I have been doing some research into the new spam network I mentioned last Thursday. Below is a list of all of the “From: ” lines in the messages. This is 97 messages, with 56 domain names. If you go to the domain name mentioned in one of those email addresses, you get a blank page. If you check the Whois records for one of the domains, you get a domain protected by WhoisGuard. I’ve submitted a complaint to WhoisGuard, asking also if I can submit a bulk complaint about their customers. Here is a text list you can use to reject email from these domains.
The messages are not CAN-SPAM compliant, they do not include a physical mailing address in the message. Also note that the phrase “Follow-Up Postings:” is in each message, as they are also illegally copying text from various online discussion boards, probably in an attempt to confuse mail filters.
This is a listing of what IP addresses those domain names resolve to as of Sunday, May 8, 2011, 10:00am EDT.
- dogs-well.com has address 174.127.68.255
- cascadesdirect.net has address 67.228.113.157
- shopsnomi.com has address 174.142.22.117
- lezzburo.com has address 174.142.13.150
- resvieall.com has address 184.22.214.42
- lomedmazic.com has address 66.197.152.121
- haggstid.com has address 174.127.77.45
- primetimeclothes.com has address 65.98.15.237
- indymanda.com has address 208.43.46.99
- ayousveps.com has address 216.38.7.167
- kokkanoix.com has address 64.191.95.49
- saralingeries.com has address 50.23.166.53
- sharismarti.com has address 65.98.15.232
- goarnondo.com has address 74.80.151.200
- na-xa.com has address 174.127.69.35
- thedeadseamudmasque.com has address 207.210.110.120
- arrgtcyon.com has address 64.191.95.56
- haidagren.com has address 64.191.95.42
- carumvehm.com has address 209.217.244.236
- alfetorly.com has address 98.102.168.77
- alietmiwok.com has address 69.50.217.8
- anzackitab.com has address 69.50.217.88
- axinegowf.com has address 69.50.207.197
- baunopraya.com has address 65.98.68.166
- bengomnis.com has address 216.139.214.237
- birtleish.com has address 173.213.53.185
- brevsstad.com has address 207.210.87.158
- buticketyl.com has address 216.180.250.123
- cererdirgy.com has address 216.38.7.174
- climadepas.com has address 74.86.117.110
- deotacrang.com has address 67.228.39.247
- derfwhan.com has address 98.142.4.54
- dvragents.com has address 65.98.90.230
- fiardgaths.com has address 209.217.244.238
- gartdeess.com has address 206.217.136.250
- gorstnemos.com has address 209.217.240.111
- guilybono.com has address 207.210.87.142
- huluciras.com has address 65.98.68.172
- iraqianniv.com has address 173.213.53.189
- jaobswone.com has address 216.38.7.189
- lytesfous.com has address 96.8.114.134
- motherofallcloset.com has address 174.142.22.110
- muticfirca.com has address 216.139.217.95
- mynaxa.com has address 65.98.15.254
- novembandi.com has address 216.38.7.181
- paddanile.com has address 207.210.254.137
- planetsm3d.com has address 174.142.22.125
- rathaivray.com has address 98.142.4.47
- rgensevans.com has address 216.139.217.43
- seorawulk.com has address 207.210.87.138
- shop1ofakindjewelry.com has address 65.98.15.246
- sochtwuff.com has address 98.102.168.118
- swolnbehen.com has address 67.228.30.224
- tahinhagg.com has address 209.217.240.118
- turpsmeer.com has address 207.210.87.152
- deadsiicosmetics.com has address 184.22.214.56
This is a list of all of the “From: ” lines in the messages.
- “Age Quiz” realagequiz@resvieall.com
- “Auto Assesment Group” carworth@tahinhagg.com
- “CoolSavings Message” coolsavings@novembandi.com
- “CoolSavings Message” coolsavings@wonderjeweler.com
- “Cupid Love” cupiddating@huluciras.com
- “Diabetes Information” diabetes@ayousveps.com
- “Diabetes Information” diabetes@sochtwuff.com
- “DISH Network Authorized Retailer” dishnetwork@shop1ofakindjewelry.com
- “Dish Promotions” dishnetwork@fiardgaths.com
- “Driving Quiz” drivertype@ayousveps.com
- “Driving Quiz” drivertype@fiardgaths.com
- “eCIG Trial Kit” electronic_cigarette@deotacrang.com
- “Email Fax” emailfax@dogs-well.com
- “Email Fax” emailfax@thedeadseamudmasque.com
- “Facebook Surveys” facebook@sharismarti.com
- “Facebook Surveys” facebook@sharismarti.com
- “Facebook Surveys” facebooksurvey@derfwhan.com
- “Facebook Surveys” facebooksurvey@dogs-well.com
- “Facebook Surveys” facebooksurvey@mynaxa.com
- “Facebook Surveys” facebooksurvey@rathaivray.com
- “Facebook Surveys” facebooksurvey@shopsnomi.com
- “Foreclosure Listings” realtytrac@brevsstad.com
- “FTD Exclusive Offer” ftdflowers@haggstid.com
- “Global Registry” globalregistry@alietmiwok.com
- “John Cummuta” johncummuta@brevsstad.com
- “John Cummuta” johncummuta@dvragents.com
- “John Cummuta” johncummuta@guilybono.com
- “John Cummuta” johncummuta@guilybono.com
- “John Cummuta” johncummuta@jaobswone.com
- “John Cummuta” johncummuta@kokkanoix.com
- “John Cummuta” johncummuta@primetimeclothes.com
- “LASIK Vision Institute” lasikvision@haidagren.com
- “LASIK Vision Institute” lasikvision@lytesfous.com
- “LASIK Vision Institute” lasikvision@motherofallcloset.com
- “LASIK Vision Institute” lasikvision@shopsnomi.com
- “LASIK Vision” lasik@brevsstad.com
- “LASIK Vision” lasik@carumvehm.com
- “LASIK Vision” lasik@seorawulk.com
- “LendingTree” lendingtree@climadepas.com
- “LendingTree” lendingtree@guilybono.com
- “LendingTree” lendingtree@lomedmazic.com
- “Match.com” match@birtleish.com
- “Match.com” match@brevsstad.com
- “Match.com” match@carumvehm.com
- “Match.com” match@gorstnemos.com
- “Match.com” match@tahinhagg.com
- “Mature Singles” seniorpeoplemeet@arrgtcyon.com
- “Mature Singles” seniorpeoplemeet@ayousveps.com
- “Medicare” medicare@cererdirgy.com
- “Medicare” medicare@planetsm3d.com
- “Medicare” medicare@shopsnomi.com
- “MyLife” mylife@cascadesdirect.net
- “MyLife” mylife@lezzburo.com
- “MyLife” mylife@na-xa.com
- “Notification” dominospizza@deadsiicosmetics.com
- “Notification Department” appleipad2@saralingeries.com
- “Notification Department” appleipad2@shopsnomi.com
- “Notification Department” dellcomputer@baunopraya.com
- “Notification Department” dellcomputer@dogs-well.com
- “Notification Department” dellcomputer@iraqianniv.com
- “Notification Department” dellcomputers@shop1ofakindjewelry.com
- “Notification Department” dellgiveaway@gartdeess.com
- “Notification Department” potterybarn@arrgtcyon.com
- “Notification Department” potterybarn@wonderjeweler.com
- “Notification Department” redlobster@alfetorly.com
- “Notification Department” redlobster@cererdirgy.com
- “Notification Department” redlobster@haidagren.com
- “Notification Department” redlobster@haidagren.com
- “Notification Department” redlobster@huluciras.com
- “Notification Department” redlobster@muticfirca.com
- “Notification Department” redlobster@rgensevans.com
- “Notification Department” redlobster@wonderjeweler.com
- “Notification Department” southwestairlines@fiardgaths.com
- “Notification Department” subway@gartdeess.com
- “Notification Department” subway@goarnondo.com
- “Notification Department” subwaysandwhiches@bengomnis.com
- “Notification Department” subwaysandwhiches@brevsstad.com
- “Notification Department” subwaysandwhiches@buticketyl.com
- “Notification Department” subwaysandwhiches@buticketyl.com
- “Notification Department” subwaysandwhiches@haggstid.com
- “Notification Department” subwaysandwhiches@indymanda.com
- “Notification Department” subwaysandwhiches@jaobswone.com
- “Notification Department” subwaysandwhiches@kokkanoix.com
- “Notification Department” subwaysandwhiches@kokkanoix.com
- “Notification Department” subwaysandwhiches@lomedmazic.com
- “Notification Department” subwaysandwhiches@na-xa.com
- “Notification Department” subwaysandwhiches@paddanile.com
- “Notification” freepizza@wonderjeweler.com
- “Promotion Notification” starbucks@iraqianniv.com
- “Promotion Notification” starbucks@novembandi.com
- “Public Records” publicrecords@jaobswone.com
- “Rewards Notification” mcdonalds@guilybono.com
- “Shipment Pending” kindle@anzackitab.com
- “Shipment Pending” kindle@axinegowf.com
- “Shipment Pending” kindle@seorawulk.com
- “Shipment Pending” kindle@turpsmeer.com
- “Store Promo” wallmart@swolnbehen.com
thank you for doing this…this crap has been driving me crazy!
Yeah, I need to do an update. There are a ton of new domain names used in this spam, as well as different products.
Hey Michael,
This spam machine just wont quit…besides the blocking strategy, any other tactics for dealing with this torrent. How do the “reputable” companies being marketed get away unscathed? ….I mean, someone is profiting from spamming their products…cant they intervene?…perhaps I’m naive 🙂
Kevin
Well, the various trademark holders could file a complaint, but the problem is worldwide, so that would be a very expensive battle.
You can tweak your spam filtering rules.
The real solution to spam is for people to stop being idiots. Not the spammers, they’re losers and will never change. The people that receive anything unsolicited should learn to NEVER EVER buy anything from an unsolicited message. But because a handful of idiots buy (or think they are buying) something that is a “good deal” from an email they received, the spammers will keep on sending out their junk.
Thanks for doing this for the rest of us. The list needs an update though. We appreciate it,
Abbs