This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] Reporting email abuse
- Previous message (by thread): [anti-abuse-wg] Reporting email abuse
- Next message (by thread): [anti-abuse-wg] Invalid abuse contact - reported to RIPE
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Michele Neylon :: Blacknight
michele at blacknight.ie
Mon Dec 14 13:26:27 CET 2009
Whose IP? Use whois properly please: whois IPADDRESS -h whois.ripe.net On 14 Dec 2009, at 11:02, Choice Hosting Support wrote: > Hello Support > > Our hosting servers seem to be receiving bank phishing spam mail from one of your IP addresses. Could you please look into this? > > We have included the headers of one of these mails below. > > > > If you have any questions, please feel free to contact us. > > Kind Regards > > Stephen Waters > www.ChoiceHosting.co.za > > Tel. 0878 058 729 > Email: support at choicehosting.co.za > > > Return-path: <internet at absa.co.za> > Envelope-to: support at choicehosting.co.za > Delivery-date: Mon, 14 Dec 2009 07:16:33 +0200 > Received: from mx.bsslaw.net ([194.154.196.196]) > by host.choiceserver1.com with esmtp (Exim 4.69) > (envelope-from <internet at absa.co.za>) > id 1NK3IK-0007rG-Fv > for support at choicehosting.co.za; Mon, 14 Dec 2009 07:16:29 +0200 > Received: from MAIL-SERVER.BSSLAW.local (Not Verified[192.168.10.1]) by mx.bsslaw.net with MailMarshal (v6,7,2,8378) > id <B4b25ca050000>; Mon, 14 Dec 2009 06:15:49 +0100 > Received: from User ([41.28.112.10]) by MAIL-SERVER.BSSLAW.local with Microsoft SMTPSVC(6.0.3790.3959); > Mon, 14 Dec 2009 06:15:48 +0100 > From: "ABSA ONLINE"<internet at absa.co.za> > Subject: {Spam?} {Disarmed} ACCOUNT NOTIFICATION > Date: Mon, 14 Dec 2009 05:16:12 -0000 > MIME-Version: 1.0 > Content-Type: text/html; > charset="Windows-1251" > Content-Transfer-Encoding: 7bit > X-Priority: 3 > X-MSMail-Priority: Normal > X-Mailer: Microsoft Outlook Express 6.00.2600.0000 > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 > Bcc: > Message-ID: <NODE01PXCFbN4TZyabY000001c6 at MAIL-SERVER.BSSLAW.local> > X-OriginalArrivalTime: 14 Dec 2009 05:15:48.0833 (UTC) FILETIME=[7F60F510:01CA7C7C] > X-Choicehosting-MailScanner-Information: Please contact the ISP for more information > X-Choicehosting-MailScanner-ID: 1NK3IK-0007rG-Fv > X-Choicehosting-MailScanner: Found to be clean > X-Choicehosting-MailScanner-SpamCheck: spam, SpamAssassin (not cached, > score=11.434, required 5, FORGED_MUA_OUTLOOK 4.20, > FORGED_OUTLOOK_HTML 0.00, FORGED_OUTLOOK_TAGS 0.00, > HTML_IMAGE_ONLY_28 1.52, HTML_MESSAGE 0.00, MIME_HTML_ONLY 1.67, > MISSING_HEADERS 1.58, SPF_SOFTFAIL 0.65, SUBJ_ALL_CAPS 1.81) > X-Choicehosting-MailScanner-SpamScore: sssssssssss > X-Choicehosting-MailScanner-From: internet at absa.co.za > > > -----Original Message----- > From: ABSA ONLINE [mailto:internet at absa.co.za] > Sent: 14 December 2009 07:16 > Subject: {Spam?} {Disarmed} ACCOUNT NOTIFICATION > > Absa Bank Group<http://www.absa.co.za/absacoza/images/homepage/logo_btm.gif> function checkForm() { var valid = false; if (document.form01.sq.value == '') { alert("Please type the word(s) you wish to search for."); } else { valid = true; } return valid; } > > INTRODUCING: Absa New Secure Server > > We have been warning customers to upgrade to our new server. Fraudsters have devised a new method of defrauding customers. With this new fraud scheme they use the traditional method of identity theft (phishing), Hacking into customers online banking, to avoid phishing and identity theft we advice you login to our secure server > > > Go straight to your Absa for procedures to follow: > > Click Here to continue <http://marionlodge.sproductions.co.za/catalog/pub/get_ready/absa.htm> > Absa Bank will not be responsible for loss of funds to hackers as a result of failure to comply with this important new directives. We are committed to serving you better. Bank and stay safe online.Security Management > Absa Bank Group > > Please do not reply to this e-mail. Mail sent to this address cannot be answered. > For assistance, log in to your absa Online account and choose the "Help" link on any page. > > absa bank Email ID # 1009 > > Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ http://mneylon.tel Intl. +353 (0) 59 9183072 US: 213-233-1612 UK: 0844 484 9361 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
- Previous message (by thread): [anti-abuse-wg] Reporting email abuse
- Next message (by thread): [anti-abuse-wg] Invalid abuse contact - reported to RIPE
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]