[ih] No, really, I want to stay subscribed
touch at isi.edu
Tue Aug 23 22:10:49 PDT 2016
On 8/23/2016 10:03 PM, Miles Fidelman wrote:
> Come to think of it, perhaps you might check the subscriber list for
> anything that looks like:
> smtp01.vaderetro-safeunsubscribe.com [126.96.36.199]
I already checked and there is no such member (nobody with even a
portion of that name).
> and remove it!
> Now, if some subscriber is automatically vectoring messages through
> some kind of unsubscription service, finding that subscriber might be
> just a tad harder.
> Unfortunately, there is no web site at vaderetro-safeunsubscribe.com
> (well, it comes back as 403 Forbidden)
If we have evidence from at least one other subscriber that this
organization is responsible, I will contact them to see what's up.
(can anyone else who is receiving these messages send the entire
message, headers intact please?)
> The whois shows this as owned by some French company that offers yet
> another email security program - one that obviously makes things worse
> for the world. Perhaps you might drop them an email - see if anyone
> responds. Seems like their system is attacking the list.
> Domain Name: vaderetro-safeunsubscribe.com
> Registry Domain ID: 1686009255_DOMAIN_COM-VRSN
> Registrar WHOIS Server: whois.ovh.com
> Registrar URL: http://www.ovh.com
> Updated Date: 2015-10-28T09:45:30.0Z
> Creation Date: 2011-11-07T13:57:12.0Z
> Registrar Registration Expiration Date: 2016-11-07T13:57:12.0Z
> Registrar: OVH, SAS
> Registrar IANA ID: 433
> Registrar Abuse Contact Email: abuse at ovh.net
> Registrar Abuse Contact Phone: +33.972101007
> Domain Status: clientTransferProhibited
> Domain Status: clientDeleteProhibited
> Registry Registrant ID:
> Registrant Name: Vade Retro Technology
> Registrant Organization: Vade Retro Technology
> Registrant Street: avenue antoine pinay
> Registrant City: hem
> Registrant State/Province:
> Registrant Postal Code: 59510
> Registrant Country: FR
> Registrant Phone: +33.328328328
> Registrant Phone Ext:
> Registrant Fax: +33.328328329
> Registrant Fax Ext:
> Registrant Email: uku0shwwfp3xze6a91lu at l.o-w-o.info
> Registry Admin ID:
> Admin Name: Vade Retro Technology
> Admin Organization: Vade Retro Technology
> Admin Street: 3 avenue antoine pinay
> Admin City: hem
> Admin State/Province:
> Admin Postal Code: 59510
> Admin Country: FR
> Admin Phone: +33.328328888
> Admin Phone Ext:
> Admin Fax: +33.328328329
> Admin Fax Ext:
> Admin Email: sl6mw8yiwfnf3i13lzte at f.o-w-o.info
> Registry Tech ID:
> Tech Name: Vade Retro Technology
> Tech Organization: Vade Retro Technology
> Tech Street: 3 avenue antoine pinay
> Tech City: hem
> Tech State/Province:
> Tech Postal Code: 59510
> Tech Country: FR
> Tech Phone: +33.328328888
> Tech Phone Ext:
> Tech Fax: +33.328328329
> Tech Fax Ext:
> Tech Email: sl6mw8yiwfnf3i13lzte at f.o-w-o.info
> Name Server: dns1.goto.fr
> Name Server: dns2.goto.fr
> DNSSEC: unsigned
> On 8/24/16 12:49 AM, Miles Fidelman wrote:
>> Well, just got another one, timestamped 9:12
>> And where the earlier ones asked me to confirm my unsubscribe
>> request, this one says that it's forwarded it to the admin.
>> And no, I did not send the original request - the From: line must be
>> forged. But... looking at the headers, it looks like it REALLY came
>> from [unsubscribe] (unknown [10.10.31.123]) by
>> smtp01.vaderetro-safeunsubscribe.com (Postfix) with SMTP id
>> ED4591BF7CB for <internet-history-request at postel.org>; Wed, 24 Aug
>> 2016 03:11:49 +0200 (CEST)
>> So who the hell is vaderetro-safeunsubscribe.com, and why is it
>> trying to unsubscribe people from internet-history?
>> Miles Fidelman
>>> The results of your email command are provided below. Attached is your
>>> original message.
>>> - Results:
>>> Your unsubscription request has been forwarded to the list administrator for
>>> - Done.
>>> mfidelman at meetinghouse.net
>>> 8/23/16, 9:11 PM
>>> internet-history-request at postel.org
>> On 8/23/16 8:43 PM, Joe Touch wrote:
>>> Hi, all,
>>> On 8/23/2016 4:15 PM, Miles Fidelman wrote:
>>>> On 8/23/16 6:35 PM, Alan Clegg wrote:
>>>>> On 8/23/16 6:13 PM, John R. Levine wrote:
>>>>>>> I get them as well. I've seen them on other lists too.
>>>>>> The usual approach is to send mail to parts of the list with tagged
>>>>>> addresses to see which ones trigger the unsub-bot, and narrow it down to
>>>>>> the guilty party.
>>>> Or to just save incoming messages to -request, so one can look at the
>>> The header indicates it's coming from the mailman system. I.e., these
>>> aren't forged; they're unsub requests.
>>>>> If only there were programmers around to make this happen....
>>>> Not even - just a sysadmin who can update the alias for -request, to add
>>>> an actual mailbox.
>>>> Who's listmaster for ih anyway?
>>> I am.
>>> I did some digging on this issue and the suggestion is to disable user
>>> unsubscribe completely (i.e., requires admin OK). Since I don't track
>>> those mails, it may be more difficult to get off the list now, but at
>>> least the stream of unsubs should calm down.
>>> Please let me know if you see further unsub requests.
>> In theory, there is no difference between theory and practice.
>> In practice, there is. .... Yogi Berra
> In theory, there is no difference between theory and practice.
> In practice, there is. .... Yogi Berra
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Internet-history