Category Archives: the mallet

seriously…

i put a notice on hybrid elephant’s contact form, a few months ago:

PLEASE NOTE: This contact form is solely for the use of Hybrid Elephant customers who need to get in contact with us. Every message that is sent with this form includes a unique IP address in the header, which identifies the computer from which the message was sent. If you use this form to spam us, all you will accomplish is to put your IP address on the list of IP addresses which are PERMANENTLY BANNED from accessing Hybrid Elephant for any reason. Please DO NOT USE THIS FORM to send us advertisements or solicitations. It WILL NOT WORK! You have been warned!

this morning i received spam from the contact form, which said “my apologies for reaching out cold like this, just trying to see who I can help.”

if you’re really interested in helping, there’s a snail-mail address, AND a phone number posted on the same page as the contact form — which contains the warning mentioned previously. there’s absolutely no reason why you could not have called me on the phone, or written me a snail-mail message, instead of using our contact form SPECIFICALLY for something that i have warned you NOT to use it for.

not only that, but the header indicates that you’re one of those suckers who bought into the spam that has been going around recently, which says that you can send your spam through contact forms, because they’re already approved. i know this because your return address is to a server in scottsdale, arizona, but the message was sent through 105.235.192.0/21, which is located in nigeria. not only that, but the domain name you registered is hosted by microsoft, and registered at godaddy, both of which are known, notorious spam havens, despite what they may say in their advertisements… so your domain name also goes into my spam filter.

congratulations, spammer: you have successfully participated in BLOCKING yourself, your domain, and a /21 range (2,048 individual IP addresses) in nigeria. you will never again be able to access any of my domains, for any reason, any email that you send to me will go unread, and there is absolutely NO WAY i will ever use your “instagram marketing” service… primarily because i do not now, and never have had an instagram account, and i do not intend to open one in the future.

which you could have found out just as easily over the telephone, and you wouldn’t have blocked yourself. spam doesn’t work. give it up.

🤬

spam update

as of 190729, the following IP addresses, and top-level domains are BLOCKED from my web sites, for egregious spamming behaviour:

5.104.108.0/24 – germany
5.188.210.0/24 – russia
5.226.136.0/21 – UK
23.19.0.0/19 – russia
23.82.128.0/22 – VIRGINIA, USA
31.13.191.0/24 – sweden
37.120.135.0/24 – italy
37.120.159.0/24 – UK
45.12.176.0/22 – india
45.81.0.0/22 – UK
51.15.0.0/18 – france/belgium
51.38.157.0/26 – poland
51.89.30.128/26 – denmark
77.81.105.0/24 – romania
77.81.106.0/24 – romania
80.211.253.0/24 – aruba/italy
85.25.236.0/22 – germany
85.204.49.0/24 – romania
85.204.50.0/24 – romania
85.206.165.8/29 – lithuania/canada
85.254.72.0/24 – latvia
86.109.170.0/24 – spain
88.201.208.0/20 – russia
88.247.0.0/18 – turkey
88.247.64.0/20 – turkey
89.36.224.0/25 – romania
89.44.138.0/23 – romania
89.238.128.0/18 – UK
92.101.192.0/22 – russia
93.125.99.0/24 – belarus/canada
95.37.128.0/17 – russia
95.216.0.0/15 – finland
103.39.132.0/22 – india
103.62.92.0/22 – india
103.76.22.0/23 – indonesia
103.113.3.0/24 – indonesia
103.138.238.0/24 – india
104.245.144.0/22 – canada
105.174.0.0/15 – angola
109.93.128.0/17 – serbia
109.158.0.0/16 – UK
109.175.96.0/19 – bosnia and herzegovina
109.245.80.0/21 – serbia
118.107.180.0/24 – hong kong
133.0.0.0/8 – japan (this represents 16,777,216 individual IP addresses, the largest block allocated by the IANA 🤬)
134.90.149.176/29 – norway
139.99.0.0/17 – singapore
142.59.228.0/22 – canada
150.95.104.0/21 – vietnam
151.106.10.154/31 – china/france
151.106.12.240/28 – romania
157.157.87.0/24 – iceland
168.196.0.0/22 – argentina
176.9.0.0/16 – bulgaria
177.36.246.0/24 brazil
178.17.160.0/21 – moldova
178.17.168.0/21 – moldova
178.162.208.0/21 – germany
178.162.220.0/22 – germany
178.175.128.0/18 – moldova
181.214.60.0/22 – brazil
181.215.96.0/19 – brazil (london, columbia, chicago)
182.50.128.0/19 – singapore
182.52.0.0/15 – japan/thailand
182.56.0.0/14 – india
183.80.144.0/20 – vietnam
183.89.0.0/16 – thailand
185.9.147.0/24 – russia
185.93.3.0/24 – UK
185.94.189.128/27 – romania
185.103.110.0/24 – finland
185.125.32.0/22 – turkey
185.128.27.0/24 – italy
185.156.173.0/24 – france
185.206.224.0/24 – denmark
185.220.101.0/25 – germany
185.222.58.0/24 – bangladesh
185.230.127.0/24 – germany
185.234.0.0/22 – ireland/UK
188.209.52.0/24 – macau
193.56.28.0/24 – UK
193.201.224.0/22 – ukraine
195.181.166.0/24 – UK
199.249.230.0/24 – TEXAS, USA
200.40.96.0/24 – uruguay
201.138.46.0/24 – mexico
203.113.160.0/19 – vietnam

.bid – auctions
.br – brazil
.casa – “house”
.cf – central african republic
.club – groups, organizations, assemblies, communities, general
.cn – china
.date – online dating
.direct – general
.do – dominican republic
.download – technology
.es – spain
.faith – religion and churches
.fun
.gq – equatorial guinea
.hk – hong kong
.host – network companies
.icu – entrepreneurs and business owners
.life
.live
.loan – banks and lenders
.md – moldova
.moda – “fashion”
.mp – northern mariana islands (and anyone using mailchi.mp)
.ms – montserrat
.ooo
.online
.party – nightclubs and social gatherings
.pro – professions/professionals
.racing – racing
.review – public reviews
.ru – russia
.site
.space – as a creative space
.store – stores
.stream
.top
.trade – businesses
.webcam – web cam shows and video sharing
.website
.win – games, micro$oft windoesn’t
.world
.xyz
.za – south africa

if you recognise your IP address, or if you are one of the unfortunates whose web sites have one of the preceding TLDs, i’m sorry, but it had to be done… maybe if you contacted your ISP and complained, they might do something about it. 😒

HAHAHAHAHAHAHAHAHA!!! 🤪🤣

last year i switched away from my then-new host provider after a very short period of time because it turned out that they were a spam-haven.

before i switched, it got so bad that i set up a monitor at MXToolbox to check whether or not my IP address had been listed at any blacklists.

the host provider was incensed at this, and swore up and down that they had robust anti-spam policies that were enforced with an iron fist, but i switched away from them shortly afterwards, anyway.

today i got a notice from the monitor. apparently 69.162.87.36 is running an open relay and has a poor reputation

so much for “robust anti-spam policies enforced with an iron fist”. 🤣🤣🤣🤣🤣

anti-spam

the following is a list of the TLD names that i have blocked from sending email to any email address at Hybrid Elephant:

.bid
.br – Brazil
.cf – Central African Republic
.club
.cn – China
.date
.direct
.do – Dominican Republic
.download
.es – Spain
.faith
.fun
.gq – Equatorial Guinea
.hk – Hong Kong
.host
.icu
.live
.loan
.ooo
.online
.party
.pro
.racing
.review
.ru – Russia
.space
.store
.stream
.top
.trade
.webcam
.win
.world
.xyz
.za – South Africa

if you are from any of these TLDs, you might as well give up on the idea of sending email to me.

related post

interesting

the past few weeks (maybe as much as a couple months) i have been getting anywhere from 4 to 24 “porn spam scam” emails per day — you know the ones, where the guy claims to be a “hacker” who has “taken over” your computer, is emailing you “from your own email address”, doesn’t speak english too well, and demands some random amount in bitcoin to prevent him from revealing your “pornographic indiscretions” to “everyone on your contact list” (😒) — and i have been reporting EVERY! SINGLE! ONE! to their upstream provider, and to the bitcoin abuse web site… but for the past couple of days, i have noticed that the constant stream has dropped off considerably: two days ago, i received two messages, yesterday i only received one, and, so far, today, i haven’t received any.

i also noticed that, a few days ago, i started seeing specific SpamAssassin rules that are targeted towards the porn-spam-scam racket (bitcoin address recognition and “from:” address spoofing are the two big ones), but considering the massive influx of porn-spam-scam messages over the past couple of months, i would have expected a much more gradual drop-off.