Re: [Declude.JunkMail] Is DRCI Inc. a spamhouse?

[Darin Cox]

Thanks, Matt.  I had followed the links to see the link to Pexicom and the large IP blocks.  Hadn't checked Senderbase yet, though.   Also, thanks for the insight into SBL.   I guess a flip side of the question might be...are there any legit, truly opt-in, commercial bulkmailers out there?  You might say, almost by definition, that there aren't...the only legit mass senders being companies maintaining their own customer lists for newsletters, etc.  Anyone have any other opinions/experiences? Darin.     ----- Original Message ----- From: Matt To: [EMAIL PROTECTED] Sent: Wednesday, February 04, 2004 12:20 PM Subject: Re: [Declude.JunkMail] Is DRCI Inc. a spamhouse? Darin, This company is actually a front for Pexicom which is currently one of the highest volume spammers around.  If you reverse DNS query this address and the others around it, you will find the standard Pexicom results where it returns two name servers and then 6 sequentially numbered mail servers.  Then there's the fact that SenderBase shows this stuff to belong to Pexicom:     http://www.senderbase.org/search?searchString=64.124.100.148 This stuff if worthy of deletion, in fact, it's not even close.  While there is often good reason to think twice about what SORBS might list, don't think twice about what SBL lists, and if you feel compelled to do so, at least look at their evidence file.     http://www.spamhaus.org/sbl/sbl.lasso?query=SBL13718 Pexicom is definitely ROKSO-bound.  They have address blocks all over the place and have been tracked by SenderBase sending volumes of spam that exceed 1 million messages a day from a single IP address. Matt Darin Cox wrote: Anyone know anything about DRCI Inc. (www.drci.us)?   I have a hosting customer who signed up with them (without my knowledge) to send out a mailing to a supposedly opt-in list.  The test emails looked pretty suspicious with the two-domain pattern (tin*eil*.com and getgre*atstuff*.com ... asterisks added in case of filter triggers) we've seen recently, and the sending address (mail1.mrlchm.com [64.124.100.148]) is listed in SBL and SORBS-SPAM.   Also, the initial response I got from them when I mentioned they were in some of the major lists was "tell me which domains were listed...we can switch those".  They didn't understand it wasn't the domains in the HTML, but the sender IP, so I didn't bother explaining, but even more red flags went up.   Thoughts?   Darin.     -- ===================================================== MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ =====================================================