On Tuesday, August 17, 2004, 10:31:08 PM, William Stearns wrote:
On Wed, 18 Aug 2004, Joe Wein wrote:
The following 2 URIs (and possibly a third) are FP's:
i-say-MUNGED.com Surveynetworks-MUNGED.com
And possibly Itracks-MUNGED.com
i-say-MUNGED is the IPSOS survey site, and seems legit, and surveynetworks-MUNGED Is a collection of them.
On March 7, 2004 I received spam from hardcore spammer DQ Media (email address OnlineSweepstakes@MUNGEDdq09.net) which advertised MUNGEDsurveynetworks.com as the only company mentioned in the spam other than DQ Media itself:
<td class="style4"><div align="center"><font size="-2" face="Verdana,Arial, Helvetica, sans-serif">To remove yourself from future Survey Network's mailings please click <a href="http://www.MUNGEDsurveynetworks.com/s.cfm?poo=1&ref=8602">here</a> </font></div></td>
That's how they got listed by me.
Me too.
First, I don't dispute that you received these spams. But, the question is: does this domain have any legitimate use? If so then we probably should not list them since we want to avoid false positives.
I've taken venteinc off the whitelist, but am leaving surveynetworks on it because:
1. clueless mailers are not the same degree of badness as the hard core criminal spammer.
2. They probably are not stealing zombied services and should therefore be easily blocked by conventional sender RBLs. Since their name server is already in SBL, uridnsbl and other name server resolving URL scanners would block them based on that.
3. They are probably not doing the same volume of mail as the hard core spammers.
4. They are probably subject to ISP AUPs since they're hosted in North America.
etc.
However if it can be proven that they ONLY EVER do spam, i.e. never do any legitimate mail, then I'm willing to let them be blocked.
Larry, Can you forward some headers for the surveynetworks message? I'd like to see if their sending servers are already listed in RBLs.
Jeff C.