is: I apologize for the disruption that has inadvertently been attributed to my server. |
#15
Posted to rec.photo.digital,news.admin.net-abuse.email,rec.audio.pro,misc.legal
|
|||
|
|||
The recent flood to rec.photo.digital, news.admin.net-abuse.email, rec.audio.pro,misc.legal
Pete D wrote:
"Richard Crowley" wrote in message ... "Pete D" wrote ... For me I found it a trivial exercise to simply delete them. While most of the subject lines were clearly garbage, some of them were realistic enought to fool me. The malware writers are getting better (unfortunately :-( I am not really sure what the idea of swamping a newsgroup with rubbish but I guess they have a reason, they probably just need to take the red pill! I'd prefer that they take the Black Capsule. -- --John to email, dial "usenet" and validate (was jclarke at eye bee em dot net) |