CalPOP contact? HTTP CONNECT scanning]

• Previous message (by thread): Don't forget about physical security - Australia
• Next message (by thread): CalPOP contact? HTTP CONNECT scanning]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----

[This message apparently was sent off list, but I think it is in everybodies
interrest to know how the apparent owner/CEO/CTO whatever thinks about this,
and possibly enlightening everybody where we do have to send abuse complaints.]

lynn [mailto:lynn at calpop.com] wrote:

> CalPOP has a vigorus anti-spam policy and
> terminates any customers that are found to be spamming. 
> CalPOP has a ZERO TOLERANCE for spam and any abuse complaints should be sent to
> support at calpop.com where they will be handled very quickly.

216.240.140.204 - - [03/Sep/2003:06:27:15 +0200] "CONNECT 65.54.253.99:25 HTTP/1.0" 200 2366 "-" "-"
216.240.140.204 - - [03/Sep/2003:06:27:17 +0200] "CONNECT 65.54.167.5:25 HTTP/1.0" 200 2366 "-" "-"
216.240.140.204 - - [03/Sep/2003:06:27:19 +0200] "CONNECT 65.54.253.230:25 HTTP/1.0" 200 2366 "-" "-"
216.240.140.204 - - [03/Sep/2003:06:27:20 +0200] "CONNECT 65.54.167.230:25 HTTP/1.0" 200 2366 "-" "-"
216.240.140.204 - - [03/Sep/2003:06:27:22 +0200] "CONNECT 65.54.254.151:25 HTTP/1.0" 200 2366 "-" "-"

And see the beginning of the thread for more stuff and older dates.
See: http://www.merit.edu/mail.archives/nanog/msg13312.html
Let's lookup those IP's in whois:

8<------------------------------------------
jeroen at purgatory:~$ date
Sat Sep  6 12:23:47 CEST 2003
jeroen at purgatory:~$ whois 216.240.140.204 

OrgName:    WebVision/ATMLINK Inc.
OrgID:      ATML
Address:    3250 Wilshire Blvd.
Address:    Suite 1405
City:       Los Angeles
StateProv:  CA
PostalCode: 90010
Country:    US

NetRange:   216.240.128.0 - 216.240.159.255
CIDR:       216.240.128.0/19
NetName:    CALPOP-COMMUNICATIONS
NetHandle:  NET-216-240-128-0-1
Parent:     NET-216-0-0-0-0
NetType:    Direct Allocation
NameServer: NS1.CALPOP.COM
NameServer: NS2.CALPOP.COM
Comment:    CalPOP Communications
RegDate:    1999-09-22
Updated:    2003-01-11

TechHandle: BSB-ARIN
TechName:   Bacsa, Sam Samuel
TechPhone:  +1-714-330-9227
TechEmail:  sam at calpop.com

OrgAbuseHandle: CALPO-ARIN
OrgAbuseName:   CalPOP Abuse
OrgAbusePhone:  +1-213-351-1355
OrgAbuseEmail:  abuse at calpop.com

OrgNOCHandle: CNO4-ARIN
OrgNOCName:   CalPOP Network Operations
OrgNOCPhone:  +1-213-351-1355
OrgNOCEmail:  noc at calpop.com

OrgTechHandle: BSB-ARIN
OrgTechName:   Bacsa, Sam Samuel
OrgTechPhone:  +1-714-330-9227
OrgTechEmail:  sam at calpop.com

# ARIN WHOIS database, last updated 2003-09-05 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.
- --------------------------------->8

Let me see... support at calpop.com... I don't see no support at calpop.com
but I do see an abuse at calpop.com.. hmm so the "CEO" of this "company"
doesn't even know where abuse is sent to?
And they apparently don't handle abuse sent to the abuse address.

> The idea that CalPOP is "knowingly facilitating this 
> behaviour" is simply not true.

Then why don't you fix your customers and reply to abuse reports.
Even having a ticket tracking system with an auto reply containing
the wording that you are going to work at it and a pointer to
your AUP, which you apparently don't have:

http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off&q=AUP+site%3Acalpop.com
http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off&q=Use+Policy+site%3Acalpop.com

Turn up 0 records, oh and:

http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off&q=abuse+site%3Acalpop.com
http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off&q=spam+site%3Acalpop.com

Don't return anything either.

http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off&q=spam+calpop.com

On the other hand show a LOT of spamming complaints.

Thus dear "Lynn" go fix your network.

Apparently you do want to do it as you did want to reply to the
message, thus I sincerely hope you do so.

> For the record, Patrick Greenwell  never worked for CalPOP.com, Inc. -
> although he did work for AirlineReservations.Com, Inc. for a VERY 
> short time when AirlineReservations.Com, Inc. owned CalPOP and was
> under different management.

Thus you worked for him, perfect :)

> CalPOP has over 1,000 servers at it's Downtown Los Angeles 
> facility alone and is growing very fast and, of course, termination of 
> spammers is largely complaint driven- after all, there is such a thing as an 
> opt-in list - and there are various liability reasons and "common carrier" laws 
> which prevent CalPOP from prying into the servers of its customers to see 
> what they are doing .

Good advertisement, thus you have 1000 spamming boxes?

> CalPOP's Los Angeles data Center at Carrier Center 600 
> W. 7th - a facility in which Patrick Greenwell has never been in so 
> obviously allot has changed.

Why should he be going there if you just said that you can't pry
into those servers anyways?

> Patrick is a great and very knowledgable guy and I am 
> surprised to find him saying bad things about a network that he
> was supposedly in charge of.

Oh, so suddenly he DID manage it, quite odd that you say that he
didn't just a few lines up.

> Anyway,  send any complaints, IF ANY, our way and we will handle them
> accordingly.

Fix your whois records, people all around the world don't even want
to know about your operation in the spamming business.
Also there is quite an apparent proof, see the other list managers
that you really don't give a cents worth about anything related to
being something in handling abuse and making you a good netizen.

> Lynn Hoover
> CalPOP.com, Inc.
> 213-627-1937
> support at calpop.com

Where can that address be found in whois again?

> ----- Original Message ----- 
> From: "Jeff S Wheeler" <jsw at five-elements.com>
> To: <lynn at calpop.com>; <ross at calpop.com>
> Sent: Thursday, September 04, 2003 7:31 PM
> Subject: [Fwd: Re: CalPOP contact? HTTP CONNECT scanning]
> 
> 
> > Dear Sirs:
> >
> > I thought you should read what is being said about your 
> organization on
> > the NANOG (North American Network Operators Group) mailing 
> list by an
> > individual who claims to have been in your employ. I 
> imagine you will
> > have an enforcable NDA with said individual.

Oh god NDA's... SUE SUE SUE SUE SUE!!!!

We are in the US again :)

<grin>

Greets,
 Jeroen

-----BEGIN PGP SIGNATURE-----
Version: Unfix PGP for Outlook Alpha 13 Int.
Comment: Jeroen Massar / jeroen at unfix.org / http://unfix.org/~jeroen/

iQA/AwUBP1m5kCmqKFIzPnwjEQIu1QCfYPls1CyfHxVV4tUwMPT7ON/BdeIAnA5i
W+6/G/7Vp1eEE3SwTXIkMiBT
=fPI5
-----END PGP SIGNATURE-----

• Previous message (by thread): Don't forget about physical security - Australia
• Next message (by thread): CalPOP contact? HTTP CONNECT scanning]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]