subject:"\[mailop\] Monumetric \- unabated spamming through Google \/ GTT"

Re: [mailop] Monumetric - unabated spamming through Google / GTT

2018-09-26 Thread Carl Byington

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Fri, 2018-09-21 at 10:24 -0700, Michael Peddemors wrote:
> Return-Path: 
> Return-Path: 
> Return-Path: 
> A lot of 'selling Databases of email address' spam..
> Obviously randomly constructed email addresses, all pushing the same
> thing

I have not seen that one, but the following DKIM signers have all sent
spam trying to sell email address lists:

accucompany-us.20150623.gappssmtp.com
aimdigitalpros-com.20150623.gappssmtp.com
btobpath-com.20150623.gappssmtp.com
clienthubmarketing-com.20150623.gappssmtp.com
diziprospects-com.20150623.gappssmtp.com
dynamicaims-com.20150623.gappssmtp.com
ecocontacts-com.20150623.gappssmtp.com
edataplus-com.20150623.gappssmtp.com
etecbizleads-com.20150623.gappssmtp.com
expodatallc-com.20150623.gappssmtp.com
expotechlist-com.20150623.gappssmtp.com
leadmarketershere-com.20150623.gappssmtp.com
primebiz4u-com.20150623.gappssmtp.com
procuredata-net.20150623.gappssmtp.com
prospectsmarketer-com.20150623.gappssmtp.com
reply2setup-com.20150623.gappssmtp.com
webmarketingvendors-com.20150623.gappssmtp.com


-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEAREKAAYFAlusJtQACgkQL6j7milTFsGdDgCfX2JLMHa9QXB8cUQ5Hri1XuhK
uYcAniWfmEzXiUfp6yPuQ6VIUi20Oj7T
=yjOv
-END PGP SIGNATURE-



___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] Monumetric - unabated spamming through Google / GTT

2018-09-21 Thread Michael Peddemors

And for the record, we are also seeing a strong increase in spamming 
from Google.. Not only through the API's but from other hosted efforts..

(Quick glance at reports and spam folders this week reveal)

Return-Path: 
(Via AWS, and sent through SMTP, very high volume)

Various obvious Nigerian spam through through obvious fake signups..
Return-Path: 
And possibly compromised accounts..
Return-Path: 

Return-Path: 
Bulk Mailing offshore outsourcing..

Return-Path: 
Obvious fake 'I want to invest' spam..

Return-Path: 
Return-Path: 
Return-Path: 
A lot of 'selling Databases of email address' spam..
Obviously randomly constructed email addresses, all pushing the same thing

Return-Path: 
The SEO and Adwords 'consultants', something about pushing Google 
services seems to trigger whitelisting...


Return-Path: 
Still lots of these  throwaway domain/groups..
(Another Google SEO expert )

But this one..
Return-Path: 

Fake Apple Membership expiring ... seeing that one, leads me to believe 
that outbound filtering and rate limiters have started to go down hill..


Not to slag gmail exactly, but at least to point out some review might 
be warranted...














On 18-09-21 09:38 AM, Anne P. Mitchell, Esq. wrote:
This spammer is spamming through the Gmail api, and GTT is the last 
identifiable hop to get to their google-hosted site. This is the 4th 
spam to this role account that we've received in the space of a week - 
we have now reported this spammer three times to Google, GTT and Sucuri 
(they are hosted by googledomains and 'protected' by Sucuri - Sucuri 
says they can't do anything because they are only a front-end 
protection), and monumetric continues spamming unabated.


So, please have fun, boys and girls.

P.S. between the time that I drafted this and am hitting send, we 
received a  *5th* spam from them.


P.P.S.  So apparently registering and hosting with google, and adding a 
service like sucuri, is the golden egg to bulletproof spamming these days.



*Spencer Myers mailto:spen...@monumetric.com>>*

Re: New Advertisers for www.theinternetpatrol.com/ 



To: There TBD >


X-Spam-Level: ⁨⁩

X-Cmae-Envelope: 
⁨MS4wfICF2c7pV3yacZ7790CdB0Yrtccdy02jI25E6EvKgVf714nqXW3N8DU7qjcI7AhGn4no3HqIw+FTmnIVGQoxnlyJRrrLILTlNF8qWbktFnz25+DsLosQ 
PRcomf5qF0h2w2Xu40CNrmfBKHlkq46uWz2ZF6WdJgZMJaPdhc5lm4cRVhxYjWCTr6dYrJZJE+52sMdovho6CBYvqS3aJctUigA=⁩


Arc-Seal: ⁨i=1; a=rsa-sha256; t=1537369945; cv=none; d=google.com 
; s=arc-20160816; 
b=q+V8L4kb2CQv1/PWwY8MbyRNxSXjsjktEo9n3t2wIyz+bueofzSoi6Nbww/saWVEuk 
/sNuXJTwYL5sb2yq1a8p/TdiRL3acfnmefNLxzTnRD1hhRFHB5gYg1QMKJbuL5u2sRcK 
0pRcTS8QRE0o355Zqn0x09AMJSrjV6naEJeN+lbH0u7OR9tBIFZf/2e/LC50lOKSHZK8 
amTsQ7KtFS/lZo+YFzopdSf+0lm18nlHI+aWrbcWGBIEZWFRTsS6NF1llIBk4blywH6w 
SoqrDhvBpmmmvX0BLv1Afpe8X9ENhYhJDiZWAXIJt2A9Me4AmaAQYVDL82dIRBv99Zjj 
EIlw==⁩


⁨>⁩


X-Received: ⁨by 2002:a63:d946:: with SMTP id 
e6-v6mr33028719pgj.24.1537369945108; Wed, 19 Sep 2018 08:12:25 -0700 
(PDT)⁩


X-Received: ⁨by 2002:aca:d4cd:: with SMTP id 
l196-v6mr1843848oig.15.1537369938395; Wed, 19 Sep 2018 08:12:18 -0700 
(PDT)⁩


X-Gm-Message-State: 
⁨APzg51CP/4Ackzujn5h7alRAm00DwokIz78aAYSN6clm2JcoGXVLqvxv 
QPe591gjHrNPrPd+1FUzk8L27KbwXMM1XWveYelecrQE⁩


Return-Path: 
⁨>⁩


Arc-Authentication-Results: ⁨i=1; mx.google.com 
; dkim=pass header.i=@monumetric.com 
 header.s=google header.b="GjPN9ZA/"; 
spf=fail (google.com : domain of 
srs0=yxhb=mb=monumetric.com=spen...@bounce.secureserver.net 
 
does not designate 69.12.213.130 as permitted sender) 
smtp.mailfrom="SRS0=yXhb=MB=monumetric.com=spen...@bounce.secureserver.net 
"⁩


X-Google-Smtp-Source: 
⁨ANB0VdahNQV0GFj6mGZtXu70l35CiBWONQEG5kyAmCNhQRlsb6R/Gb6eSy1RGu0VwxnD7k87sozG⁩


X-Virus-Scanned: ⁨Content scanner at isipp.com ⁩

Mime-Version: ⁨1.0⁩

Authentication-Results: ⁨mx.google.com ; 
dkim=pass header.i=@monumetric.com  
header.s=google header.b="GjPN9ZA/"; spf=fail (google.com 
: domain of 
srs0=yxhb=mb=monumetric.com=spen...@bounce.secureserver.net 
 
does not designate 69.12.213.130 as permitted sender) 
smtp.mailfrom="SRS0=yXhb=MB=monumetric.com=spen...@bounce.secureserver.net 
"⁩


X-Outreach-Sent: ⁨true⁩

Arc-Message-Signature: ⁨i=1; a=rsa-sha256; c=relaxed/relaxed; 
d=google.com ; s=arc-20160816; 
h=to:subject:message-id:date:mime-version:references:in-reply-

Re: [mailop] Monumetric - unabated spamming through Google / GTT

2018-09-21 Thread Ken O'Driscoll via mailop

On Fri, 2018-09-21 at 10:38 -0600, Anne P. Mitchell, Esq. wrote:
> This spammer is spamming through
[...]

Anne, I think perhaps you accidentally posted this to the wrong list? 

Ken.

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

[mailop] Monumetric - unabated spamming through Google / GTT

2018-09-21 Thread Anne P. Mitchell, Esq.

This spammer is spamming through the Gmail api, and GTT is the last 
identifiable hop to get to their google-hosted site. This is the 4th spam to 
this role account that we've received in the space of a week - we have now 
reported this spammer three times to Google, GTT and Sucuri (they are hosted by 
googledomains and 'protected' by Sucuri - Sucuri says they can't do anything 
because they are only a front-end protection), and monumetric continues 
spamming unabated.

So, please have fun, boys and girls.

P.S. between the time that I drafted this and am hitting send, we received a  
*5th* spam from them.

P.P.S.  So apparently registering and hosting with google, and adding a service 
like sucuri, is the golden egg to bulletproof spamming these days.

> Spencer Myers mailto:spen...@monumetric.com>> 
> Re: New Advertisers for www.theinternetpatrol.com/ 
> 
> To: There TBD  > 
> X-Spam-Level: ⁨⁩
> X-Cmae-Envelope: 
> ⁨MS4wfICF2c7pV3yacZ7790CdB0Yrtccdy02jI25E6EvKgVf714nqXW3N8DU7qjcI7AhGn4no3HqIw+FTmnIVGQoxnlyJRrrLILTlNF8qWbktFnz25+DsLosQ
>  
> PRcomf5qF0h2w2Xu40CNrmfBKHlkq46uWz2ZF6WdJgZMJaPdhc5lm4cRVhxYjWCTr6dYrJZJE+52sMdovho6CBYvqS3aJctUigA=⁩
> Arc-Seal: ⁨i=1; a=rsa-sha256; t=1537369945; cv=none; d=google.com 
> ; s=arc-20160816; 
> b=q+V8L4kb2CQv1/PWwY8MbyRNxSXjsjktEo9n3t2wIyz+bueofzSoi6Nbww/saWVEuk 
> /sNuXJTwYL5sb2yq1a8p/TdiRL3acfnmefNLxzTnRD1hhRFHB5gYg1QMKJbuL5u2sRcK 
> 0pRcTS8QRE0o355Zqn0x09AMJSrjV6naEJeN+lbH0u7OR9tBIFZf/2e/LC50lOKSHZK8 
> amTsQ7KtFS/lZo+YFzopdSf+0lm18nlHI+aWrbcWGBIEZWFRTsS6NF1llIBk4blywH6w 
> SoqrDhvBpmmmvX0BLv1Afpe8X9ENhYhJDiZWAXIJt2A9Me4AmaAQYVDL82dIRBv99Zjj EIlw==⁩
> ⁨ >⁩
> X-Received: ⁨by 2002:a63:d946:: with SMTP id 
> e6-v6mr33028719pgj.24.1537369945108; Wed, 19 Sep 2018 08:12:25 -0700 (PDT)⁩
> X-Received: ⁨by 2002:aca:d4cd:: with SMTP id 
> l196-v6mr1843848oig.15.1537369938395; Wed, 19 Sep 2018 08:12:18 -0700 (PDT)⁩
> X-Gm-Message-State: ⁨APzg51CP/4Ackzujn5h7alRAm00DwokIz78aAYSN6clm2JcoGXVLqvxv 
> QPe591gjHrNPrPd+1FUzk8L27KbwXMM1XWveYelecrQE⁩
> Return-Path: ⁨ >⁩
> Arc-Authentication-Results: ⁨i=1; mx.google.com ; 
> dkim=pass header.i=@monumetric.com  
> header.s=google header.b="GjPN9ZA/"; spf=fail (google.com 
> : domain of 
> srs0=yxhb=mb=monumetric.com=spen...@bounce.secureserver.net 
>  does not 
> designate 69.12.213.130 as permitted sender) 
> smtp.mailfrom="SRS0=yXhb=MB=monumetric.com=spen...@bounce.secureserver.net 
> "⁩
> X-Google-Smtp-Source: 
> ⁨ANB0VdahNQV0GFj6mGZtXu70l35CiBWONQEG5kyAmCNhQRlsb6R/Gb6eSy1RGu0VwxnD7k87sozG⁩
> X-Virus-Scanned: ⁨Content scanner at isipp.com ⁩
> Mime-Version: ⁨1.0⁩
> Authentication-Results: ⁨mx.google.com ; dkim=pass 
> header.i=@monumetric.com  header.s=google 
> header.b="GjPN9ZA/"; spf=fail (google.com : domain of 
> srs0=yxhb=mb=monumetric.com=spen...@bounce.secureserver.net 
>  does not 
> designate 69.12.213.130 as permitted sender) 
> smtp.mailfrom="SRS0=yXhb=MB=monumetric.com=spen...@bounce.secureserver.net 
> "⁩
> X-Outreach-Sent: ⁨true⁩
> Arc-Message-Signature: ⁨i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com 
> ; s=arc-20160816; 
> h=to:subject:message-id:date:mime-version:references:in-reply-to:from 
> :dkim-signature:delivered-to; 
> bh=94QniIOXIK7qmn0tHsrIEiy6UnZUcbGO6y+Q2WjmOn8=; 
> b=buUo3XdBUc+6TdlWfCe2larT+N/o3BtrLg5bpKFMrPwlU3Owp1cWjzuKdk4jd8YeRR 
> v3m9GOHBr4hxlaY8dSJMQgryPYCGHP4HIwGk6I0iXFL9LmroKfleTWNgxOYunvOakgtR 
> L31e1hoUv1M+ClU/sz+vpyhnu9jRcjtq7Mli8DwHy2DuBVw/gjLQYO7iYIDtnave1oiY 
> hSH4KGcqrYoLmIEXIJ+Z6gCK1I6fGtRoBVyitPvKD8jmFVIKLUvRREh93pOXE9ushhVs 
> cSrwOpBzQ8RlwqbrUX4nzkAXjEJHPB3EnIHS2qsXHKEflAvzKjuEJ72k95cnetIX0tjj smfw==⁩
> ⁨ >⁩
> Dkim-Signature: ⁨v=1; a=rsa-sha256; c=relaxed/relaxed; d=monumetric.com 
> ; s=google; 
> h=from:in-reply-to:references:mime-version:date:message-id:subject:to; 
> bh=94QniIOXIK7qmn0tHsrIEiy6UnZUcbGO6y+Q2WjmOn8=; 
> b=GjPN9ZA/QAT+OHjAdYjuaJgtSPWtmMf2SdbdMhuG+pBYWQqPLNspIwPRDL0t8c8ks1 
> r4mixeH92O5tpqbBfwzX1gyZtQWiP4MPsRbKKhmg/MzBmxdCGKfPoLJkjpILHiIU/zoF 
> Rd3C3Sfs7V6l9Xq9Lw3lRhBB0lhrU5bGffCNNcsii23+iX3UgHo08O/OrO+Gdkzm3lqn 
> 5QQ/mbr/Nq8eRqHaIuxkiZB1vAp9dUy9agSVQ99x3h4DhgAvtL6pQGVUrfMdTQis9b1T 
> +jBeV5x47GnQYMg3v23NA1E/qWJCylPHlyOUVFyvBJ3k1JSQVZVK831sSRYnMnYL0v+u lgTA==⁩
> X-Spam-Score: ⁨-1.

Re: [mailop] Monumetric - unabated spamming through Google / GTT

Re: [mailop] Monumetric - unabated spamming through Google / GTT

Re: [mailop] Monumetric - unabated spamming through Google / GTT

[mailop] Monumetric - unabated spamming through Google / GTT

4 matches

Site Navigation

Mail list logo

Footer information