nanog mailing list archives

Re: DoNotPay Spam?

From: Sabri Berisha <sabri () cluecentral net>
Date: Wed, 13 Jan 2021 16:28:11 -0800 (PST)

----- On Jan 13, 2021, at 2:22 PM, Bryan Fields Bryan () bryanfields net wrote:

Hi Bryan,

What you can do is when you notice these, email geeks@nanog with the full
email including headers immediately.  We can then cross check it against new
signups.  I wish there was a more scientific way to process it.


The first time I got it, I sent this to support () donotpay com:

I received this email in, what appears to be, reply to a post I made on NANOG.

Needless to say, I never signed up for this. I did not even know you existed.
Since you do add "support () donotpay com" in your email, I assume this is a
honest mistake, and you'll be happy that I'm contacting you and will be fixing
it immediately.

Obviously, further unsolicited emails will result in ... a different approach
taken.


A few days later, I got the same again, and contacted their hosting provider,
Mailgun (while CCing support () donotpay com), with the following:

I've received, multiple times, email such as below after posting to the North
American Network Operators Group (NANOG) email list. I've tried contacting
support () donotpay com (ticket #13202), but they seem oblivious to the issue
and asked me to unsubscribe.

Please educate your customer. Alternatively, I will contact Amazon, who seem
to advertise your IP space.

161.38.200.0/22    *[BGP/170] 00:51:18, localpref 150
                       AS path: 53356 60011 3356 16509 I, validation-state: unverified
                     > to 195.16.87.249 via ge-0/0/6.0

Headers are as follows:


[snip]

I did not even get a reply on that. So, as promised, the third time I was
spammed, I took the liberty of contacting AWS. They responded with:

This is a follow up regarding the abusive content or activity report that you
submitted to AWS. We have investigated this report, and have taken steps to
mitigate the reported abusive content or activity.


But of course, nothing changed.

This goes a lot further than someone accidentally subscribing. So, it seems
that there are few options other than to simply block mail from that /22. 

Thanks,

Sabri

Current thread:

Re: DoNotPay Spam?, (continued)
- Re: DoNotPay Spam? Michael Thomas (Jan 13)
- Re: DoNotPay Spam? Mike Hammett (Jan 13)
  - Re: DoNotPay Spam? Brielle (Jan 13)
  - Re: DoNotPay Spam? Mel Beckman (Jan 13)
    - Re: DoNotPay Spam? Mel Beckman (Jan 13)
    - Re: DoNotPay Spam? J. Hellenthal via NANOG (Jan 13)
    - Re: DoNotPay Spam? Mel Beckman (Jan 14)
    - Re: DoNotPay Spam? Robert Webb (Jan 14)
- AWS Hosts spammers Re: DoNotPay Spam? Sabri Berisha (Jan 13)
- Re: DoNotPay Spam? Bryan Fields (Jan 13)
  - Re: DoNotPay Spam? Sabri Berisha (Jan 13)
    - Re: DoNotPay Spam? Ben Cannon (Jan 13)
- Re: DoNotPay Spam? Rich Kulawiec (Jan 13)