DoNotPay Spam?

Ben Cannon ben at 6by7.net
Thu Jan 14 01:01:08 UTC 2021


FYI geek team I received it too.

Ms. Lady Benjamin PD Cannon, ASCE
6x7 Networks & 6x7 Telecom, LLC 
CEO 
ben at 6by7.net
"The only fully end-to-end encrypted global telecommunications company in the world.”

FCC License KJ6FJJ

Sent from my iPhone via RFC1149.

> On Jan 13, 2021, at 4:28 PM, Sabri Berisha <sabri at cluecentral.net> wrote:
> 
> ----- On Jan 13, 2021, at 2:22 PM, Bryan Fields Bryan at bryanfields.net wrote:
> 
> Hi Bryan,
> 
>> What you can do is when you notice these, email geeks at nanog with the full
>> email including headers immediately.  We can then cross check it against new
>> signups.  I wish there was a more scientific way to process it.
> 
> The first time I got it, I sent this to support at donotpay.com:
> 
>> I received this email in, what appears to be, reply to a post I made on NANOG.
> 
>> Needless to say, I never signed up for this. I did not even know you existed.
>> Since you do add "support at donotpay.com" in your email, I assume this is a
>> honest mistake, and you'll be happy that I'm contacting you and will be fixing
>> it immediately.
> 
>> Obviously, further unsolicited emails will result in ... a different approach
>> taken.
> 
> A few days later, I got the same again, and contacted their hosting provider,
> Mailgun (while CCing support at donotpay.com), with the following:
> 
>> I've received, multiple times, email such as below after posting to the North
>> American Network Operators Group (NANOG) email list. I've tried contacting
>> support at donotpay.com (ticket #13202), but they seem oblivious to the issue
>> and asked me to unsubscribe.
> 
>> Please educate your customer. Alternatively, I will contact Amazon, who seem
>> to advertise your IP space.
> 
>> 161.38.200.0/22    *[BGP/170] 00:51:18, localpref 150
>>                       AS path: 53356 60011 3356 16509 I, validation-state: unverified
>>> to 195.16.87.249 via ge-0/0/6.0
> 
>> Headers are as follows:
> 
> [snip]
> 
> I did not even get a reply on that. So, as promised, the third time I was
> spammed, I took the liberty of contacting AWS. They responded with:
> 
>> This is a follow up regarding the abusive content or activity report that you
>> submitted to AWS. We have investigated this report, and have taken steps to
>> mitigate the reported abusive content or activity.
> 
> But of course, nothing changed.
> 
> This goes a lot further than someone accidentally subscribing. So, it seems
> that there are few options other than to simply block mail from that /22. 
> 
> Thanks,
> 
> Sabri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20210113/3c833ae1/attachment.html>


More information about the NANOG mailing list