I've got ticket numbers at both UUNet and Sprinklink on my complaints
with them, if anyone would like to reference them in their own
complaints, please email me offlist. Also, if you want to see the
originals, I've got 6 of them (that I also forwarded to compliance)
and I'm sure my email to customers asking for their copies will most
likely be added to that. I'll send the originals to whoever wants to
see them, off list.
Wednesday, Wednesday, September 05, 2001, 10:44:21 PM, William X Walsh wrote:
> I've got what looks like a compliance case, but it's somewhat complex,
> and I'm sure other OpenSRS RSPs are getting these also, so I am CC'ing
> this to discuss.
> A company whose website claims to be an opt-in marketing company is
> sending out advertisements with links to .biz and .info
> preregistration sites. They claim to be opt-in, but their website
> includes only bogus contact information, something no real opt-in
> company would do, and nothing but the single web page with no other
> information, again, something no other opt-in marketing company would
> do. The domain they are using for this is
> domainmarketingmailers.com, which is registered with OpenSRS.
> The email makes it look like they are sending you details about the
> "best" places to do biz/info preregistrations, and include URLs which
> forward to one of the following domains (they even say stuff like,
> this one is the best, this is the second best, etc):
> dotbizlottery.com
> preregisteryourdomains.com
> takemyname.com
> greatdomainrace.com
> See the whois on those domains plus the domainmarketingmailers.com
> domain name for similarities.
> Traceroutes for domainmarketngmailers.com go through sprintlink to a
> netblock registered to: (Also the originating IP in the spam is linked
> to this netblock)
> INTERNET SATELLITE DIRECT (NETBLK-FON-110168422482378)
> 1683 W. GRANT RD. #101
> TUCSON, AZ 85745
> US
> Traceroutes for dotbizlottery.com go through uunet to a net block
> registered to:
> Internet Satellite Direct (NETBLK-UU-65-197-248)
> 1683 west grant rd
> Tucson, AZ 85745
> US
> Traceroutes for secure.preregisteryourdomains.com,
> secure.takemyname.com, and www.greatdomainrace.com are the same as
> dotbizlottery.com's.
> All of these sites get a link that is made to look like an affiliate
> link that a popular affiliate program service uses, with AID and PID
> in the URL, much like commission junction uses, and use the affiliate
> program excuse to claim that they didn't send out the spams. However,
> looking at the netblock registrations, and whois on the domains, you
> can clearly see they are doing the spam on sprintlink, and telling
> them these are just "normal" complaints that any opt-in marketer gets
> when they send out email ads, and that they have no link to the sites
> linked to, so why would they spam them, and then telling UUNet that
> they didn't send out the spams, it must be an affiliate, we will
> terminate them, blah blah blah.
> While they do have a CJ affiliate program, the links in the spams are
> NOT going through the CJ system, but are made to appear "like" the CJ
> links do.
> All the addresses I've received this at were culled from whois
> listings. I've got a handful of them, and I have customers who I am
> asking to send me any they have received or will receive.
> I intent to pursue this with Sprintlink's security and abuse team
> tomorrow, and possibly with UUNet though they tend to be less
> responsive.
> I don't know if they are submitting their registrations via OpenSRS or
> not, but the fact that all of their domains are registered with
> OpenSRS suggests that they may be.
> Compliance, I will be sending a second email with 6 different emails
> that were sent by this company as attachments.
