If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Possible (pending) usenet spam campaign (was: Hello world!) - abusereport
This message is being posted to:
microsoft.public.win98.gen_discussion news.admin.net-abuse.usenet as well as being copied to a handful of e-mail addresses. If you are recieving this via e-mail, I will give you some background: A usenet post was made recently to the newsgroup microsoft.public.win98.gen_discussion, and the full header of that post is as follows: ----------------------- From: HelgTours Subject: Hello world! Date: Sat, 3 Oct 2009 02:25:33 +0100 Message-ID: Organization: Win98banter.com X-Originating-IP: 94.142.130.16 Newsgroups: microsoft.public.win98.gen_discussion NNTP-Posting-Host: s15244360.onlinehome-server.info 87.106.71.77 Path: (...) bandi.nntp.kabelfoon.nl xlned.com feeder1.xlned.com news.alt.net msrtrans TK2MSFTFEEDS02.phx.gbl TK2MSFTNGP01.phx.gbl TK2MSFTNGP02.phx.gbl ------------------------- If you are recieving this message via e-mail, it is because you are somehow connected to the usenet post in question, as explained below. Please do not attempt to reply to me, as the address I use is spoofed. I would hope that you would post any responses as replies to this post, as it appears in microsoft.public.win98.gen_discussion or news.admin.net-abuse.usenet. My comments regarding that post are as follows: Unless the path was pre-loaded with the phx.gbl entries, it appears that it originated (or was injected into usenet) by the Microsoft group servers. I'm not that familliar with posts that originate from Microsoft's servers, but I'm under the impression that any such posts will usually have something like "K2MSFTNGP06.phx.gbl" in the message id. In this case, we see win98banter.com in the MID. The nntp-posting-host originates in Germany, and shares many other domain identities as part of the "banter" domain family: http://www.robtex.com/ip/87.106.71.77.html I am therefore copying in this message, as that is the contact handle for 87.106.71.77. If we believe the actual source of the post (94.142.130.16) it would appear to be in Latvia, hence I am also copying and . The IP seems to be a known "comment spammer" so this abuse report is appropriate: http://www.robtex.com/ip/94.142.130.16.html#blacklists Beyond the fact that we have a source of usenet pollution originating from eastern europe (no surprise there), I think the larger story here is why do posts that originate from the "banter" entity enter usenet via the microsoft servers - without the typical MID construction indicative of such a post? Just what is the "banter" entity, and does it have a special relationship with Microsoft? The whois information for win98banter.com is as follows: created: 22-Jul-2004 last-changed: 23-Jul-2009 registration-expiration: 22-Jul-2010 nserver: ns59.1and1.co.uk nserver: ns60.1and1.co.uk registrant-firstname: Kevin registrant-lastname: Middleton registrant-street1: 35 Grosvenor Avenue registrant-pcode: HA2 7AS registrant-city: Harrow registrant-ccode: GB registrant-phone: +44.2084270972 registrant-email: tech-c-organization: 1&1 Internet Ltd. tech-c-street1: Herschel Street tech-c-street2: The Nova Building tech-c-pcode: SL1 1XS tech-c-city: Slough tech-c-ccode: GB tech-c-phone: +44.8708503305 tech-c-fax: +44.1753490444 tech-c-email: I am therefore copying and in this message. The website http://kevinmiddleton.co.uk currently returns a blank page, but the internet archive shows it once had some real content: http://web.archive.org/web/200406051...ddleton.co.uk/ Kevin, I've performed some google searches on you and your set of "banter" domains, cut can't find much in the way of organizational or functional details of you or your operation. I'm particularly interested in how (or why) you seem to be allowed to operate as a gateway directly into the Microsoft servers for the purpose of posting messages to the microsoft.public.* set of usenet groups. Does Microsoft allow you to do this? Do they know you do this? |
#2
|
|||
|
|||
Possible (pending) usenet spam campaign
98 Guy wrote: This message is being posted to: microsoft.public.win98.gen_discussion news.admin.net-abuse.usenet as well as being copied to a handful of e-mail addresses. If you are recieving this via e-mail, I will give you some background: A usenet post was made recently to the newsgroup microsoft.public.win98.gen_discussion, and the full header of that post is as follows: Potential spammer and abuser: 98 Guy Organization: Aioe.org NNTP Server Lines: 120 Message-ID: References: NNTP-Posting-Host: LanlDVNifBcF0g4mo97azA.user.aioe.org X-Complaints-To: Please read the recent entries in the win98.gen_discussion group regarding Usenet; and the warnings to *NOT*: answer; or, post materials; or, otherwise responding; *TO VERIFY* these types of activities. 98 Guy apparently wants to ensure this party or parties posting method is confirmed as a viable method [see the php Hello world within the original], making this party apparently in league with this activity. win98banter.com last whois update: Whois Server Version 2.0 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. Domain Name: WIN98BANTER.COM Registrar: 1 & 1 INTERNET AG Whois Server: whois.schlund.info Referral URL: http://REGISTRAR.SCHLUND.INFO Name Server: NS59.1AND1.CO.UK Name Server: NS60.1AND1.CO.UK Status: ok Updated Date: 23-jul-2009 Creation Date: 22-jul-2004 Expiration Date: 22-jul-2010 Last update of whois database: Sat, 03 Oct 2009 19:11:34 UTC % The data in the WHOIS database of 1&1 Internet AG is provided by % 1&1 for information purposes, and to assist persons in obtaining % information about or related to a domain name registration record. % 1&1 does not guarantee its accuracy. By submitting a WHOIS query, % you agree that you will use this data only for lawful purposes and that, % under no circumstances, you will use this data to % (1) allow, enable, or otherwise support the transmission by e-mail, % telephone, or facsimile of mass, unsolicited, commercial advertising or % solicitations to entities other than the data recipient's own existing % customers; or Were this a legitimate attempt to deter these activities, the abuse contacts would have been handled *directly* [as in to the administrators and/or moderators at win98banter.com] and WITHOUT* verifying the purported suspect message and method *IN* this group [microsoft.public.win98.gen_discussion]. http://www.win98banter.com/ http://www.win98banter.com/faq.php? specifically: How do I report an inappropriate post? http://www.win98banter.com/faq.php?f...aq_newsgroups4 NOTE: heligtours has apparently been banned from win98banter.com postings, see: http://www.win98banter.com/member.php?u=6767 NOTE ALSO: the entity *98 Guy* has a long history of abuse within the microsoft.public.win98.gen_discussion group and elsewhere. Recommendation: Disregard a 98 Guy request unless other verification is received and carefully cross-checked [and properly handled]. Make sure to review the purported history that may be or should be taken under consideration regarding any purported complaint this entity may file. Our apologies are extended to win98banter.com, and a "good work" is extended on the quick response. -- MEB http://peoplescounsel.org/ref/windows-main.htm Windows Info, Diagnostics, Security, Networking http://peoplescounsel.org The "real world" of Law, Justice, and Government ___--- |
#3
|
|||
|
|||
Possible (pending) usenet spam campaign
MEB spewed:
Potential spammer and abuser: Yes, you are. But what's more interesting: I wouldn't have thought that your reply would appear in news.admin.net-abuse.usenet, but I see that it has. Strange - I would have thought that the microsoft servers would have stripped away any non-microsoft newsgroup before propagating your reply to other peers. What this means is that spammers can use microsoft's nntp servers to inject spam into non-microsoft newsgroups. What do you have to say about that MEB? Would you criticize microsoft for that oversight? Or do you even understand what I'm talking about? win98banter.com last whois update: And you re-posted a whois report for win98banter because ... ? % The data in the WHOIS database of 1&1 Internet AG is provided And include the fine print because ... ? NOTE: heligtours has apparently been banned from win98banter.com I guess that explains why they were able to post the item in question - doesn't it? Recommendation: Note that MEB doesn't actually try to explain how the post in question was injected into usenet from win98banter via microsoft's own servers. Our apologies are extended to win98banter.com, Our apologies? That win98banter has acted as a source of spam into this newsgroup, and you want to apologize to them because I pointed that out? Just how irrational can you get? and a "good work" is extended on the quick response. You're a fruitloop. |
#4
|
|||
|
|||
Possible (pending) usenet spam campaign
On 10/04/2009 06:55 PM, 98 Guy wrote: MEB spewed: Potential spammer and abuser: Yes, you are. But what's more interesting: I wouldn't have thought that your reply would appear in news.admin.net-abuse.usenet, but I see that it has. Strange - I would have thought that the microsoft servers would have stripped away any non-microsoft newsgroup before propagating your reply to other peers. What this means is that spammers can use microsoft's nntp servers to inject spam into non-microsoft newsgroups. What do you have to say about that MEB? Would you criticize microsoft for that oversight? Or do you even understand what I'm talking about? win98banter.com last whois update: And you re-posted a whois report for win98banter because ... ? % The data in the WHOIS database of 1&1 Internet AG is provided And include the fine print because ... ? NOTE: heligtours has apparently been banned from win98banter.com I guess that explains why they were able to post the item in question - doesn't it? Recommendation: Note that MEB doesn't actually try to explain how the post in question was injected into usenet from win98banter via microsoft's own servers. Our apologies are extended to win98banter.com, Our apologies? That win98banter has acted as a source of spam into this newsgroup, and you want to apologize to them because I pointed that out? Just how irrational can you get? and a "good work" is extended on the quick response. You're a fruitloop. As you can see, since this IS being sent to news.admin.net-abuse.usenet, this party does constantly attempt to cause issues wherever possible. You should also note that the reason this entity 98 Guy MAY have instituted the complaint may be due to possible being banned or otherwise repremanded on win98banter.com either under this misnomer or one of the others used. This entity recently posted in this group, that this had apparently occurred elsewhere. SEE: http://groups.google.com/group/micro...d2cf1?lnk=raot Again, doing research upon this entity and the party in question will reveal numerous other issues involved. There was an attempt by this troll and abuser to direct this reply to: [message header] From: 98 Guy Newsgroups: microsoft.public.win98.gen_discussion,news.admin.n et-abuse.usenet Subject: Possible (pending) usenet spam campaign Followup-To: alt.bull**** Date: Sun, 04 Oct 2009 18:55:43 -0400 Organization: Aioe.org NNTP Server Lines: 45 Message-ID: References: NNTP-Posting-Host: LanlDVNifBcF0g4mo97azA.user.aioe.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Complaints-To: X-Mailer: Mozilla 4.79 [en] (Win98; U) I would suggest you take whatever measures necessary to ensure this party is properly dealt with. Moreover, you should supply this and whatever other information you might have obtained to win98banter.com so they may take the matter under consideration for potential legal action or other as they wish to apply. -- MEB http://peoplescounsel.org/ref/windows-main.htm Windows Info, Diagnostics, Security, Networking http://peoplescounsel.org The "real world" of Law, Justice, and Government ___--- |
#5
|
|||
|
|||
Possible (pending) usenet spam campaign
"MEB" wrote in message ... snip I would suggest you take whatever measures necessary to ensure this party is properly dealt with. Moreover, you should supply this and whatever other information you might have obtained to win98banter.com so they may take the matter under consideration for potential legal action or other as they wish to apply. You're joking right? |
#6
|
|||
|
|||
Possible (pending) usenet spam campaign
On 10/04/2009 11:02 PM, Sunny wrote:
"MEB" wrote in message ... snip I would suggest you take whatever measures necessary to ensure this party is properly dealt with. Moreover, you should supply this and whatever other information you might have obtained to win98banter.com so they may take the matter under consideration for potential legal action or other as they wish to apply. You're joking right? Must be, as this is being submitted to a non-moderated, junk, troll, and spam filled sub-group in supposed news.admin.net-abuse. But otherwise, no. -- MEB http://peoplescounsel.org/ref/windows-main.htm Windows Info, Diagnostics, Security, Networking http://peoplescounsel.org The "real world" of Law, Justice, and Government ___--- |
#7
|
|||
|
|||
Possible (pending) usenet spam campaign
"MEB" wrote in message ... On 10/04/2009 11:02 PM, Sunny wrote: "MEB" wrote in message ... snip I would suggest you take whatever measures necessary to ensure this party is properly dealt with. Moreover, you should supply this and whatever other information you might have obtained to win98banter.com so they may take the matter under consideration for potential legal action or other as they wish to apply. You're joking right? Must be, as this is being submitted to a non-moderated, junk, troll, and spam filled sub-group in supposed news.admin.net-abuse. But otherwise, no. Then you are dreaming, news.admin.net-abuse, is not a Usenet law enforcement agency, it's just another Usenet news group. win98banter.com is a web based "forum" that just happens to "slurp" Usenet postings (like Google) Is your plea for others to take legal action part of your crusade for being a "Peoples Counsel" ? |
#8
|
|||
|
|||
Possible (pending) usenet spam campaign
Full-Quoter MEB spewed:
As you can see, since this IS being sent to news.admin.net-abuse.usenet My first post in this thread touched on the spammy or abusive nature of the original post. Therefore, cross-posting to news.admin.net-abuse.usenet was not out-of-line. Your comment above is incomplete. You state that I cross-posted to news.admin.net-abuse.usenet without saying why the cross-post was in and of itself notable. And this aspect is particularly interesting: You are critical of me including news.admin.net-abuse.usenet in the distribution of these posts, yet you do not remove it for your replies. Why do you not remove news.admin.net-abuse.usenet when you formulate and post your replies? this party does constantly attempt to cause issues wherever possible. It was you who chose to escalate this and turn it into an "issue". You should also note that the reason this entity 98 Guy MAY have instituted the complaint may be due to possible being banned or otherwise repremanded on win98banter.com (laughing out loud) Only lame people engage in usenet reading/writing via http interface. The deeper aspects of this issue that relate to the "banter" entity and it's relationship with the microsoft server are obviously over your head, which leaves you grasping at straws as to why I've pointed a finger at the banter operator. Again, doing research upon this entity and the party in question will reveal numerous other issues involved. Note how MEB employs cloudy and muddled syntax in an attempt to evade legal consequences along the lines of slander and defamation. By doing so, his comments and statements are reduced to vacuuous nonsense. This is known as MEB-speak, which is a form of legalese, which MEB learned the hard way as he acted as his own lawyer in family court during various proceedings he was involved in, in which he obviously (but probably deservingly) got the short end of the stick. There was an attempt by this troll and abuser to direct this reply to: (...) Wouldn't it have been more readable (and have more impact) to have simply said "alt.bull****" instead of fully-posting the message header? You don't even explicitly mention alt.bull**** - you leave it up to the reader to figure that out, for no obvious or rational reason I can think of. This is why most of your arguments fail. Instead of directly answering questions or make unambiguous statements that contain actual information, you use evasion as if every statement you make could be used against you in a court of law - something that obviously terrifies you. You are a sad case. The court system has dammaged you psychologically, mentally. It has rendered you fearful of anything you say in public. Why do you not use an anonymous identity when you post public messages like these? We see the liabilities that you struggle with by posting with your real name - so what benefit do you gain by doing so? |
#9
|
|||
|
|||
Possible (pending) usenet spam campaign
On 10/05/2009 01:20 AM, Sunny wrote:
"MEB" wrote in message ... On 10/04/2009 11:02 PM, Sunny wrote: "MEB" wrote in message ... snip I would suggest you take whatever measures necessary to ensure this party is properly dealt with. Moreover, you should supply this and whatever other information you might have obtained to win98banter.com so they may take the matter under consideration for potential legal action or other as they wish to apply. You're joking right? Must be, as this is being submitted to a non-moderated, junk, troll, and spam filled sub-group in supposed news.admin.net-abuse. But otherwise, no. Then you are dreaming, news.admin.net-abuse, is not a Usenet law enforcement agency, it's just another Usenet news group. win98banter.com is a web based "forum" that just happens to "slurp" Usenet postings (like Google) Is your plea for others to take legal action part of your crusade for being a "Peoples Counsel" ? So you and 98 Guy intend your normal junk, so be it. Just a little reminder for those perhaps unfamiliar with the Usenet culture. There is a common suggestion: DO NOT FEED THE TROLLS. *Expect though*, that there will be those who MUST *tromp on the trolls* so the world knows what and who they are and/or to dispell whatever myth or falsehood may be involved. You can generally recognize a REAL troll or these other parties rather easily by what they consistently use [attacks against parties and their viable materials] and their type of posting style. These low-life Usenetters [note1], generally without anything of value to post and lacking the intelligence necessary to do so; they *WILL* attack [often several trolls and sockpuppets at a time] those posting viable materials attempting to take over the various groups for their own usage or to kill the respective group [a personal satisfaction to these types]; and to discredit viable parties and postings to whatever extent possible. There are also those who deliberately post false information with seemingly legitimate links or arguments, or who actually believe the "urban myths" regardless of ALL of the materials and arguments otherwise; it does not, however, change what these people are, the scum of Usenet and what will bring its ultimate demise. Please read the below so you might have a better understanding of the various types of parties [there are other classifications], and what to expect within Usenet. Here's a hint, if the party posting is using their REAL name, you can likely, a least, consider their post *might* be of value, since what they post follows them to their REAL life. Note though: Usenet is also filled with Identity theft, so look for those parties including some method of verification of who they are. Here's a well put idea taken from jonz, a dejanews user/troll's sig [per a discussion with this entity], who must have forgotten this *was* the sig being used, unless it was a sub-concious admission and warning of what this party is/was: ""Usenet is like a herd of performing elephants with diarrhea - massive, difficult to redirect, awe-inspiring, entertaining, and a source of mind-boggling amounts of excrement when you least expect it." - Gene Spafford,1992" So here's "the rest of the story" {Paul Harvey's well known keymark statement}: http://www.angelfire.com/space/usenet/ http://en.wikipedia.org/wiki/Troll_%28Internet%29 http://en.wikipedia.org/wiki/Sockpuppet_%28Internet%29 http://en.wikipedia.org/wiki/On_the_...you%27re_a_dog http://en.wikipedia.org/wiki/Shill http://en.wikipedia.org/wiki/Astroturfing http://en.wikipedia.org/wiki/Hit-and-run_posting http://en.wikipedia.org/wiki/Lurker http://en.wikipedia.org/wiki/1%25_ru...net_culture%29 note1 - Not all Usenetters are trolls or such, but there ARE vast numbers of them throughout Usenet with apparently nothing better to do in their miserable and pathetic lives but to use the groups for their own inexorable and infantile amusement. -- MEB http://peoplescounsel.org/ref/windows-main.htm Windows Info, Diagnostics, Security, Networking http://peoplescounsel.org The "real world" of Law, Justice, and Government ___--- |
#10
|
|||
|
|||
Possible (pending) usenet spam campaign
On 10/05/2009 09:45 AM, 98 Guy wrote:
Full-Quoter MEB spewed: As you can see, since this IS being sent to news.admin.net-abuse.usenet My first post in this thread touched on the spammy or abusive nature of the original post. Therefore, cross-posting to news.admin.net-abuse.usenet was not out-of-line. Your comment above is incomplete. You state that I cross-posted to news.admin.net-abuse.usenet without saying why the cross-post was in and of itself notable. And this aspect is particularly interesting: You are critical of me including news.admin.net-abuse.usenet in the distribution of these posts, yet you do not remove it for your replies. Why do you not remove news.admin.net-abuse.usenet when you formulate and post your replies? this party does constantly attempt to cause issues wherever possible. It was you who chose to escalate this and turn it into an "issue". You should also note that the reason this entity 98 Guy MAY have instituted the complaint may be due to possible being banned or otherwise repremanded on win98banter.com (laughing out loud) Only lame people engage in usenet reading/writing via http interface. The deeper aspects of this issue that relate to the "banter" entity and it's relationship with the microsoft server are obviously over your head, which leaves you grasping at straws as to why I've pointed a finger at the banter operator. Again, doing research upon this entity and the party in question will reveal numerous other issues involved. Note how MEB employs cloudy and muddled syntax in an attempt to evade legal consequences along the lines of slander and defamation. By doing so, his comments and statements are reduced to vacuuous nonsense. This is known as MEB-speak, which is a form of legalese, which MEB learned the hard way as he acted as his own lawyer in family court during various proceedings he was involved in, in which he obviously (but probably deservingly) got the short end of the stick. There was an attempt by this troll and abuser to direct this reply to: (...) Wouldn't it have been more readable (and have more impact) to have simply said "alt.bull****" instead of fully-posting the message header? You don't even explicitly mention alt.bull**** - you leave it up to the reader to figure that out, for no obvious or rational reason I can think of. This is why most of your arguments fail. Instead of directly answering questions or make unambiguous statements that contain actual information, you use evasion as if every statement you make could be used against you in a court of law - something that obviously terrifies you. You are a sad case. The court system has dammaged you psychologically, mentally. It has rendered you fearful of anything you say in public. Why do you not use an anonymous identity when you post public messages like these? We see the liabilities that you struggle with by posting with your real name - so what benefit do you gain by doing so? More troll and sockpuppet materials from 98 Guy and Sunny. Just a little reminder for those perhaps unfamiliar with the Usenet culture. There is a common suggestion: DO NOT FEED THE TROLLS. *Expect though*, that there will be those who MUST *tromp on the trolls* so the world knows what and who they are and/or to dispell whatever myth or falsehood may be involved. You can generally recognize a REAL troll or these other parties rather easily by what they consistently use [attacks against parties and their viable materials] and their type of posting style. These low-life Usenetters [note1], generally without anything of value to post and lacking the intelligence necessary to do so; they *WILL* attack [often several trolls and sockpuppets at a time] those posting viable materials attempting to take over the various groups for their own usage or to kill the respective group [a personal satisfaction to these types]; and to discredit viable parties and postings to whatever extent possible. There are also those who deliberately post false information with seemingly legitimate links or arguments, or who actually believe the "urban myths" regardless of ALL of the materials and arguments otherwise; it does not, however, change what these people are, the scum of Usenet and what will bring its ultimate demise. Please read the below so you might have a better understanding of the various types of parties [there are other classifications], and what to expect within Usenet. Here's a hint, if the party posting is using their REAL name, you can likely, a least, consider their post *might* be of value, since what they post follows them to their REAL life. Note though: Usenet is also filled with Identity theft, so look for those parties including some method of verification of who they are. Here's a well put idea taken from jonz, a dejanews user/troll's sig [per a discussion with this entity], who must have forgotten this *was* the sig being used, unless it was a sub-concious admission and warning of what this party is/was: ""Usenet is like a herd of performing elephants with diarrhea - massive, difficult to redirect, awe-inspiring, entertaining, and a source of mind-boggling amounts of excrement when you least expect it." - Gene Spafford,1992" So here's "the rest of the story" {Paul Harvey's well known keymark statement}: http://www.angelfire.com/space/usenet/ http://en.wikipedia.org/wiki/Troll_%28Internet%29 http://en.wikipedia.org/wiki/Sockpuppet_%28Internet%29 http://en.wikipedia.org/wiki/On_the_...you%27re_a_dog http://en.wikipedia.org/wiki/Shill http://en.wikipedia.org/wiki/Astroturfing http://en.wikipedia.org/wiki/Hit-and-run_posting http://en.wikipedia.org/wiki/Lurker http://en.wikipedia.org/wiki/1%25_ru...net_culture%29 note1 - Not all Usenetters are trolls or such, but there ARE vast numbers of them throughout Usenet with apparently nothing better to do in their miserable and pathetic lives but to use the groups for their own inexorable and infantile amusement. -- MEB http://peoplescounsel.org/ref/windows-main.htm Windows Info, Diagnostics, Security, Networking http://peoplescounsel.org The "real world" of Law, Justice, and Government ___--- |
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
What is Usenet | Hot-text | General | 73 | May 31st 10 11:56 PM |
Since this forum is now completely Usenet - What Usenet is | MEB[_18_] | General | 13 | October 1st 09 08:15 AM |
Since this forum is now completely Usenet - What Usenet is | MEB[_18_] | General | 0 | September 28th 09 10:33 PM |
Windows 98 + ME *still* alive campaign | roman modic | General | 0 | July 14th 06 02:08 AM |
XP vs W-98 as spam zombies (was: Asia top source of spam) | Virus Guy | General | 2 | May 1st 06 02:03 AM |