Stupid ISPs

June 15, 2005

So over the last few weeks, I’ve gotten a couple dozen bogus messages from a source purporting to be my ISP, Rogers Cable. Not only are they crappy spoofs (heck, if you’re going to spoof something, do it right), they make the most outlandish claims. Like the one I got today:

Dear Rogers Member,

Your e-mail account was used to send a huge amount of unsolicited spam messages during the recent week. If you could please take 5-10 minutes out of your online experience and confirm the attached document so you will not run into any future problems with the online service.

If you choose to ignore our request, you leave us no choice but to cancel your membership.

Virtually yours,
The Rogers Support Team

+++ Attachment: No Virus found
+++ Rogers Antivirus – http://www.rogers.com

‘Virtually yours’? WTF is that? ‘Cancel your membership’? Sure, buddy. I mean, does Rogers not know how to use the phone? I love the bogus ‘no virus’ message at the end. What do they take me for, a child? The attachment, ’email-details.zip’, contained the W32.Mytob.EE@mm virus, which was caught by ZoneAlarm Security Suite’s MailSafe feature, and at the server by Rogers’ own virus scanning – as if I would have opened it anyway. The message header reveals more:

--0-1258228604-1118874641-87467
Content-Type: message/rfc822

X-Apparently-To: rishi_maharaj@rogers.com via 206.190.37.205;
 Wed, 15 Jun 2005 13:15:39 -0700
X-YahooFilteredBulk: 209.183.136.41
X-Originating-IP: [209.183.136.41]
Return-Path: 
Authentication-Results: mta101.rog.mail.re2.yahoo.com
 from=rogers.com; domainkeys=neutral (no sig)
Received: from 209.183.136.41  (EHLO rogers.com)
 (209.183.136.41) by mta101.rog.mail.re2.yahoo.com with SMTP;
 Wed, 15 Jun 2005 13:15:39 -0700
From: support@rogers.com
To: rishi_maharaj@rogers.com
Subject: Email Account Suspension
Date: Wed, 15 Jun 2005 16:15:30 -0400
MIME-Version: 1.0
Content-Type: multipart/mixed;
 boundary="----=_NextPart_000_0002_99AFBCC2.9606C44C"
X-Priority: 3
X-MSMail-Priority: Normal

So the culprit is identifying themselves as “rogers.com” (and why EHLO instead of HELO? Is the SMTP sever attempting to determine if the Rogers mail server supports reverse DNS (which I assume it does not, since no host name information has been attached to the IP)?), while a simple traceroute identifies 209.183.136.41 as sm400albert.1meg.golden.net.

But what pisses me off is that I’ve tried to report these spoofed e-mails to Rogers several times, with no response. Do they not care that someone is sending out bogus customer service e-mails that contain viruses? How many people have already believed these e-mails and been infected? Idiots.

Advertisements

3 Responses to “Stupid ISPs”

  1. Boz4PM Says:

    See, now on my server they’d want to know and hunt the so-n-so’s down.

    And yes, it IS that server.

    Oh, shush. 😛


  2. Hello mathnerd – you are actually using my URL – http://www.studioquality.ca. We are going to ask you politely to cease this usage since you will cause my ISP to cancel my service. I have been experiencing a lot of unexplained problems with my ISP recently. The only reason I found you was because I am in the process of setting up a blogger.


  3. To: rishi_maharaj@rogers.com

    http://www.studioquality.ca is a registered URL under the laws of Canada. You are hereby politely requested to stop using the above-mentioned url. You have caused me unnecessary issues with my ISP.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: