[SpamCop-List] Re: 123-reg.co.uk, hosteurope.com, webfusion.co.uk is Blackhat

Mon Aug 9 08:07:24 EDT 2004

"Sean W" <nobody at devnull.spamcop.net> wrote in message
news:cf6l4e$g23$1 at news.spamcop.net...
> Robert Slade wrote:
>
> > In other words, 123-reg.co.uk, hosteurope.com, webfusion.co.uk are not
> > blackhat, merely doing what they are supposed to do.
> >
> [Nearly missed this one]
>
> HostEurope/123reg.
>
> 202 sightings:
>
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&newwindow=1&safe=off&c2coff=1&q=hosteurope.com&btnG=Search&meta=group%3Dnews.admin.net-abuse.sightings
> http://tinyurl.com/49vn5
>
> I got spammed about Pipex taking over hosteurope, even though I had no
> relationship with either.
> I was a (do not email me) registered member of 123's website but not a
> 'customer' nor had I agreed to receiving email (and had my account
> preferences set accordingly).
> I kindly informed them that not only had they bought a known spamhaus
> but a tainted list and asked why they thought they had the right to spam
me.
> No response to most of the questions.
>
> A support person replied:
>
> "Thank you for your email, upon investigation it appears that you have
> an account with www.123-reg.co.uk which is a HostEurope company. I have
> removed your email address from the list, if you receive anymore please
> let us know. We do not use opt in mail lists and as a hosting company
> understand all to well the implications of UCE. I apologise for any
> inconvenience this may have caused."
>
> ^^^ Note 'we do not use opt in email lists' (in other words the UCE I
> received was spam and they didn't dispute).
> Says a lot in itself.
> Does anyone else view the above quoted paragraph the same way as I?
> Remember this spam was received 26/06/04 (well past the UK opt in spam
> laws/limp lettuce leaf start period).
> They removed my name from their list, but they do not use opt in emails
> lists....
>
> 123reg - sightings 473:
>
>
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&newwindow=1&safe=off&c2coff=1&q=123-reg.co.uk&btnG=Search&meta=group%3Dnews.admin.net-abuse.sightings
> http://tinyurl.com/5sxof
>
> I checked my account status, didn't have a checkbox for 'takeover spam',
> but did have 'no email' which was checked.
>
> Uh,  if it smells like spam and talks like spam....
>
> -- 
> Sean

Sean,

Looking at the samples in sightings etc, I see that they fall into 2
categories:

1. Where 123-reg did not originate the mail, did what they should do, ie
relay for the domain it is being sent to. It is part of their service, most
appear to fall into this group, and should not be listed. They have no
control over this, it is the same as blaming hotmail servers for originating
spam sent to a hotmail account., from a non hotmail source.

2. Where the site being spamvertised is hosted by hosteurope where the owner
of the domain is at fault. Clearly here hosteroupe or Webfusion should be
taking action as spamming is against their AUP. This maybe difficult as the
domain maybe a non UK one and the UK law may not apply and a non UK one may
allow UCE ie the CANSPAM act.

I got one of those change of ownership e-mails too, even though I had
checked the do not e-mail me box. However, it was not really spam as it told
me that hey were changing the domain registration details were being changed
to pipex.

In the original post, the poster was complaining that he was getting spam
from 123-reg, but they were supposed to be relaying mail for the domain he
was using, in other words he was blaming his own mail server because he had
not setup his mailhosts in SC.

Rob