F*U*C*K Lebanon Spammers (epublicities, silhouette, etc.)

About the use & development of Internet in Lebanon.
zeez
Posts: 41
Joined: Tue Dec 16, 2003 6:58 pm

F*U*C*K Lebanon Spammers (epublicities, silhouette, etc.)

Post by zeez »

The CAN-SPAM Act became effective in January 1, 2004.
http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.htm

I think SPAM is still legal in Lebanon... But Internet has no borders, so I wonder if a country can decide alone to ban or to allow spam...

Believe it or not, in Lebanon, many companies use this word "positively" with the meanin of 'email advertizing"... and pay official companies (PROFESSIONAL SPAMMERS) who offer to spam people using their database of Lebanese emails.

They use special "spider" softwares to steal automatically search and steal emails from websites... Some companies even do it themselves. They pay some part-time guy how spiders theme-related websites and builds databases of emails stollen from other websites.

Also, in Lebanon, there are some ISP's that used to sell their own database of clients for advertisers...!!

Please reply to this post to report spammers. Help us build a list of the Lebanese professional spammers.

It is hard to fight effectively against SPAM. But one of the first useful things that you can do is to post samples of the spams you receive at:
http://www.spamcop.net

(it must as fresh as possible... less than 2 days old...)
Last edited by zeez on Fri Feb 24, 2006 12:48 am, edited 2 times in total.
murex
Posts: 48
Joined: Tue Dec 09, 2003 10:54 pm

Web Pollution

Post by murex »

In my opinion, one of the biggest spammer on the Lebanese web is:
NAHARNET.COM

In Europe or the USA, they could be sued easily.

Their clients are even more stupid than they are! They should rather throw their money directly by the window... Naharnet sends HTML emails with pictures hosted remotely... So the people who use Firefox or Internet Explorer since SP2 do not recieve them correctly... Also, good spam filters usually stop the emails.
murex
Posts: 48
Joined: Tue Dec 09, 2003 10:54 pm

Spammers in Lebanon

Post by murex »

Another piece of shit company is: EPUBLICITIES.COM

They are also using these other domain names: HUGE-EMAIL.COM
and HUGE-SMS.COM.

One of the IP used to send the spams is 212.98.133.70. It is in Lebanon and belongs to TERRANET (March 13, 2006).

TERRANET (terra.net.lb) IS A GOOD ISP. THIS ADDRESS WAS REPORTED TO THEM, AND AS A GOOD AND PROFESSIONAL ISP, THEY REPLIED THAT THEY FOUND IT TO BE A COMPOMISED MAIL SERVER AND THAT THEY HAVE TAKEN THE APPROPRIATE MESURES TO CEASE THIS ABUSE. (March 24, 2006)

...

The name of the dirty animal who works for this company is: Mireille Kochkarian. (Just in case you feel like insulting them, please use the phone numbers on their website.)

They also use these email addresses:
pcadd@epublicities.com
info@epublicities.com
intdes@epublicities.com
mireillekochkarian@hotmail.com
mireeillekochkarian@yahoo.com
mailer@admin.naharnet.com

Please try to forward them or expose their addresses so they get a maximum of spams.

.......

We should also try to make lists of the stupid clients who wasted money with those scam offers, and contact them to tell them about it.(Today most of the users have spam filters that can automatically delete those junk emails. That's why this is mostly lost money.)

Here is a quick list of stupid clients who payed "epublicities" (about 100$ per mailing) to send 100% UNSOLLICITED, blind and random spam emails to people who never asked for it:

Sahel General Hospital
Empire Theaters (Movie Theaters)
Circuit Planète (Movie Theaters)
Safir Heliopolitan Hotel
ICTN (International Consulting & Training Network)
Allo Taxi
AVIS (rent a car)
Silversea (boat cruises)
La Voile Bleue
Bacardi
Original Marines (clothes)
Michel Al-Ghorayeb (tatoos)
Tours Arab (travel agency)
Boustany Unlimited Machineries Co. (toyota dealers)
Autostars (Subaru & Daihatsu Dealers)
Saleh Kheir (vote for...)
Zaid Kheir (a restaurant)
Nicorette (Consumer Healthcare, Dubai)
The Industrial Sunrise Project (Bekaa Industrial City)
Z. Moukarzel (award & gift items)
Université La Sagesse (vote for Miss Sagesse)
Middle-East University
Michelin
MECAT & AABFS (MBA studies)
Waiterthon's Committee (marathon for waiters)
La Medina (restaurant)
Laguava Resort
Godiva (chocolate)
GNC (health products)
Boueiri Freight Services
Anthony Robbins (Seminars by ICTN)
Sinjaba (summer resort)
Badawi Group (real estate)
Asean Art
Adma Blue (Summer Resort)
Johnson & Johnson (contact lenses)
Reachable Dreams (a "work from home" scam)


.......

As much as possible, please try to contact them and make them realize what they are doing. And if they keep doing it, it could be a good idea to attack their site & servers more seriously.
murex
Posts: 48
Joined: Tue Dec 09, 2003 10:54 pm

Outlook Express / Service Pack 2 (SP2)

Post by murex »

Good thing:
People using Windows XP (SP2) cannot see the images in those spam emails. The spams are usually unreadable.
shlon
Posts: 14
Joined: Thu Jul 21, 2005 12:55 pm
Contact:

neo-spammerz of leb

Post by shlon »

one "smart" way to spam with all the peace of mind in the world, and no risk of seeing the spammerz' servers closed by some "miraculous" action is the following:

they create hotmail mail accounts, that they turn into a mailing list. there's one for each [stupid_client]:

CoteParcBeyrouth_UPPCLA@hotmail.com [restaurant]
cts_charter_MEA@hotmail.com [airways!!]
[those are a couple I found in my junk folder just now]

Those mail addresses cannot be blocked, as they change it for every campain.

THEN, the spam companies [it's even ridiculous to type!!! "the Spam companies", fukit!] sell stolen mail addresses to those [stupid_client], the price depends on the number of addresses you buy.

Survival??

In the first periods of HUGE-MAIL and other Socks fo Beaches, you could easily create a rule to block their name. then they had it written in their mails in a image .GIF file. But you still could block their mail addresses...

Now, what can be done??

Well, nothing pacific, I guess.
Shlon
"God Save the Drag Queen"
murex
Posts: 48
Joined: Tue Dec 09, 2003 10:54 pm

Spam & spam

Post by murex »

Well...
In this post, I suggest we focus on LEBANESE SPAMMERS.

1/ Now spam is illegal in most civilized countries. Normal companies in the US or in Europe will never spam because it would spoil their reputations. Only cheap & fake stuff use spam. They sell things like VIAGRA, FAKE WATCH REPLICAS, MORTGAGE LOANS, all sorts of scams asking for money etc. And the spam they send are 100% blind spams to huge mailing lists because they know the return is very low.
These sammers will never be stopped. No big city can have a 0% crime rate... These people get temporary hostings accounts in China, or they hack computers to send their emails etc. If you protect your email and follow a few simple guidelines YOU CAN GET RID OF THEM EASILY. This kind of spam usually only hurts "amateurs" web users.

2/ The case of Lebanon is very different. In Lebanon there are real SPAM companies (!) who get real respectable clients... The company uses programs to spider the web (very easy to do) and steal email addresses that are on display on web page related to Lebanon. Also, they make a list of all Lebanese sites and then the program automatically sends emails to guessed addresses such as info@domain.com, admin@domain.com, etc.

WHAT CAN BE DONE...?
Soon, we will set up a website for "Lebanon Internet Watch" (or "Middle East Internet Watch"... where we will list all the spamers... & their clients!

The spammers are ony 2 or 3 companies (Since the law is helpless, I truely & sincerely hope they get some ugly deasease or disappear in a bomb blast, since they are only 2 companies that are really bad, it would only take 2 little bombs.). But more realistically, the most important is to list the CLIENTS & contact them to let them know how this can hurt their reputation. We will call the clients one by one & tell them that.

Another option is to start a real PROFESSIONAL advertizing company that sends SOLLICITED EMAILS... It would do the same job but much more targetted & with a full respect towards international internet laws & ethics.
shlon
Posts: 14
Joined: Thu Jul 21, 2005 12:55 pm
Contact:

contradiction

Post by shlon »

This message follows all of e-Ad Int [www.eadint.com], but, please, not in TEXT but as a GIF file, to avoid being ripped apart by some rule on your mail client:

"YOU SUBSCRIBE TO RECEIVE THIS INFORMATION AT ONE OF OUR SITE PARTNER. SHOULD YOU NO LONGER WISH TO RECEIVE SIMILAR MESSAGES, PLEASE NOTIFY US THROUGH E-MAIL AT REMOVE@EADINT.COM
THIS E-MAIL IS AN ADVERTISEMENT FROM THE SENDER. IT IS BROADCASTED BY E-AD INT. AT THE SENDER'S REQUEST AND UNDER HIS SOLE RESPONSIBILITY. TO PROMOTE YOUR PRODUCTS, USE OUR WORLDWIDE E-MAIL BROADCASTING SERVICE.
CALL US @ 961-3-xxxxxx OR VISIT OUR URL: EADINT.COM - EMAIL: SALES@EADINT.COM"


(1) "YOU SUBSCRIBE TO RECEIVE":: not even capable of making a correct sentence...
(2) "PLEASE NOTIFY US THROUGH E-MAIL":: to make sure your address is working and that you check it. Of course, they will never remove you.
(3) BROADCASTED BY EAD AT THE SENDER'S REQUEST AND UNDER HIS SOLE RESPONSIBILITY":: the assholes found a way to take off their shoulders the moral responsibility; they are exploiting for this purpose clients' ignorance.
(4) "USE OUR E-MAIL BROADCASTING SERVICES":: SPAMMING SERVICES YOU SHITHEADS!!!

They know what they are doing, maybe the best solution is a plan on two main directions:

I >> Awareness towards the clients. We can mail methodically to their lists of clients [easy to know: we all get their emails!] to wake them up

II >> Hack and act violently against eadint.com and others' servers, in any "legal" or "illegal" way.
Shlon
"God Save the Drag Queen"
shlon
Posts: 14
Joined: Thu Jul 21, 2005 12:55 pm
Contact:

BLACKLIST #2 / add-ons

Post by shlon »

Spammers::

E-Ad Int | url:: eadint.com | phone:: 961 3 xxxxxx

Stupid clients::

- BARAKAT TRAVEL
- ORIENT PLUS / KHABBAZ TRAVEL
Shlon
"God Save the Drag Queen"
murex
Posts: 48
Joined: Tue Dec 09, 2003 10:54 pm

More shit...

Post by murex »

the email of another SPAMMER you may want to spam to death...
baddak@gmail.com
murex
Posts: 48
Joined: Tue Dec 09, 2003 10:54 pm

e-Ad International

Post by murex »

More info about EADINT (e-ad international)

They use the following IP addresses:

1/ from Lebanon (not often)

FROM 20 to 26 FEBRUARY 2006, and also on 12 MARCH, they used this IP: 213.175.185.150 which belongs to the following ISP:
IncoNet-Data Management s.a.l.
Website: idm.net.lb
(WARNING: the worst Lebanese ISP, supports & uses spam regularly)

It looks like a fixed IP... It was reported to IDM more than 3 times, but they don't care. IDM suports and practices SPAM very regularly...!

...............

2/ from the USA (more precisely: from a US IP)

This is the computer of a DSL user in the New York City area that is hacked by the spammer to send his shit from there.

FROM 7 to 10 FEB. 2006
70.107.40.223

12 FEB 2006:
70.107.3.37

FROM 15 TO 17 FEB 2006
70.107.63.87

FROM 17 FEB TO 26 FEB 2006
70.107.84.93

28 FEB TO 04 MARCH 2006
70.23.254.40

06 MARCH 2006
70.107.63.186

12 MARCH 2006
70.107.2.99

25 MARCH 2006
70.107.47.40


The ISP is: Verizon Internet Services Inc. (United States)
These are all IPs from a single DSL customer in New York City.
It is a dynamic IP that changes every week or so.

Almost all of them start by: 70.107.*.*
and belongs to this IP Range:
70.96.0.0 to 70.127.255.255

But the last one starts by: 70.23.*.*
and belongs to this IP range:
70.16.0.0 to 70.23.255.255

The only way to contact Verzion online to report spam, is through their abuse email (abuse-at-verizon.net and security-at-verizon.net). And they are well known not to answer to spam complaints... Calling a local branch in the US doesn't even help.

Also, these shit people display a phone numbers in the USA, Lebanon, UAE, and Kuwait and present their SPAM services from the following websites: eadint.com and eadmail-lb.com

These 2 domains and most of the services and products they advertize are hosted at Rackspace.com (USA), a famous host who has a bad reputation online about hosting spammers and not doing much about it. Their dedicated server is rented from Rackspace under the name of a hosting reseller: hostrix.com. Rami El-Zein, the manager, lives in Lebanon although his business is legally registered in Europe or somewhere Off-Shore with a representation office in Limassol in Cyprus (ELTOMA HOLDINGS Ltd). He also manages another web hosting businesses (not legally related to their SPAM activity) from the following website: practicalhost.com (a hosting reseller of Alabanza.com in the USA) and develop some other web services from those domains: practicalbox.com and pixelburo.com

The spammer's name is Hayssam Al-Moukammal (hm@eplusme.com) and lives in Lebanon as well.

This "bad guy" also runs a computer shop in Lebanon called: E-PLUS.

I am posting all their emails here, hoping they'll get stollen by spiders & spammed as well:

sales@eadmail-lb.com
removeme@eadint.com
hm@eplusme.com
h.m@eadint.com

Please send all your complaints to:
removeme@eadint.com
hm@eplusme.com

More info about the spammer:
Hayssam Mokammal
hm@eplusme.com

Computer Shop in Beirut:
E-PLUS / Tayouneh - Saida old road, farhat bldg, Beirut 00201
Phone: 03-285282 / Fax: 01-387260

...............

I hope someone can call this DOG and teach him how to advertise on the web...

...............

[ June 29, 2006 => LATEST NEWS: Rami El-Zein, the manager of Hostrix just contacted us, he admitted that the spammer is a hosting client of Hostrix. He said they were not aware of this and they do not support spam... They also said they will remove the 3 domain names of the spammer from their servers and registrar account as soon as possible. ]


.......
murex
Posts: 48
Joined: Tue Dec 09, 2003 10:54 pm

E-AD clients

Post by murex »

Although today most of the SPAMS advertize for bad products or usually scams, fake lotterie, porn, sex tools, viagra and other shit... But in Lebanon, more noble products are SPAMMED. A few companies do not seem to care about their reputation or any kind of web ethics.

The most fantastic new is that IDM (the famous ISP, who should encourage ethics and protect its clients instead) still uses SPAM! They used to even sell their clients database a few years ago. Then as clients complained they started using big spam filters on their mail servers. They are so BAD at their job that they set the level of filtering very high and the clients started loosing important emails!!!

Whatever, Lebanon still has a long way to go in many fields in order to become a real country I guess.

No wonder PAYPAL refuses Lebanese clients... and doesn't even allow people to connect to their account easily from Lebanon... Because the link between the Lebanese user and the WWW is not safe. The ISP's are not forced to behave correctly and the state (Syria and the still Sirianized Republic of Lebanon of today) is not protecting the users and even sometimes prefers to tap them instead...

The following (shameful) products were advertized as PURE INTENTIONAL SPAM by the above 'company' (e-ad international) :

idm.net.lb
A Lebanese ISP
(famous, but surely the worst one, please use cyberia or terranet instead)

uflyonline.com
A lebanese travel agency that sells air tickets online
(their site sucks...)

aldoukan.com
A very bad online shop that delivers lebanese goods. Their products are not very good and they don't treat their clients well at all.
(Use "BuyLebanese" instead, there is a link to them on the home page of the-lebanon.com)

It is a funny coincidence that all those clients are bad company, not well managed and offer a bad service as well.

If you are able to, please try to make any kind of pressure on those companies in order to stop their SPAM activities. Send email to the head offices, or maybe boycot is one of the ways to go.
nuclearcat
Posts: 5
Joined: Sat Jun 03, 2006 1:45 pm

Post by nuclearcat »

In opposite. VISP zero-tolerant to SPAM. If anyone tries to spam using our service, they will be permanently barred from using our services.
Additionaly. For broadband customer we have some special solution (based on IDS and some our own technologies), that protect him, and inform if he got virus/trojan. It will not let virus, spam, sensitive information to go from his PC and abuse other internet citizens.
murex
Posts: 48
Joined: Tue Dec 09, 2003 10:54 pm

SPAM / Mailing Lists

Post by murex »

Well your message sounds nice, but can you please be more precise...? I mean, it sounds cool, but do you allow your clients to send to their mailing list?... Suppose that a user needs to send a mailing list to 3000 people. WOULD YOUR SYSTEM LET HIM DO IT? I have heard that some local provider do NOT let users send emails to multiple recipient! Even to 50 or 100... DO YOU HAVE THIS KIND OF LIMIT? What is your recipient limit?

What's funny, is that the ISP who are doing this LIMITATION OF SERVICE, call it their "anti-spam policy"... A good ISP who wants to prevent spam, must let users send to multiple recipient, but at the same time, they must watch their network closely & examine very seriously all spam complaints and take action quickly if needed (compromised computers, spammers etc.).

In my experience, and on this aspect, TERRANET is the best in Lebanon... They seem to be the ONLY ones respecting all international standarts with zero bullshit...

CYBERIA is not bad. Their stuff are good people, but they have tech. limits that are not acceptable today... For example: they only allow their own SMTP... Unless you make a very special request... So that is NOT standart.

IDM just stinks... Like the garbage cans on the streets in summer...

Sodetel has an good tech. support and a good service in general. But they make mistakes and have a few limits (I think they limit the number of recipient to 50.) But this is not confirmed. If someone knows for sure, please confirm... + I think the company called "Wise" uses Sodetel...

.................

These are just personal comments based on a few user's experiences. There is a special thread in this forum to compare ISP's. Please do not hestitate to post your experiences with Lebanese ISP's over there.
nuclearcat
Posts: 5
Joined: Sat Jun 03, 2006 1:45 pm

Post by nuclearcat »

A good ISP who wants to prevent spam, must let users send to multiple recipient, but at the same time, they must watch their network closely & examine very seriously all spam complaints and take action quickly if needed (compromised computers, spammers etc.).
Easy to talk, difficult to do. Seems you never had your own SMTP server, with at least 100 users using it.

If you want to setup maillist, you have to speak with technical staff. Answer can be different.

If you are customer, who are using service for years or you are corporate customer, and you have "good" history it will be definitely answer "YES".
If you are new customer, without real dedicated ip, we will ask maybe to sign guarantee, that you understand responsibility, that if you send SPAM, and in case u did it, you will have to pay damage fees. Because the minute, when by new zero-day IE exploit, you will get to your PC spam-bot, and he will send millions of viruses or spam, first who will have problems - it is a our company. And price of such problems is not included in home accounts.
If you have only small "home" account, best option to buy hosting, and do whatewer you want from it.

You want real example from big company?
AOL.
[http://postmaster.aol.com/faq/port25faq.html]

They just close port 25. It is your own trouble, what you want to do, they dont care. They want to stop SPAM.
murex
Posts: 48
Joined: Tue Dec 09, 2003 10:54 pm

A hard work...

Post by murex »

You are so right...

I never said it was easy...:-)

AOL is certainly not a good example... I never met a serious human being who likes AOL... Most IT people think it is even a "bad word" in English...

Of course, we know there is always a limit of recipients at one time... So for a big mailing list, a good mailing software must be able to send them by packs of N messages every X minutes...

And I guess you're right about ISP asking guarantees from users... Specially in Lebanon where the law won't help... But still, I think it should be made easy for a new home user to be allowed to do his mailings, if they provide good guarantee & do not use excessive bandwidth... etc.

A good thing would be to TOTALLY BAN any kind of email that only displays advertizing... Maybe the best way would be to ask that the user signs an agreement that would say:
1- users are not allowed to send emails that displays an add only...
2- emails must include a simple "removal" method
3- the reply address cannot be fake
4- if a certain amount of email users complain, and provide serious proof of spam, that could be enough to terminate your account with no refunds etc.

ABOUT SECURITY:
There will always be hacked PC's acting as spam bots... A good ISP, would have a special service, answering & examining all complains sent by Anti-Spam companies (from spamcop.net to anti-spam firms)... And act quickly to warn the user, or limit his account... BUT I AM NOT SAYING THAT IS EASY. Many huge & reputable ISP's aren't able to manage that well at all... Verizon in the US was (and maybe still is) a good isp for spammers... They take months to react... So if you find a few compromised computers that are connect through them, you can spam for months with no pb...

The pb. with real spammers, is that they specialize into that... They never use their ISP's smtp... They get a temporary hosting in China... Work hard on coding their emails to try to cross though spam filters... etc. etc. etc.

To sum it up, one could say that:
WITH A GOOD ISP, a normal home user who wants to send to a medium sized mailing list (less say 3000 to 10000) should be able to do that regularly and easily - at no extra cost! - IF HE FOLLOWS THE EXACT PROCEDURE REQUIRED BY HIS ISP... Which could be made easier if the ISP clearly displays it on its website...
Post Reply