Are you looking for my non-technical blog?

This is now my technical-only blog, my non-technical blog is here.

05 January 2007

Farida, Walaa, Rabab, and Dalia Go to Hell

Seems that the Egyptian companies have decided to enter the spamming game. Everyday I receive mails from people with Arabic names - Farida, Walaa, Manal, etc. - with spam contents. They almost have the same content, it's about Seminars and Courses, and the Mail subject looks like this, "(Cairo) January 13 - 18 , 2007".

Those bastards decided not to write a single word in their Emails, just banners and images in order to deceive the Anti-Spam softwares.

Here you are my revenge. I'll write the mails of the companies they are doing advertisements to here, and let the other spammers kick their ass!

info@settecltd.com

If you get any of these nasty spam, please allow me to add their email addresses here too :)

By the way, Cisco has decided to acquire IronPort for $830M. IronPort is a leading provider of messaging security appliances, focusing on enterprise spam and spyware protection.

Update: Mahmoud Kassem has some useful info about SETTEC-Spam.

Tags: , ,

9 comments:

  1. Hehehe! That's mean :))))) !
    Speaking of spam and being mean, take a look at this

    ReplyDelete
  2. They are improving their ways but still they are very easy to catch.

    Just use a rule/filter to send emails which contain: Unsubscribe.asp?Email= to the junk folder and set them as junk.

    They are hosted by Raya Telecom. But Raya does not care.

    Check this post for more information:
    http://www.mahmoudkassem.com/myblog/egypt/spam/settec

    ReplyDelete
  3. I've been doing the same for over a year now; collecting spammers' email addresses in a text file and linking to it in my blog's footer. A list of exclusively Egyptian and Arab companies.

    I'm not really convinced this will make a big difference, but I do it for sweet revenge :)

    Actually, I haven't heard from some of the addresses in the list ever again >)

    Let's make a centralised Arab spammers list with a mechanism for reporting addresses and link to it widely. Just for the disgrace. Let's accompany the addresses with the names of the companies as well.

    ReplyDelete
  4. @DB, they started it, eye for an eye:)

    @JP, right!

    @Mahmoud, thanks a lot for the useful info

    @Aleph, nice idea, we can also contact legal bodies and ask them to ban/punish those nasty smappers

    ReplyDelete
  5. I have no idea how can we force Raya to take it off legally. But we can show to the community how bad Raya and SETTEC are.

    ReplyDelete
  6. @Mahmoud, By the way, with respect to your latest post, DNS's are not supposed to be restricted to their ISP clients only.

    ReplyDelete
  7. @Tarek
    What's your point of opening recursive lookups for the whole world?

    ISP DNS should be restrictive to do recursive lookups for their own customers only to save the load and prevent outside attacks. More information what is
    Recursive lookup

    See the load of doing recursive lookups?

    Restricted recursive lookups means:
    ns1.link.net should reply for records of link.net. when asked from outside its network because it is an authorized NS for link.net but not go and look for google.com. A records if it does not have the answer already and the request is from outside its network.

    try these commands to understand what I mean:

    nslookup google.com. ns1.yallaonline.com.
    nslookup mahmoudkassem.com. ns1.yallaonline.com.

    yallaonline NS will reply with google.com A records but when the ROOT NS when asked about mahmoudkassem.com

    Why? because it does not do recursive lookup. Google.com records are cached and that's why it replied. because someone asked for google.com from inside yallaonline recently but no one asked for mahmoudkassem.com from inside yallaonline recently :(((

    More details about link.net DNS:
    http://www.dnsreport.com/tools/dnsreport.ch?domain=link.net

    According to dnsreport.com, yalla.com and tedata.net are not open
    http://www.dnsreport.com/tools/dnsreport.ch?domain=tedata.net
    http://www.dnsreport.com/tools/dnsreport.ch?domain=yalla.com

    This means they are a little more safer and not doing a job they were not paid to do :D

    - if Yalla NS replied with my domain A records then someone authorized asked for it (I tried it from posting it here)

    I hope this helps.

    ReplyDelete