We received the notice below two days ago. It came from, and requires
response to, gacracker.org which is a remailer. It gives no information as
to who is actually behind it. A message sent to their autoresponder address
was never answered. Mail sent to the specified "inquiry" address produced
the second message (below) which contains some unrealistic demands.
Does anyone here have any idea who's behind this?
(The specific ID numbers they assigned to us have been munged.)
---------- Forwarded message ----------
Date: 11 Jul 2001 02:59:53 -0000
From: Nobody <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Notice of impending blkhole listing of 204.245.195.17/32
Unless mail is sent to:
[EMAIL PROTECTED]
and is received within 24 hours, the IP address and/or network
204.245.195.17/32 will be added to the DNS blackhole list of IPs that are
improperly operating mailing lists. You should receive a reply to
that message.
THIS LISTING MAY BE EXPANDED TO INCLUDE AN ENTIRE CLASS C NETWORK
WITHOUT FURTHER NOTICE, upon receipt of additional UCE/UBE from
within that net-block.
To get information describing what this is about, please respond to
the above address, and pointers to the available information will be
provided in the reply. If you're uncomfortable sending mail from
your own account, we'd suggest using one of the free services
(hotmail or yahoo) to send the reply instead.
An attempt has been made to send this message to the
<postmaster@RDNS> and <postmaster@[IP]> addresses. c.f. RFC 1173
RDNS is the domain name associated with the IP address/net.
Be sure to write down this code:
4b3ee483921800f9af
You will need it if you want to be conditionally removed from the
list. If you lose it, there is no way to recover it. The token is
unique and will allow manipulation of this issue only by somebody
that knows or has access to the token.
Regards,
[EMAIL PROTECTED]
--------------- End Forwarded Message ----------------
Response from our initial inquiry:
Congratulations. You've received a one-time extension of your listing date.
Status as of Wed Jul 11 16:17:21 2001: GMT
IP|Network: 204.245.195.17/32
State: To be listed
Time Stamp: Wed Jul 25 02:52:18 2001 GMT
This service maintains a list of IP addresses that are, in some way,
associated with mailing lists that are, in the opinion of the list
maintainer, not following the 'best practices' of operating mailing
lists.
You end up on this list by not confirming email addresses, either
now or in the past, before sending mail to those addresses. IPs are
added to this list by a semi-automated process. Please send mail to
[EMAIL PROTECTED] for more details.
Send mail to:
[EMAIL PROTECTED]
with a subject of:
Subject: Status <IP Address>
to obtain the status of an IP address.
E.g. to find out the status of IP #1.2.3.4, you use:
Subject: Status 1.2.3.4
Send mail to:
mlretest+<SubscriptionCode from Notice>@redneck.gacracker.org
to signify that all mailing lists associated with a given IP/Network
have been converted to use a closed-loop confirmed address
verification system, and that all addresses have been reconfirmed.
This will cause the IP/Network in question to be taken off of the
list, subject to DNS propagation. Any further messages sent to the
subscription test addresses after this point will cause a permanent
listing to be made. In other words, you only get one chance to get
it right, so test well before using this option.
Although this list is not affiliated with the Mail Abuse Prevention
System(MAPS), the list operator does agree with the principles
articulated at:
http://mail-abuse.org/manage.html
The focus of this list is that a closed-loop confirmation system
must be used to obtain the permission of the actual owner of an
email address before it can be added to *any* mailing list.
Candidate IPs and mailing lists are found when mailing lists are
started to addresses for which a closed-loop process was not used.
Candidate IPs are generally programmatically tested, and mailing
lists that fail to conform will have the IPs that are associated
with them added to this list. This includes addresses that are
obtained from 'partners' or by other means.
Mailing lists that are sent to non-existent addresses within a
domain are also subject to listing.
Mailing lists that have always followed this practice will not
appear on this list. Mailing lists that are using addresses that
were not obtained by this process are subject to listing.
To request a copy of the Frequently Asked Questions (FAQ), please
send mail to:
[EMAIL PROTECTED]
Regards,
[EMAIL PROTECTED]
