Spamless inbox == Utopia??

kannanmr on February 16th, 2008

I get only spam in my JumbledThoughts inbox nowadays. My wife never misses to make fun of this; Though it is irritating (getting spam, not my wife’s jabs!), I have learnt to live with that, like all the other netizens. Daily my mail client downloads close to 50 mails, 40 out of which tell me why I should buy viagra or how to become the next richest man in the world (Have you ever wondered why the person who sent that didn’t become richer using his *own* technique??). After being spammed for 10 years now, I have kinda become an expert in weeding out the unwanted mails. But, amongst all the usual crap, the following mail caught my eye some days back.

Dear Sir/Madam,I am Mr. G. Bertino, STMicroelectronics Company. GENEVA
SWITZERLAND.Our company deals on the importation and
exportation.

Such as we mainly manufacture & export all kinds of micro and
electronics,who has it worldwide headquater s in GENEVA
SWITZERLAND.

My company is currently recruiting Representatives/Agents
that will assist us with some logistics jobs as well asreceiving
payments on our behalf and remitting back to us.Please contact
us for more information if you are interested in being an agent
of my company. You will be given more information about the job
and your remuneration.

I expect your favorable response.

Regards,
Mr. G. Bertino
STMicroelectronics Company
website: http://www.st.com/stonline/

Why?? Because, I used to work for ST Microelectronics (Noida) & this is the first spam mail I get with ST mentioned in it. So, I took a peek in to the headers (naturally!).

Received: from leopard.it.wsu.edu [134.121.1.32] by mx252n.mysite4now.com with SMTP;
Thu, 14 Feb 2008 13:25:22 -0800
Received: from www.mail.wsu.edu (joy.it.wsu.edu [134.121.1.113])
by leopard.it.wsu.edu (8.12.11.20060308/8.12.11) with SMTP id m1CK6ftB025744;
Tue, 12 Feb 2008 12:06:41 -0800
Received: from 41.204.226.111
(SquirrelMail authenticated user jrmcmahan)
by www.mail.wsu.edu with HTTP;
Tue, 12 Feb 2008 20:07:16 -0000 (GMT)
Message-ID: <11401.41.204.226.111.1202846836.squirrel@www.mail.wsu.edu>
Date: Tue, 12 Feb 2008 20:07:16 -0000 (GMT)
Subject:
From: “STMicroelectronics Company” <info@st.com>
Reply-To: stmec01@yahoo.es
User-Agent: SquirrelMail/1.4.0
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
X-Virus-Scanned: by amavisd-milter (http://amavis.org/)
X-Rcpt-To: <kannan.ramanathan@jumbledthoughts.com>
X-SmarterMail-Spam: SPF_None, Surriel.com

See the “From IP” (41.204.226.111)?? It is from Nigeria. Quick look up turned up this :

41.204.226.111 is from Nigeria(NG) in region Africa

query for 41.204.226.111

OrgName:    African Network Information Center

OrgID:      AFRINIC

Address:    03B3 - 3rd Floor - Ebene Cyber Tower

Address:    Cyber City

Address:    Ebene

Address:    Mauritius

City:       Ebene

StateProv:

PostalCode: 0001

Country:    MU
ReferralServer: whois://whois.afrinic.net

NetRange:   41.0.0.0 - 41.255.255.255CIDR:       41.0.0.0/8

NetName:    NET41

NetHandle:  NET-41-0-0-0-1

Parent:

NetType:    Allocated to AfriNIC

NameServer: NS1.AFRINIC.NET

NameServer: NS-SEC.RIPE.NET

NameServer: NS.LACNIC.NET

NameServer: TINNIE.ARIN.NET

Comment:

RegDate:    2005-04-12

Updated:    2005-07-12


OrgAbuseHandle: GENER11-ARIN

OrgAbuseName:   Generic POC

OrgAbusePhone:  +230 4666616

OrgAbuseEmail:  abusepoc@afrinic.net


OrgTechHandle: GENER11-ARIN

OrgTechName:   Generic POC

OrgTechPhone:  +230 4666616

OrgTechEmail:  abusepoc@afrinic.net


# ARIN WHOIS database, last updated 2008-02-15 19:10

# Enter ? for additional hints on searching ARIN’s WHOIS database.

Results returned from whois.afrinic.net:

% This is the AfriNIC Whois server.

% Note: this output has been filtered.

% Information related to ‘41.204.224.0 - 41.204.227.255′

inetnum:        41.204.224.0 - 41.204.227.255
netname:        DIRECTONPC-Wireless-ISP-NETBLK
descr:          Dynamic IP pools for Direct on PC Ltd
descr:          Fixed wireless broadband
descr:          wireless Internet services for Abuja and PH.
country:        NG
admin-c:        IP1-AFRINIC
tech-c:         IP1-AFRINIC
status:         ASSIGNED PA
mnt-by:         DOPCNG-MNT
mnt-lower:      DOPCNG-MNT
source:         AFRINIC # 
Filteredparent:         41.204.224.0 - 41.204.255.255
person:         IP Administrator
address:        Direct-on-PC Limited
address:        Plot B, Block 1
address:        Illupeju Industrial avenue
address:        Illupeju
address:        Lagos
address:        Nigeria
address:        NG
phone:          +234-1-2701700
fax-no:         +234-1-2713554
e-mail:         hostmaster@directonpc.com
org:            ORG-DOP1-AFRINIC
nic-hdl:        IP1-AFRINIC
mnt-by:         DOPCNG-MNT
source:         AFRINIC # Filtered

The user name jrmcmahan is quite common in spam mails (remember 419 scam?), and is a blacklisted one in many servers.

I guess, spamming (mass mailing) has become a big profession in Nigeria and other African countries. Though IT is well developed in India and Indians don’t just have to depend on spamming, I know of atleast one full time spammer in India who earns like 10x of what I make through my day job :) BTW, there is a spam fan site & a collection of more scam than you can read here.

Computers, Technology, dumb Add to del.icio.us  Digg This Subscribe to RSS feed

Random Posts:

2 Responses to “Spamless inbox == Utopia??”

  1. Well thats an interesting find… I never thought of tracing the ip information of the spam mails…

    I never thought its really from African countries !!! :P

  2. Yup, Nigera/other African countries have still a long way to go though, when compared to US and China.

    check this for some amazing statisitics - http://spam-filter-review.topt.....stics.html

Trackbacks/Pingbacks

Leave a Reply

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>