Internet Tip of the Week - by Bob Osgoodby
Nightmare on the Cyber HighwayNo, this is not another Freddie Krugar at Elm Street story, but a real life experience that to me was just as frightening. My Freddie was a Spammer who was killing not only my reputation, but threatening my relationship with my ISP.
It all started about a month ago.
I started getting “bounces”, which are returned emails that could not be delivered. Now the problem was I was not sending these emails which were being returned. OK, I figured, someone is forging my email address, and this has happened before. It usually happens a few times and then stops. But, instead of stopping, the number of bounces was increasing every day. When I started to get 600 to 700 returns a day, I became concerned. I then started receiving “hate mail” from people receiving the spam.
My first thought was that someone was relaying messages through my web site and that was the first place we checked. I already knew that my computer was clean and there weren't any viruses that were sending out these emails. Contacting my web host, we updated all of the software we use for forms on our Web Site. My web host then did an in-depth analysis of our web site and it came up clean.
Then, Comcast, my ISP shut me down. While I could receive email, they blocked my outgoing email. I did receive an email from abuse@comcast.net saying that I was blocked for spamming. There was a number I could call at their Abuse Department, which I did. I got a recording and left a voice mail. Later that day, I got a return call.The first person I talked with told me it was coming from my computer and to run AdAware. I ran AdAware and a few days later, was shut down again. The next person I talked with insisted it was coming from my computer and to run Stinger.exe which looks for and removes viruses.
In the meantime, to be absolutely certain that it was not coming from me, I reformatted my hard drive, then ran Stinger, AdAware and Norton Anti-Virus which all came up clean with no Viruses, Adware or Spyware found. I had run them prior to reformatting my hard drive with no problems found, but reformatted the drive just to be certain. A few days later I was shut down again by Comcast. Again I was told it was coming from my machine.
A few days later, SpamCop shut me down. Oh no, I thought, will this never end. It seems I received a subscribe request from someone that asked to receive two of our Newsletters, and I think the person hit the submit button twice. Now to be sure that someone actually did request the publications, I routinely send out a confirmation to them. Now, because he apparently hit the submit button twice, he received two confirmations for each newsletter he requested. In point of fact, it is possible that someone else subscribed him. This apparently angered him and he fired off a complaint to SpamCop. Little did he know he was doing me a tremendous favor.
I didn’t have a VERY high regard for SpamCop. Was I wrong! Ellen, a “deputy” at SpamCop gave me advice on how to change the subscribe routine so this problem would not surface again in the future, which I did.
Then Comcast shut me down again for sending Spam from my computer. Since I was not getting any help from the Abuse Department at Comcast, in desperation I turned to Ellen at SpamCop who was willing to help. I outlined the problem and she asked me to send her a few of the returned emails which purportedly came from me.Following is her reply which I have paraphrased:
”The original spam was injected from a web site in France - and we see spam from that IP in the database. It is a compromised proxad end-user machine and is listed in the SpamCop blocklist as well as the CBL (Composite Blocking List).
That IP sent spam to a bunch of non-existent addresses (notice this is probably a world wide dictionary attack as the addresses all conveniently start with the letter "H"). They used a forged return-path to your servers address and that is why you are receiving the bounces. There is *no* indication that you originated the mail unless you were somehow magically transformed into a proxad customer, or in the case of the second bounce into a kornet customer.
This is not something new; it has been going on for years although the last couple of years it is a whole lot more prevalent. Your ISP (Comcast) should understand this.”
Now these two (one that originated in France and the second from Korea) were just a small sample of the tens of thousands returned emails I had received.
Then, Comcast shut me down again. I finally got to talk with someone in their Abuse Department who was willing to listen, and just didn't make threats and tell me to clean up my computer, as all the others had. When I outlined what Ellen from SpamCop had said, he agreed and said I shouldn't have any problems in the future. Little did that guy know when he reported me to SpamCop, it was the biggest favor he could have done me. If I hadn't met Ellen on-line, I would probably still be going through this Comcast nightmare.
Now my question is basically this – how come all the “professionals” who work in the Abuse Department of Comcast, couldn't figure out what Ellen from SpamCop did in a heartbeat? Makes you sort of wonder.
My plaudits go to Ellen, and I now look at SpamCop with a totally different perspective. Due to her efforts, my Freddie will hopefully go away. And Oh, I guess you can figure out who I won't go to for help.-----
Did you know that subscribers to Bob Osgoodby's Free Ezine the
"Tip of the Day" get a Free Ad for their Business at his Web
Site? Great Business and Computer Tips – Monday. Wednesday. and
Friday. Instructions on how to place an ad are in the Newsletter.
Subscribe at: http://adv-marketing.com/business/subscribe2.htm
We
Have Zero Tolerance for Spam