DoNotPay Spam?
Sabri Berisha
sabri at cluecentral.net
Thu Jan 14 00:28:11 UTC 2021
----- On Jan 13, 2021, at 2:22 PM, Bryan Fields Bryan at bryanfields.net wrote:
Hi Bryan,
> What you can do is when you notice these, email geeks at nanog with the full
> email including headers immediately. We can then cross check it against new
> signups. I wish there was a more scientific way to process it.
The first time I got it, I sent this to support at donotpay.com:
> I received this email in, what appears to be, reply to a post I made on NANOG.
> Needless to say, I never signed up for this. I did not even know you existed.
> Since you do add "support at donotpay.com" in your email, I assume this is a
> honest mistake, and you'll be happy that I'm contacting you and will be fixing
> it immediately.
> Obviously, further unsolicited emails will result in ... a different approach
> taken.
A few days later, I got the same again, and contacted their hosting provider,
Mailgun (while CCing support at donotpay.com), with the following:
> I've received, multiple times, email such as below after posting to the North
> American Network Operators Group (NANOG) email list. I've tried contacting
> support at donotpay.com (ticket #13202), but they seem oblivious to the issue
> and asked me to unsubscribe.
> Please educate your customer. Alternatively, I will contact Amazon, who seem
> to advertise your IP space.
> 161.38.200.0/22 *[BGP/170] 00:51:18, localpref 150
> AS path: 53356 60011 3356 16509 I, validation-state: unverified
> > to 195.16.87.249 via ge-0/0/6.0
> Headers are as follows:
[snip]
I did not even get a reply on that. So, as promised, the third time I was
spammed, I took the liberty of contacting AWS. They responded with:
> This is a follow up regarding the abusive content or activity report that you
> submitted to AWS. We have investigated this report, and have taken steps to
> mitigate the reported abusive content or activity.
But of course, nothing changed.
This goes a lot further than someone accidentally subscribing. So, it seems
that there are few options other than to simply block mail from that /22.
Thanks,
Sabri
More information about the NANOG
mailing list