Stupidity Exposed!

Einstein was right – stupidity IS infinite!

Archive for category Internet Service Provders

UK Servers – World Class[less] Hosting Services

Jul 5

Posted by admin in Internet Service Provders | Comments off

I needed to report a problem with a web site on IP address 94.229.73.157, so I did a WHOIS lookup and got the following:

person:         David Howes
address:        UK Dedicated Servers Ltd
address:        61 Somers Road Industrial Estate
address:        Rugby
address:        Warwickshire
address:        CV22 7DG
mnt-by:         UKSERVERS-MNT
abuse-mailbox:  abuse@ukservers.com
phone:          +44 (0)870 067 2522
nic-hdl:        DH1778-RIPE
source:         RIPE # Filtered
remarks:        For Abuse Please Email: abuse@ukservers.com

It shows an abuse email address of  ‘abuse@ukservers.com’, so I send my email to that address describing the problem.  This is what I get back:

Hello,

Thanks for submitting your abuse complaint, we take all abuse on our network very seriously.

In order that your complaint can be processed as quickly as possible and reaches the end user on our network please re-submit your complaint using the form below:

http://control.ukservers.com/abuse.php

Regards
UK Dedicated Servers Limited

Why do I even try?!?!

HostGator passes the buck!

Jun 30

Posted by admin in Internet Service Provders | Comments off

I guess when HostGator has an issue they don’t feel like dealing with, they send you to “The Void of the Internet”?

"The Void of the Internet"

"The Void of the Internet"

YouTube (a.k.a. Google) makes reporting abuse (nearly) impossible!

May 3

Posted by admin in 800-Pound Gorillas, Internet Service Provders, Pet Peeves | Comments off

I am SO TIRED of large companies like Google who don’t want to provide support for their own products and would rather you check with the “community” support board for your answers!  I attempted to send an email to YouTube’s abuse email address (abuse@youtube.com) to report a video that I believe was violating their terms of service, and I got back the following reply:

This is an automated response to let you know that your message has been
caught by our spam filter and won't be read. It appears that you have
reached us at an incorrect address. The best way to get a hold of us is by
visiting the Help Resources page at
http://www.google.com/support/youtube/bin/static.py?page=start.cs&hl=en_US
or checking out our Contact Us page: http://youtube.com/t/contact_us

Please don't reply to this message -- we won't get your response.

By looking through our Help Center, you should be able to find a solution
to, or report your problem. You'll also be able to gather the information
we need to best assist you.

Anyone with half a brain knows that putting a spam filter on an abuse mailbox is a stupid idea.  Of course what I’m sending you may look like spam BECAUSE THAT IS WHAT I’M TRYING TO REPORT TO YOU!!!  Google seems to do everything in their power to not have to read emails from their customers!

Don’t you just HATE ISPs that use automated mail screeners??

Apr 4

Posted by admin in Internet Service Provders | Comments off

I’ve been trying to report a phishing site to the ISP that owns the IP address of the hosting server:

http://97-88-142-32.dhcp.fdul.wi.charter.com:83/www.irs.gov/portal/0,,id=96596,00.html

Clearly, the server is on a Charter Communications IP address, yet when I send the link to the suggested email address (abuse@charter.net), I constantly get the following response:

This email address is for reporting incidents of abuse coming from IP addresses registered to Charter Communications.  Abuse from IP addresses not registered to Charter Communications should be directed to the registered owners of the IP address in question. 

The following link should be of assistance in locating the organization responsible for the IP address: 

    http://www.arin.net/whois 

Thank you, 

Charter High-Speed Internet Security Team

This has been happening (and the phishing site is STILL UP) for almost 2 days now.  They are obviously employing a mail scanner to parse the complaint.  I don’t know if they’re simply looking for email headers in the body of my email and rejecting all other complaints?!  I tried using their “Chat Now” support service and chatted with someone for a while.  They said to email the Abuse Department.  I told them I had done that several times, only to get the same rejection response each time.  Then they said they couldn’t help me, so I should call the toll free support number.  I had to wonder what they were there for if they can’t help the customers who contact them??  What a joke!!

AOL won’t shut down SPAMMER accounts

Mar 27

Posted by admin in Internet Service Provders | Comments off

AOL refuses to shut down user accounts that have been shown to send out spam time and time again.  Here’s a spam I recently received:

Return-Path: <smurphygurl19@aol.com>
Received: from omr-m33.mx.aol.com (omr-m33.mx.aol.com [64.12.143.145])
by smtp.domain1.com (8.14.4/8.14.4) with ESMTP id p2R4T2hi001413
for <user@domain2.com>; Sun, 27 Mar 2011 04:29:03 GMT
Received: from oms-mb03.r1000.mx.aol.com (oms-mb03.r1000.mx.aol.com [64.12.102.139])
by omr-m33.mx.aol.com (8.14.1/8.14.1) with ESMTP id p2R4CE0A031002;
Sun, 27 Mar 2011 00:12:31 -0400
Received: from mtaomg-da01.r1000.mx.aol.com (mtaomg-da01.r1000.mx.aol.com [172.29.51.137])
by oms-mb03.r1000.mx.aol.com (AOL Outbound OMS Interface) with ESMTP id 325211C000083;
Sun, 27 Mar 2011 00:12:31 -0400 (EDT)
Received: from core-dac001b.r1000.mail.aol.com (core-dac001.r1000.mail.aol.com [172.29.14.141])
by mtaomg-da01.r1000.mx.aol.com (OMAG/Core Interface) with ESMTP id EA529E000085;
Sun, 27 Mar 2011 00:12:30 -0400 (EDT)
To: xxx@xxx.com
Subject: Hello
X-MB-Message-Source: WebUI
X-AOL-IP: 182.52.68.102
X-MB-Message-Type: User
MIME-Version: 1.0
From: smurphygurl19@aol.com
Content-Type: text/plain; charset=”us-ascii”
X-Mailer: AOL Webmail 33456-STANDARD
Received: from 182.52.68.102 by webmail-m087.sysops.aol.com (64.12.224.201) with HTTP (WebMailUI); Sun, 27 Mar 2011 00:12:30 -0400
Message-Id: <8CDBA4C5359314F-4C0-1365F@webmail-m087.sysops.aol.com>
X-Originating-IP: [182.52.68.102]
Date: Sun, 27 Mar 2011 00:12:30 -0400 (EDT)
x-aol-global-disposition: S
X-SPAM-FLAG:YES
X-AOL-SCOLL-SCORE: 0:2:170288576:93952408
X-AOL-SCOLL-URL_COUNT: 0
X-AOL-REROUTE: YES
x-aol-sid: 3039ac1d33894d8eb92e7742
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by smtp.domain1.com id p2R4T2hi001413

http://cronos.mireene.com/23i42.html

The account for ‘smurphygurl19’ has been used repeatedly to send spam (almost 30 to a single account since last October from my count), yet AOL will not take action against the account and shut it down.  I noticed this in the header:

X-SPAM-FLAG:YES

Does that mean that AOL knows that the email is a spam and yet they’re still delivering it?!?  It would appear that way to me.

Intrust Domains (a.k.a Domain Match Makers) tries to sell domains it doesn’t own!

Dec 22

Posted by admin in Internet Service Provders, Spams and Scams | 3 Comments

I received a SPAM from Intrust Domains (apparently an ICANN Accredited Domain Registrar) today.  It’s bad enough that they are using the WHOIS database for commercial purposes (a use which is explicitly prohibited by ICANN), they were trying to sell me a domain they don’t even own!  Here’s the email:

Intrust Domains spamThe first thing you should notice is the use of a “throw away” domain (MASRECARGA.COM in this case) throughout the email – a CLASSIC SPAM TECHNIQUE.  By using “throw-away” domains like this, they hope that anti-spam tools won’t label the email as spam since these domains are usually fairly new.  Plus, it protects their primary domains (dnipremiumnames.com and intrustdomains.com) from complaints to their ISPs since the primary domains are not actually listed in the SPAM emails.

Secondly, the domain they are offering me happens to be in the “deletePending” state as reported by whois.internet.net.  At this point, only moniker.com has any control over the domain if anyone!  I don’t see any business link between Moniker and Intrust Domains.

Even the email headers show evidence of SPAM techniques, proving they know that their marketing practices are illegal:

Return-Path: <arthur@MASRECARGA.COM>
Received: from worldtaxpages.org (def.wtsuk.net [208.87.24.149])
	by xxxxx.xxx (8.14.4/8.14.4) with ESMTP id oBLD2Fg7014437
	for <domainadmin@xxxxx.xxx>; Tue, 21 Dec 2010 13:02:15 GMT
Received: from art.names.org (art.names.org [192.168.1.22])
  by def.wtsuk.net (8.14.3/8.14.3) with ESMTP id 338
   for <domainadmin@xxxxx.xxx>;
  Tue, 21 Dec 2010 07:46:59 -0500 (EST)
Date: Tue, 21 Dec 2010 04:46:59 -0800 (PST)
From: Arthur Simmons <arthur@MASRECARGA.COM>
To: "domainadmin@xxxxx.xxx" <domainadmin@xxxxx.xxx>
Message-ID: <20101221.1292935619499.67347241@def.wtsuk.net>
Subject: XXXXXXXXXXX.COM
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_Part_35689_32767277.1292935619497"
User-Agent: Thunderbird 2.0.0.23 (X11/20090825)
  1. They didn’t send the email from their own server/network (the ones associated with intrustdomains.com or dnipremiumnames.com, which are both apparently hosted in Panama?!?), again to avoid the complaints to their ISPs.
  2. The domain ‘wtsuk.net’ is owned by Intrust Domains.  Interesting to note that the several hosts I could find on that domain are on IP addresses all over the world (another good sign of a spammer).
  3. The HELO name doesn’t match the reverse lookup of the host delivering the email.  Typical spammer oversight.
  4. The second Received line seems to implicate another domain owner from Portugal (whether it’s forged or not).

I also found it odd that if you do a WHOIS on ‘dnipremiumnames.com’, their WHOIS server (since they are the registrar for their own domains) seems to intentionally block the request, yet all other requests for domains registered thru them works fine.

When you click on the link in the email, you’re redirected to their main site:

Intrust Domains

You’d think they had self-confidence issues with all the “Trust Guard” badges they had to buy to attempt to make their web site look legitimate!?

Trust?!?  I don’t think so!!  Spammers??  DEFINITELY!!!

I am SO TIRED of these ISPs who are too scared of their own shadows to do their job!

Jul 7

Posted by admin in Internet Service Provders | Comments off

What is up with the %&@#ing Internet Service Providers who are too damn afraid of the contents of an email that they refuse to accept attachments!?!  They’re so afraid of their own shadows that they can’t do their job!

A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

  support@wiredhub.net
    This message has been rejected because it has
    a potentially executable attachment "ForwardedMessage.eml"
    This form of attachment has been used by
    recent viruses or other malware.
    If you meant to send this file then please
    package it up as a zip file and resend it.

“Oh my god – there’s an email attached to this email – that email might contain something bad, so I better not open it!”

It’s bad enough this ISP can’t set up a few ‘abuse’ mailboxes without getting it wrong.  Now I’m supposed to take the original email, put it in a .ZIP file, then email them the .ZIP file instead!  You’d think that professional ISPs should be savvy enough to protect themselves from the contents of emails without placing extra burden on the people who are trying to help them?  What a bunch of BOZOS!

Verisign charges for WHOIS

Dec 17

Posted by admin in 800-Pound Gorillas, Internet Service Provders | Comments off

I needed to lookup the owner/registrar for a “.name” domain today.  I’ve never done that before.  It looks like Verisign manages the “.name” TLD, so I find their web page WHOIS for the “.name” TLD.  I entered the domain I needed to look up and got one of the more useless WHOIS responses I’ve ever seen.

Domain Name ID: 2960794DOMAIN-NAME
Domain Name: SERVER-LOGIN.NAME
Sponsoring Registrar ID: 20REGISTRAR-NAME
Sponsoring Registrar: Cronon AG Berlin, Niederlassung Regensburg
Domain Status: ok
Registrant ID: 2428378CONTACT-NAME
Admin ID: 2428378CONTACT-NAME
Tech ID: 2428378CONTACT-NAME
Billing ID: 2428378CONTACT-NAME
Name Server ID: 1344789HOST-NAME
Name Server: NS3.MG-PROVIDING.DE
Name Server ID: 1344790HOST-NAME
Name Server: NS4.MG-PROVIDING.DE
Created On: 2007-10-22T21:24:00Z
Expires On: 2010-10-22T21:24:00Z
Updated On: 2009-10-23T00:35:40Z

It proved that the domain was indeed registered, but provided no ownership or contact information.  Going back to the main WHOIS query page on https://whois.nic.name/ showed another option for a “detailed WHOIS query”.  The page says “For detailed Whois searches, which are subject to higher privacy protection than Summary and Standard, please initiate the query using the form below” and prompts for the domain name.  So I enter the domain name and get the following:

verisignchargesforwhois

Verisign is CHARGING for WHOIS!!  I couldn’t believe that Verisign would actually charge for one of the most basic services provided by domain registrars on the Internet.  Well, I do believe it since it is Verisign – why should I be surprised??

Aplus.net gets an D-Minus for Technical Support

Nov 23

Posted by admin in Internet Service Provders | Comments off

I tried to look up the owner of a domain this morning so I could notify them that their server had been hacked.  The standard tool for this is command-line WHOIS.  The registrar for the domain turned out to be ‘names4ever.com’, but when the utility tried to contact ‘whois.names4ever.com’, the connection repeatedly failed (indicating the WHOIS server was apparently down).  Taking it to the next logical step, I went to the registrar’s web site to try their web-based WHOIS, which gave me an incomplete WHOIS output (it didn’t have the contact names and/or email addresses).  I then attempted to contact the company directly to let them know their WHOIS server was down so they could fix it.  It turns out that ‘names4ever.com’ is owned by ‘Aplus.net’.  Their web site has a “Live Chat” feature, so I fired it up.  The people manning this Live Chat are rather clueless and clearly unable to read a simple question.  I started the chat with a question “Who do I report that your WHOIS server is broken to?”  Here’s the entire dialog I had with them (some names changed to protect the innocent):

Chat initiated with Aplus Live Technical Support on November 23, 2009 @ 9:00AM

You are now chatting with Julia

Julia: Hello, thank you for contacting Technical Support. Please wait one moment while I retrieve your account information.

John Q User: Why do you start off by assuming I have an account?? I don’t have an account with you.

Julia: Please specify your domain name

John Q User: names4ever.com

Julia: John please elaborate your issue. The names4ever.com like a Abacus America are Aplus.net Registrar identities

John Q User: What do you mean “…like a Abacus…”??

John Q User: Who do I report that your WHOIS server isn’t working to??

Julia: Can you specify your account number or domain name that is hosted with us?

Julia: I am trying to determined the issue with Registrar for your domain

John Q User: I am trying to retrieve the WHOIS information for the domain ‘GenericDomain.com‘.

Julia: One moment

<long delay>

John Q User: Yes???

Julia: The domain GenericDomain.com is set up with Registrar: ABACUS AMERICA. The full information is below.
Domain Name: GENERICDOMAIN.COM
Registrar: ABACUS AMERICA, INC. DBA NAMES4EVER
Whois Server: whois.names4ever.com
Referral URL: http://www.names4ever.com
Name Server: NS10.IXWEBHOSTING.COM
Name Server: NS9.IXWEBHOSTING.COM
Status: ok

Julia: Please elaborate your issue with domain GenericDomain.com

John Q User: I saw that. I need the owner’s email address.

John Q User: Plus, I need to report the problem with your WHOIS server – who do I report that to????

Julia: What is the issue with Whois server?

John Q User: It doesn’t work. When I issue the WHOIS command line utility, the connection with whois.names4ever.com fails.

John Q User: Don’t tell me to use the web site – that’s NOT the point.

Julia: Do you need transfer domain or set up new email address in Whois? Please elaborate

John Q User: Do you have anyone there who is NOT a moron???

John Q User: I need the email address of the domain owner!

Julia: Please hold on. I will return shortly

John Q User: ICANN regulations REQUIRE that the contact email address be maintained and made available by the domain’s registrar, which is ‘names4ever.com’.

<another long delay>

Terri H has joined the conversation.

Julia has left the conversation.

Terri H: hi

John Q User: Yes?

John Q User: Can you help me since Julia apparently couldn’t?

Terri H: sure, i’ll assist you. just a min while i check your domain

John Q User: IT’S NOT MY DOMAIN!!

Terri H: sorry

John Q User: Geez, you people are so single-minded!

Terri H: are you registered with aplus?

John Q User: Did you READ the previous dialog I had with Julia???

Terri H: yes i’m reading it now

<another long delay>

John Q User: The WHOIS server ‘whois.names4ever.com’ does not work. Who do I report that to so it can be fixed??? It’s not a hard question, is it??

Terri H: this account is with us, to update the whois, you can loginto your control pannel the url is :cp2.aplus.net

John Q User: Did I say ANYTHING ABOUT UPDATING THE WHOIS?!?!?!?

John Q User: No!

Terri H: enter your registration number which is AP3626928111

John Q User: You’re missing the point entirely!!

John Q User: Please read what I wrote!

John Q User: OK… I’ll type slowly…

John Q User: The WHOIS server ‘whois.names4ever.com’ does not work. Who do I report that to so it can be fixed??? It’s not a hard question, is it??

Terri H: then your password. if you don;t have the password, i can e-mail it to you i have your e-mail address as: bernd@maxnet.co.nz

John Q User: Are you on the same page as me yet, or are you continuing to ignore what I type??

Terri H: i’m letting you know how to fix it

John Q User: You don’t even understand what is broken!!

John Q User: I didn’t say anything about updating a domain, did I??

Terri H: you don’t go into the names4 ever, you can fix it through your control pannel

John Q User: I’m not trying to FIX a domain!!!

Terri H: no your information you told me is incorrect right?

John Q User: Will you PLEASE LISTEN???

John Q User: Are you ready to listen?? Or should I ask for a supervisor??

Terri H: go ahead

Terri H: i’m listening

John Q User: The WHOIS server ‘whois.names4ever.com’ does not work. Who do I report that to so it can be fixed??? It’s not a hard question, is it??

John Q User: Do you understand the question?

<another long delay>

John Q User: Hello?????

John Q User: Do you understand the question?

Terri H: sure i can update that information for you what do you want me to change?

John Q User: If not, please tell me which part is confusing you?

John Q User: Where in my question does it say anything about changing something?

John Q User: The primary question is this: “Who do I report that to so it can be fixed???”

John Q User: The PREMISE of the question is this: “The WHOIS server ‘whois.names4ever.com’ does not work.”

John Q User: OK… I’d like this session to be escalated to a supervisor or manager since you clearly don’t have a clue what I’m asking about, PLEASE.

<another long delay>

John Q User: Hello? Are you getting me a supervisor?

Terri H: if names4ever does not work, (and its not at this time) you can access your information through your control pannel.

John Q User: I DON’T HAVE A CONTROL PANEL!!! I AM NOT AN APLUS CUSTOMER!!!!

John Q User: Geez, can’t you understand that?!?!

John Q User: I am trying to report a service that your company is COMPELLED to make available based on ICANN regulations and agreements that is NOT WORKING AT THIS TIME!!!

Terri H: everyone that is registered through names4ever has an aplus account.

John Q User: I AM NOT REGISTERED THROUGH names4ever!

John Q User: I am NOT YOUR CUSTOMER!!!!

Terri H: than why are you trying to access the names4ever site?

John Q User: I am a 3rd party…

John Q User: To let you know your WHOIS server is down!

John Q User: Wouldn’t you want someone to tell you if your web site was down??

John Q User: Well, this is similar!!!

John Q User: I don’t have to be your customer to want to tell you your system is broken so you can fix it, do I?

John Q User: Got it yet?? Or am I still wasting my time???

<another long delay>

John Q User: You ARE supposed to be the TECHNICAL SUPPORT people, aren’t you? With that designation, I assumed you have some TECHNICAL qualifications??? Am I assuming too much???

Terri H: i’m with domain services.

John Q User: Good, then you should understand what the WHOIS service is and why people who are NOT your customers might want to access that information?

John Q User: You do understand that there are reasons a 3rd party might want to contact the owner of a domain, don’t you?

John Q User: If not, what do you think the WHOIS database is for??

<another long delay>

John Q User: Hello?

Terri H: what do you want me do do for you sir? there are many domain lookups,

John Q User: WHO DO I REPORT THE
PROBLEM TO?

John Q User: The WHOIS server is broken.

John Q User: WHO DO I REPORT THAT TO??

John Q User: Give me an email address please.

Terri H: support@cs.aplus.net

John Q User: See, now was that so hard???

<another long delay>

John Q User: Never mind…

You be the judge… I’ve wasted enough time with these people!

Domain Registry of America still up to their old tricks!

Aug 27

Posted by admin in Internet Service Provders | 1 Comment

Don’t you just hate it when you run across some person/company/government entity that thinks the rules just don’t apply to them?!?

Yesterday, I received a “Domain Name Expiration Notice” from the “Domain Renewal Group”.  It indicated that “As a courtesy to domain name holders, we are sending you this notification…” and asking me to renew one of my domains with them.  Thing is, THEY ARE NOT MY DOMAIN REGISTAR!  They never were (and they never will be!).  Here is a copy of the entire (sanitized) letter.

This skillfully crafted letter is written to lure domain owners away from their current registrar to renew their domain registration(s) with “Domain Renewal Group”.  With comments like “You must renew your domain name to retain exclusive rights to it on the Web” and vague threats like “Failure to renew your domain name by the expiration date may result in the loss of your online identity making it difficult for your customers and friends to locate you on the Web”, it gives the recipient a false sense of urgency that prompts them to just send the letter-that-looks-like-a-bill to their Accounts Payable department.  While the statements are factual, they are just words intended to coerce the domain owner to act in haste.

For the record, Domain Renewal Group is part of  the notorious “Domain Registry of America” (a.k.a. DROA).  Check out these search results to learn more about their antics over the years.  DROA has been using these deceptive letters for years, although they have been more careful to include a few lines stating that this is an offer to switch your domain registrar and this is not a bill.  And the back of the notice has so much fine print, it would give any lawyer a boner just seeing it!

Still, when an unsuspecting domain owner (person or small or large business) gets one of these notices, they don’t read every word – it looks like a bill, so they pay it.  This happened to my sister some years ago, and DROA was forced to transfer the domain registration back to our own registrar and refund her money!

I wonder why ICANN doesn’t seem to do anything about a domain registrar that has been using these deceptive practices for years?  I recognized the letter as a DROA scam the moment I saw it!

To top things off, DROA is using the WHOIS database as their own personal marketing list.  Here is (a sanitized copy of) my mailing address for the domain record:

Domain owner's address

Domain owner's address

Not only does DROA ignore that fact that my address includes the words “NO UNSOLICITED MAIL”, but ICANN has specific regulations that are supposed to prevent the use of WHOIS database records for marketing purposes!  It is so much more than obvious that DROA could not have gotten this domain’s ownership information anywhere else but the WHOIS database.

WHY DOES ICANN LET THEM GET AWAY WITH THIS CRAP?!?!?

P.S.  Did I mention how RIDICULOUS DROA’s PRICES ARE?!?  They want at least twice as much as any reputable domain registrar to simply register/renew domains.