[an error occurred while processing this directive]
The report for this spam can be found at: 2008 Phish Scam Edition.
Return-Path: <atminfor@yahoo.com>
Received: from mailfilter5.ihug.co.nz (203.109.136.5) by studio42.com with
ESMTP (Eudora Internet Mail Server 3.2.10) for <chris@studio42.com>;
Wed, 19 Mar 2008 10:13:24 -0800
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AtOqAAPm4EfLbYka/2dsb2JhbACBXUCPO5hm
Ironport-Suspected-Spam: Yes
X-IronPort-AV: E=Sophos;i="4.25,525,1199617200";
d="scan'208";a="80339170"
Ironport-Content-Filter: send-to-smtp
Ironport-OCF: send-to-smtp
Received: from webmail6.ihug.co.nz (HELO webmail.ihug.co.nz) ([203.109.137.26])
by smtp.mailfilter5.ihug.co.nz with ESMTP; 20 Mar 2008 06:13:58 +1300
MIME-Version: 1.0
Date: Thu, 20 Mar 2008 05:06:29 +1200
From: Mr.David Mark <atminfor@yahoo.com>
To: atm@info.com
Subject: PAYMENT VIA ATM CARD
Organization: ATM CENTER
Reply-To: lindapayout@live.com
Message-ID: <184cdc47c610922776ff8dbb0efa03f9@ihug.co.nz>
X-Sender: atminfor@yahoo.com
Received: from [86.62.13.126] (126-13-62-86.digitalskys.com) (login=loveheart10@ihug.co.nz)
(proxy 192.168.2.130 [192.168.2.130]) by webmail.ihug.co.nz (running
ihug Webmail/0.1b) via TCP with HTTP/1.0 id <184cdc47c610922776ff8dbb0efa03f9@ihug.co.nz>;
Thu, 20 Mar 2008 05:06:29 +1200
User-Agent: ihug Webmail/0.1b
Bcc: bkpradhan@ncaer.org, cat@efn.org, bency_chua@yahoo.com.sg, bigjee3@yahoo.com,
june_62_cd@yahoo.com.sg, bus_122000@yahoo.com.sg, skyline_1974@yahoo.com.sg,
hgal_1982@yahoo.com.sg, jgay28@yahoo.com, aries2004_sg@yahoo.com.sg, you@yourbiz.com,
ebinalfamily@asapnet.net, sales@iinet.net.au, support@iinet.net.au, 956c96920611261410u42f1d1c3q86ebd7628f486443@mail.gmail.com,
956c96920611241739o6044bd91tf59a6c7b108c972f@mail.gmail.com, gimpwin-users@domain.hidden,
dwain.alford@domain.hidden, 24bd202b51@domain.hidden,
956c96920611241739o6044bd91tf59a6c7b108c972f@domain.hidden, username@host.domain,
fazilette45@hotmail.com, bakoarifetra@refer.mg, mamy_andriamalala@yahoo.com,
rabesaham@state.gov, dudumoses01@yahoo.com, alikay65@yahoo.com, dudmoses01@yahoo.com,
aradbord@kdka.com, avivaradbord@aol.com, pascal.raditsebe@gmail.com, cerase_r@yahoo.com,
jogesh69@yahoo.com, eecbang@bdcom.com, mahathero@dhammarajika.com,
upatishyasraman@hotmail.com, asoka@gononet.com, swarupbarua@yahoo.com, bluws@wat
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
--
6.8 Million Dollars has been accredited in your favor,Contact Mrs.
LindaHill(lindapayout@live.com) With the following, Name:
Delivery Address: Age: Occupation: and Phone: Regards. Mr.David Mark
[studio42@flatus studio42]$ host 203.109.136.5
5.136.109.203.in-addr.arpa domain name pointer mailfilter5.ihug.co.nz.
[studio42@flatus studio42]$ whois 203.109.136.5@whois.apnic.net
[whois.apnic.net]
% [whois.apnic.net node-2]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 203.109.128.0 - 203.109.255.255
netname: TIG
descr: The Internet Group Ltd.
descr: IHUG/StarNet/VIPNet/PrintOnline/TravelOnline
country: NZ
admin-c: IHUG-NOC-AP
tech-c: IHUG-NOC-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-AP-IHUG
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20070912
source: APNIC
role: Network Operations
address: 127 Newton Rd
address: Auckland
country: NZ
phone: +64-9-9629200
e-mail: noc@ihug.co.nz
admin-c: ihug-noc-ap
tech-c: ihug-noc-ap
nic-hdl: ihug-noc-ap
mnt-by: maint-ap-ihug
notify: root@ihug.co.nz
changed: root@ihug.co.nz 20070801
source: APNIC
I can't see losing anything by blacklisting this.
Onto spammer or zombie:
[studio42@flatus studio42]$ host 86.62.13.126
126.13.62.86.in-addr.arpa domain name pointer 126-13-62-86.digitalskys.com.
[studio42@flatus studio42]$ whois 86.62.13.126@whois.ripe.net
[whois.ripe.net]
% This is the RIPE Whois query server #3.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html
% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '86.62.0.0 - 86.62.63.255'
inetnum: 86.62.0.0 - 86.62.63.255
netname: AE-DIGITALSKYS-20050607
descr: DigitalSkys Limited
country: AE
org: ORG-DL27-RIPE
admin-c: GW980-RIPE
tech-c: GW980-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: MNT-API
mnt-domains: MNT-API
mnt-routes: DIGITALSKYS-MNTNER
mnt-routes: MNT-API
source: RIPE # Filtered
organisation: ORG-DL27-RIPE
org-name: DigitalSkys Limited
org-type: LIR
address: DigitalSkys Limited
Gavin Wehlburg
Director, Chief Technical Officer
DUBAI INTERNET CITY OFFICES 355 BU P O BOX 500125
500125 DUBAI
United Arab Emirates
phone: +971505519412
fax-no: +97143909966
e-mail: gavin.wehlburg@digitalskys.com
admin-c: GW980-RIPE
mnt-ref: DIGITALSKYS-MNTNER
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered
person: Gavin Wehlburg
address: DigitalSkys Limited
address: Dubai Internet City Offices 355 Building 17
address: P O Box 500125 Dubai
address: United Arab Emirates
phone: +971505519412
nic-hdl: GW980-RIPE
mnt-by: DIGITALSKYS-MNTNER
source: RIPE # Filtered
Spammer.
