Abusable formail.pl script, that allows sending anonymous e-mails! cobalt11.infomaniak.ch, [212.23.248.32]: Access denied! === My 1st complaint === Message-Id: <200201072229.g07MTRp16017@mail.dolphinwave.org> Content-Type: text/plain; charset="iso-8859-1" From: Admin Reply-To: abuse-2002@dolphinwave.org Organization: Private person To: Abuse reports , nanas-sub@cybernothing.org, uce@ftc.gov, abuse@aol.com, dirk.schweizer@colt.ch, hostmaster@infomaniak.ch, asnadmin@interland.com, abuse@interland.net, postmaster@interland.com, abuse-noverbose@uu.net Subject: [email] Long-time spammer! [Fwd: DONT IGNORE ME ijw] Date: Tue, 8 Jan 2002 00:29:26 +0200 X-Mailer: KMail [version 1.3.2] X-Complaints-To: abuse@dolphinwave.org (live person) X-PGP-key-fingerprint: 5B8E 3B28 7199 8CD3 4133 FA87 000B 0FB6 AAE2 A579 X-PGP-key: 0xAAE2A579 X-No-Confirm: Yes MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Procmail: Yes X-Loop: dev.null@dolphinwave.org Status: R X-Status: N Spammer (abused formail.pl): cobalt11.infomaniak.ch [212.23.248.32] INFOMANIAK IP block [212.23.248.0 - 212.23.249.255]. Mail from: bcyhiz@aol.com Spamvertised web page: http://rd.yahoo.com/dir/?http://64.224.96.247/kizash/mysite.html Redirect to: http://64.224.96.247/kizash/mysite.html 64.224.96.247 = newsiteszd.com = sw33t-puzzzzy.net Which redirects back to Yahoo, but has a sign:
Apache/1.3.12 Server at www.sw33t-puzzzzy.net Port 80
sw33t-puzzzzy.net is not registered at this moment. newsiteszd.com [64.224.96.247] ============== Registrant: larry hall (NEWSITESZD3-DOM) 7838 hwy 56 s clinton, SC 29325 US Domain Name: NEWSITESZD.COM Administrative Contact: larry hall (EFLAVYLTTO) domreg@interland.com larry hall 7838 hwy 56 s clinton, SC 29325 usa 404.586.9999 Technical Contact: master, host (HM7084) hostmaster@INTERLAND.NET Interland, Inc 34 Peachtree Street, NW Atlanta, GA 30303 404-586-9999 (FAX) 404-586-0001 Billing Contact: Interland Inc (N19161-OR) domreg@interland.com Interland Inc 303 Peachtree Center Ave, Suite 500 Atlanta, GA 30303 US 404-586-9999 fax: 404-720-3707 Record last updated on 18-Nov-2001. Record expires on 31-Jul-2002. Record created on 18-Nov-2001. Database last updated on 7-Jan-2002 02:35:00 EST. Domain servers in listed order: DNS1.INTERLAND.NET 64.224.20.132 DNS2.INTERLAND.NET 64.224.20.133 DNS3.INTERLAND.NET 64.224.20.134 Interland IP block [64.224.0.0 - 64.227.127.255]. Upstream: UUNET (interland1-gw.customer.alter.net). ---------- Forwarded Message ---------- Received: from cobalt11.infomaniak.ch (cobalt11.infomaniak.ch [212.23.248.32]) by MY-SECONDARY-MX (8.11.6/8.11.6) with ESMTP id g07LSqk17660 for ; Mon, 7 Jan 2002 22:28:53 +0100 (CET) (envelope-from sys_epsitec@cobalt5.infomaniak.ch) X-MDaemon-Deliver-To: Received: (from sys_epsitec@localhost) by cobalt11.infomaniak.ch (8.9.3/8.9.3) id WAA06373; Mon, 7 Jan 2002 22:16:03 +0100 Date: Mon, 7 Jan 2002 22:16:03 +0100 Message-Id: <200201072116.WAA06373@cobalt11.infomaniak.ch> To: rocker@tiger.pwgsc.gc.ca, usnot@usnot.no.invald.###, heel@online.medlux.##, carol145@excite.###, pimpf@pimpf.ovh.###, paul@city-fan.###, david.young@lutris.###, danorton@suemers.###, andyhunf@ms51.hinet.###, rut@linuxmail.###, nguoithantinh@yahoo.###, less@nil.nil, n_r8@hotmail.###, michael.ansley@intec-telecom-systems.###, mickybrain@freesurf.##, lordwo@wanadoo.##, chris@cjemicros.co.##, mgilbert@eclipse.co.##, kilgallen@encompasserve.###, arturs.aboltins@lattelekom.##, jan.habicht@web.##, kbam@iprimus.###.au, abuse-2001@dolphinwave.###, jail4judges@mindspring.###, ts@uwasa.##, phil-news-@ipal.###, venky.chakravarthy@pfizer.###, malmaison12@aol.###, foxar@ifrance.###, root@heel.medlux.msk.## From: bcyhiz@aol.com () Subject: DONT IGNORE ME ijw Status: R X-Status: N Voici le résultat du formulaire envoyé par (bcyhiz@aol.com) le Lundi, Janvier 7, 2002 at 22:16:03 --------------------------------------------------------------------------- : CLI :CK HERE --------------------------------------------------------------------------- ------------------------------------------------------- ======= PREVIOUS SPAMS WERE ======= Received: from maq1.codiub.com.br (IDENT:root@iplus-ura-065.xdsl-fixo.ctbcnetsuper.com.br [200.225.210.65]) by mail.dolphinwave.org (8.11.6/8.11.6) with ESMTP id g07KxHp14889 for ; Mon, 7 Jan 2002 22:59:18 +0200 Received: (from nobody@localhost) by maq1.codiub.com.br (8.9.3/8.8.7) id SAA14147; Mon, 7 Jan 2002 18:08:24 -0300 Date: Mon, 7 Jan 2002 18:08:24 -0300 Message-Id: <200201072108.SAA14147@maq1.codiub.com.br> X-Authentication-Warning: maq1.codiub.com.br: nobody set sender to webmaster@codiub.com.br using -f To: service@intervolved.###, abuse-2001@dolphinwave.###, tina8882002@yahoo.###, amy_eazy_fun@yahoo.co.##, you@yourplace.###, rosaparada@elsitio.###, simonsays48@flasahmail.###, eike.henke@nexgo.##, remmeoff@china.###, safari818@hot-stop--mail.###, webmaster@sydneybiz.###, support@sydneybiz.###, sales@sydneybiz.###, brent6342@arabia.###, steve.bush@gcmweb.###, newspost@intermedia.###, millys@mvps.###, cas@taz.###.au, cindyb@nowhere.###, stian@grytoyr.###, sdworman@comspec-intnl.###, w@baron.###, alex@fly.srk.fer.##, hardmeier@mvps.###, kevinchan@trasy.###, avdija@epn.##, dvanbalen@jam.rr.###, nra@netbsd.###, anon@anon.###, vbrandt@swing.## From: () 65.184.155.245@maq1.codiub.com.br Subject: Hey You ghi Abaixo está o resultado de um formulário de feedback enviado por (hotteen@hotmail.com) na Segunda-Feira, 7 de janeiro de 2002 às 18:08:12 --------------------------------------------------------------------------- : Hi My name is Misty, Im 18 and very horny Come and chat with me by http://www.totallyteens.com/guests/index.shtml?psycho143

(18 ) --------------------------------------------------------------------------- Received: from maq1.codiub.com.br (IDENT:root@iplus-ura-065.xdsl-fixo.ctbcnetsuper.com.br [200.225.210.65]) by mail.dolphinwave.org (8.11.6/8.11.6) with ESMTP id g07L4op14978 for ; Mon, 7 Jan 2002 23:04:52 +0200 Received: (from nobody@localhost) by maq1.codiub.com.br (8.9.3/8.8.7) id SAA14146; Mon, 7 Jan 2002 18:08:24 -0300 Date: Mon, 7 Jan 2002 18:08:24 -0300 Message-Id: <200201072108.SAA14146@maq1.codiub.com.br> X-Authentication-Warning: maq1.codiub.com.br: nobody set sender to webmaster@codiub.com.br using -f To: service@intervolved.###, abuse-2001@###, tina8882002@yahoo.###, amy_eazy_fun@yahoo.co.##, you@yourplace.###, rosaparada@elsitio.###, simonsays48@flasahmail.###, eike.henke@nexgo.##, remmeoff@china.###, safari818@hot-stop--mail.###, webmaster@sydneybiz.###, support@sydneybiz.###, sales@sydneybiz.###, brent6342@arabia.###, steve.bush@gcmweb.###, newspost@intermedia.###, millys@mvps.###, cas@taz.###.au, cindyb@nowhere.###, stian@grytoyr.###, sdworman@comspec-intnl.###, w@baron.###, alex@fly.srk.fer.##, hardmeier@mvps.###, kevinchan@trasy.###, avdija@epn.##, dvanbalen@jam.rr.###, nra@netbsd.###, anon@anon.###, vbrandt@swing.## From: () 65.184.155.245@maq1.codiub.com.br Subject: DONT IGNORE ME deq Abaixo está o resultado de um formulário de feedback enviado por (efumnk@aol.com) na Segunda-Feira, 7 de janeiro de 2002 às 18:08:12 --------------------------------------------------------------------------- : CLICK HERE --------------------------------------------------------------------------- === More spam. My 2nd complaint === Message-Id: <200201072234.g07MYjp16076@mail.dolphinwave.org> Content-Type: text/plain; charset="iso-8859-1" From: Admin Reply-To: abuse-2002@dolphinwave.org Organization: Private person To: Abuse reports , nanas-sub@cybernothing.org, uce@ftc.gov, dirk.schweizer@colt.ch, hostmaster@infomaniak.ch, abuse@above.net, abuse@national-net.com, abuse@hotmail.com Subject: [email] Long-time spammer! [Fwd: Hey You hiq] Date: Tue, 8 Jan 2002 00:34:45 +0200 X-Mailer: KMail [version 1.3.2] X-Complaints-To: abuse@dolphinwave.org (live person) X-PGP-key-fingerprint: 5B8E 3B28 7199 8CD3 4133 FA87 000B 0FB6 AAE2 A579 X-PGP-key: 0xAAE2A579 X-No-Confirm: Yes MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Procmail: Yes X-Loop: dev.null@dolphinwave.org Status: R X-Status: N Spammer (abused formail.pl): cobalt11.infomaniak.ch [212.23.248.32] INFOMANIAK IP block [212.23.248.0 - 212.23.249.255]. Mail from: hotteen@hotmail.com Spamvertised web page: http://www.totallyteens.com [208.185.230.222] Registrant: RJB Telcom Inc. 13771 Fountain Hills Blvd Suite 247 Fountain Hills, AZ 85268 US Domain Name: TOTALLYTEENS.COM Sponsoring Reseller; for Technical Support with respect to this domain contact: NatNames.com, support@natnames.com 770.471.9075 Administrative Contact: Wilson, Thomas webmaster@RJBTELCOM.COM 13771 Fountain Hills Blvd Suite 247 Fountain Hills, AZ 85268 US 602-816-8284 Technical Contact: Wilson, Thomas webmaster@RJBTELCOM.COM 13771 Fountain Hills Blvd Suite 247 Fountain Hills, AZ 85268 US 602-816-8284 Billing Contact: Wilson, Thomas webmaster@RJBTELCOM.COM 13771 Fountain Hills Blvd Suite 247 Fountain Hills, AZ 85268 US 602-816-8284 Record last updated on 13-Dec-2001. Record expires on 20-Nov-2002. Record Created on 21-Nov-1998. Domain servers in listed order: NS1.RJBTELCOM.COM 64.38.226.218 NS1.NATIONAL-NET.COM 66.115.130.4 NS2.NATIONAL-NET.COM 66.115.136.4 Abovenet Communications IP block [208.184.0.0 - 208.185.255.255]. Upstream: Abovenet (main1colo7-core4-oc12.sjc2.above.net). Nameserver: WebSolutions of Georgia Inc. ---------- Forwarded Message ---------- Received: from cobalt11.infomaniak.ch (cobalt11.infomaniak.ch [212.23.248.32]) by MY-SECONDARY-MX (8.11.6/8.11.6) with ESMTP id g07LWDk17839 for ; Mon, 7 Jan 2002 22:32:15 +0100 (CET) (envelope-from sys_epsitec@cobalt5.infomaniak.ch) X-MDaemon-Deliver-To: Received: (from sys_epsitec@localhost) by cobalt11.infomaniak.ch (8.9.3/8.9.3) id WAA06371; Mon, 7 Jan 2002 22:16:03 +0100 Date: Mon, 7 Jan 2002 22:16:03 +0100 Message-Id: <200201072116.WAA06371@cobalt11.infomaniak.ch> To: rocker@tiger.pwgsc.gc.##, usnot@usnot.no.invald.###, heel@online.medlux.##, carol145@excite.###, pimpf@pimpf.ovh.###, paul@city-fan.###, david.young@lutris.###, danorton@suemers.###, andyhunf@ms51.hinet.###, rut@linuxmail.###, nguoithantinh@yahoo.###, less@nil.nil, n_r8@hotmail.###, michael.ansley@intec-telecom-systems.###, mickybrain@freesurf.##, lordwo@wanadoo.##, chris@cjemicros.co.##, mgilbert@eclipse.co.##, kilgallen@encompasserve.###, arturs.aboltins@lattelekom.##, jan.habicht@web.##, kbam@iprimus.###.au, abuse-2001@dolphinwave.###, jail4judges@mindspring.###, ts@uwasa.##, phil-news-@ipal.###, venky.chakravarthy@pfizer.###, malmaison12@aol.###, foxar@ifrance.###, root@heel.medlux.msk.## From: hotteen@hotmail.com () Subject: Hey You hiq Status: R X-Status: N Voici le résultat du formulaire envoyé par (hotteen@hotmail.com) le Lundi, Janvier 7, 2002 at 22:16:03 --------------------------------------------------------------------------- : Hi My name is Misty, Im 18 and very horny Come and chat with me by : http://www.totallyteens.com/guests/index.shtml?psycho143

(18 ) --------------------------------------------------------------------------- ------------------------------------------------------- ======= PREVIOUS SPAMS WERE ======= Received: from maq1.codiub.com.br (IDENT:root@iplus-ura-065.xdsl-fixo.ctbcnetsuper.com.br [200.225.210.65]) by mail.dolphinwave.org (8.11.6/8.11.6) with ESMTP id g07KxHp14889 for ; Mon, 7 Jan 2002 22:59:18 +0200 Received: (from nobody@localhost) by maq1.codiub.com.br (8.9.3/8.8.7) id SAA14147; Mon, 7 Jan 2002 18:08:24 -0300 Date: Mon, 7 Jan 2002 18:08:24 -0300 Message-Id: <200201072108.SAA14147@maq1.codiub.com.br> X-Authentication-Warning: maq1.codiub.com.br: nobody set sender to webmaster@codiub.com.br using -f To: service@intervolved.###, abuse-2001@dolphinwave.###, tina8882002@yahoo.###, amy_eazy_fun@yahoo.co.##, you@yourplace.###, rosaparada@elsitio.###, simonsays48@flasahmail.###, eike.henke@nexgo.##, remmeoff@china.###, safari818@hot-stop--mail.###, webmaster@sydneybiz.###, support@sydneybiz.###, sales@sydneybiz.###, brent6342@arabia.###, steve.bush@gcmweb.###, newspost@intermedia.###, millys@mvps.###, cas@taz.###.au, cindyb@nowhere.###, stian@grytoyr.###, sdworman@comspec-intnl.###, w@baron.###, alex@fly.srk.fer.##, hardmeier@mvps.###, kevinchan@trasy.###, avdija@epn.##, dvanbalen@jam.rr.###, nra@netbsd.###, anon@anon.###, vbrandt@swing.## From: () 65.184.155.245@maq1.codiub.com.br Subject: Hey You ghi Abaixo está o resultado de um formulário de feedback enviado por (hotteen@hotmail.com) na Segunda-Feira, 7 de janeiro de 2002 às 18:08:12 --------------------------------------------------------------------------- : Hi My name is Misty, Im 18 and very horny Come and chat with me by http://www.totallyteens.com/guests/index.shtml?psycho143

(18 ) --------------------------------------------------------------------------- Received: from maq1.codiub.com.br (IDENT:root@iplus-ura-065.xdsl-fixo.ctbcnetsuper.com.br [200.225.210.65]) by mail.dolphinwave.org (8.11.6/8.11.6) with ESMTP id g07L4op14978 for ; Mon, 7 Jan 2002 23:04:52 +0200 Received: (from nobody@localhost) by maq1.codiub.com.br (8.9.3/8.8.7) id SAA14146; Mon, 7 Jan 2002 18:08:24 -0300 Date: Mon, 7 Jan 2002 18:08:24 -0300 Message-Id: <200201072108.SAA14146@maq1.codiub.com.br> X-Authentication-Warning: maq1.codiub.com.br: nobody set sender to webmaster@codiub.com.br using -f To: service@intervolved.###, abuse-2001@###, tina8882002@yahoo.###, amy_eazy_fun@yahoo.co.##, you@yourplace.###, rosaparada@elsitio.###, simonsays48@flasahmail.###, eike.henke@nexgo.##, remmeoff@china.###, safari818@hot-stop--mail.###, webmaster@sydneybiz.###, support@sydneybiz.###, sales@sydneybiz.###, brent6342@arabia.###, steve.bush@gcmweb.###, newspost@intermedia.###, millys@mvps.###, cas@taz.###.au, cindyb@nowhere.###, stian@grytoyr.###, sdworman@comspec-intnl.###, w@baron.###, alex@fly.srk.fer.##, hardmeier@mvps.###, kevinchan@trasy.###, avdija@epn.##, dvanbalen@jam.rr.###, nra@netbsd.###, anon@anon.###, vbrandt@swing.## From: () 65.184.155.245@maq1.codiub.com.br Subject: DONT IGNORE ME deq Abaixo está o resultado de um formulário de feedback enviado por (efumnk@aol.com) na Segunda-Feira, 7 de janeiro de 2002 às 18:08:12 --------------------------------------------------------------------------- : CLICK HERE --------------------------------------------------------------------------- Received: from cobalt11.infomaniak.ch (cobalt11.infomaniak.ch [212.23.248.32]) by MY-SECONDARY-MX (8.11.6/8.11.6) with ESMTP id g07LSqk17660 for ; Mon, 7 Jan 2002 22:28:53 +0100 (CET) (envelope-from sys_epsitec@cobalt5.infomaniak.ch) X-MDaemon-Deliver-To: Received: (from sys_epsitec@localhost) by cobalt11.infomaniak.ch (8.9.3/8.9.3) id WAA06373; Mon, 7 Jan 2002 22:16:03 +0100 Date: Mon, 7 Jan 2002 22:16:03 +0100 Message-Id: <200201072116.WAA06373@cobalt11.infomaniak.ch> To: rocker@tiger.pwgsc.gc.ca, usnot@usnot.no.invald.###, heel@online.medlux.##, carol145@excite.###, pimpf@pimpf.ovh.###, paul@city-fan.###, david.young@lutris.###, danorton@suemers.###, andyhunf@ms51.hinet.###, rut@linuxmail.###, nguoithantinh@yahoo.###, less@nil.nil, n_r8@hotmail.###, michael.ansley@intec-telecom-systems.###, mickybrain@freesurf.##, lordwo@wanadoo.##, chris@cjemicros.co.##, mgilbert@eclipse.co.##, kilgallen@encompasserve.###, arturs.aboltins@lattelekom.##, jan.habicht@web.##, kbam@iprimus.###.au, abuse-2001@dolphinwave.###, jail4judges@mindspring.###, ts@uwasa.##, phil-news-@ipal.###, venky.chakravarthy@pfizer.###, malmaison12@aol.###, foxar@ifrance.###, root@heel.medlux.msk.## From: bcyhiz@aol.com () Subject: DONT IGNORE ME ijw Status: R X-Status: N Voici le résultat du formulaire envoyé par (bcyhiz@aol.com) le Lundi, Janvier 7, 2002 at 22:16:03 --------------------------------------------------------------------------- : CLI :CK HERE ---------------------------------------------------------------------------