Archive

Archive for July, 2006

ABC Shop Spam!

July 19th, 2006 Bugman 2 comments

Boycott ABC Shop!

Well, we’ll see.

I received a spam today which was sent to an address I’ve only ever used at the ABC Shop online. You see, my domain is set up to accept wildcarded addresses and suddenly today, I received email to the address I used when signing up to the ABC Shop website. Tsk tsk!

Here’s a copy of the email (actual address has been removed for integrity of this matter):

Received: from host213-123-133-98.in-addr.btopenworld.com
(host213-123-133-98.in-addr.btopenworld.com [213.123.133.98])
	by nautilus.bugman.cx (8.13.1/8.12.10) with SMTP id k6I9GRWU036668
	for ; Tue, 18 Jul 2006 18:46:29 +0930 (CST)
	(envelope-from nyraexgrv@adelaide.on.net)
Message-ID: <000901c6aa4a$cc3c8d20$62857bd5@DUL1SBUCCHIL1>
From: "Kit upgrade" 
To: removed
Subject: promote freedom study
Date:   Tue, 18 Jul 2006 10:16:05 -0100
MIME-Version: 1.0
Content-Type: multipart/related;
	type="multipart/alternative";
	boundary="----=_NextPart_000_0005_01C6AA53.2E00F520"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2873
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2873
Content-Length: 16434
Lines: 272

------=_NextPart_000_0005_01C6AA53.2E00F520
Content-Type: multipart/alternative;
	boundary="----=_NextPart_001_0006_01C6AA53.2E00F520"

------=_NextPart_001_0006_01C6AA53.2E00F520
Content-Type: text/plain;
	charset="windows-1250"
Content-Transfer-Encoding: quoted-printable

Groups
send broken links Franklin
bkgdLeft .bkgdBlue .headerAd .postBox
Date: // :: Author:
have lost
Other Items inquire
DMCA. package: aps fontutils idutils thales.
promote freedom study
aps fontutils
are
service includes
royalty medium provided copyright Updated:
edit
messages near realtime.
Email: Qty: fields home data
which free software:
UNIX like
Up Mirrors
petitions
once:NBX Software Help
other web sites. Or
Company: Phone:
news well items section see Whats New Take
Action GPLv: drafting GPLv.
data video internet quote
UNIX like
sites. Or several once:NBX
Mario Garza All
Search Sitemap
service includes one
hu ja ko nb
Public

------=_NextPart_001_0006_01C6AA53.2E00F520
Content-Type: text/html;
	charset="windows-1250"
Content-Transfer-Encoding: quoted-printable










Groups


send broken links Franklin


.bkgdLeft .bkgdBlue .headerAd .postBox


Date: // :: Author:


have lost


Other Items inquire


DMCA. package: aps fontutils idutils thales.


promote freedom study


aps fontutils


are


service includes


royalty medium provided copyright Updated:


edit


messages near realtime.


Email: Qty: fields home data


which free software:


UNIX like


Up Mirrors


petitions


once:NBX Software Help


other web sites. Or


Company: Phone:


news well items section see Whats New Take


Action GPLv: drafting GPLv.


data video internet quote


UNIX like


sites. Or several once:NBX


Mario Garza All


Search Sitemap


service includes one


hu ja ko nb


Public



------=_NextPart_001_0006_01C6AA53.2E00F520--

------=_NextPart_000_0005_01C6AA53.2E00F520
Content-Type: image/gif;
	name="US.gif"
Content-Transfer-Encoding: base64
Content-ID: <000401c6aa4a$cc3c8d20$62857bd5@DUL1SBUCCHIL1>

[removed]

------=_NextPart_000_0005_01C6AA53.2E00F520--

I accompanied this with a letter:

Sender:
Adam Smith
——————-
NORWOOD, SA 5067
(xx) xxxx xxxx

Recipient:
ABC Retail
C/o ABC Enterprises
GPO Box 9994
Sydney NSW 2001
Australia

July 19th, 2006

To Whom It May Concern:

I recently received a spam email to an address that I have only ever exposed to the ABC Shop online.

I own my own domain name, bugman.cx, which hosts my own mail server. I have configured with “wildcard” email addresses accepted, i.e. anyone can email any username @bugman.cx and it will arrive in my inbox. This is very convenient as I am able to sign up to different websites using a unique email address every time.

When signing up for my account on the ABC Shop website I used the email address removed@bugman.cx, an address that has never existed on the Internet before and has never been used anywhere else other than for the ABC Shop signup process.. It has never been made publicly available.

Today I received a spam email to removed@bugman.cx which I have enclosed with this letter (full headers included). As far as I deduce see the only reasonable explanation is that a spammer somehow managed to obtain an email address that has only ever been disclosed to your business.

Is it possible that your data integrity has been compromised?

While I accept that it is possible for a spammer to guess the address removed@bugman.cx any reasonable person would presume this unlikely.

I work in the Internet Services industry and deem myself to have a knowledgeable understanding of spam. I team lead a group in which one of the tasks is to maintain our company’s spam abuse queue.

I deem this matter of high importance and look forward to your reply.

Regards,

Adam Smith

So now it’s completely up to them! I’ll include any responses as they happen.

Categories: Tech Tags: