September 19th, 2004, 12:07 AM
About SPAM and URLS
I got an email that almost looked like it wasn't spam in my inbox, and I opened it. So like a lot of things they have a link you click if you don't want to receive email from them anymore which normally puts you on a few other mailing lists of people that probably pay them. So I take this link they give me which includes my email in a GET request, and I stuck their email in.
I replaced with
Let's say they actually gave a valid address to reply to, do you think that this would put them on the extra mailing lists that you would normally get put on for trying to unsubscribe, or do you think it does nothing?
September 19th, 2004, 01:18 AM
Usually the links to not receive anymore mail just lets them know they have a live address and makes the amount of spam sent to that address increase. Hopefully you have an email address on a server that will let you block particular addresses and particular domains. What you have done to include their email address in the link is humorous. Though their email address that they list publicly is probly not checked. you might try email@example.com that could be even more funny.
September 19th, 2004, 01:26 AM
lol, thanks. I just put in firstname.lastname@example.org. I guess I'll never know if that did anything though. Who knows what that other variable does though. I'll probably get a bunch more spam for even opening that email . oh well. Thanks for the reply.
September 20th, 2004, 04:06 AM
gkiregusn.turtlehurdle.com is 126.96.36.199
Record Type: IP Address
IP Location: United States United States - Florida - Sunrise - Global Resource Systems Corporation
Reverse IP: Web server hosts 2 websites (reverse ip tool requires free login)
Qwest Communications QWEST-BLKS-5 (NET-67-128-0-0-1)
188.8.131.52 - 184.108.40.206
Global Resource Systems Corporation Q0621-67-132-68-0 (NET-67-132-68-0-1)
220.127.116.11 - 18.104.22.168
# ARIN WHOIS database, last updated 2004-09-19 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
- no answer -
name type result
SOA source=dca-ans-01.inet.qwest.net.; responsible email@example.com.
unfortunatly qwest communications is lacking in their security dept.
September 20th, 2004, 04:21 AM
gkiregusn sounds randomly generated... If I were the spammer, I might create an account for every email sent...
So gkiregusn means that http://gkiregusn.turtlehurdle.com is specific to your email address, and NOW your IP address...
1. random email account (gkiregusn) on spamming server created
2. gkiregusn sends firstname.lastname@example.org some viagra spam
3. h3r3tic thinks he's 133t and crafts the unsubscribe link to another email
4. spammmer sees that gkiregusn subdomain has been responded to
5. spammers see that gkiregusn was created to spam h3r3tic
5. server checks off h3r3tic's email on their "spam more" list.
Of course that depends on how turtlehurder spams their list.