[an error occurred while processing this directive]
This spam report is at Deadbeats Page 10 
>whois pleasureproducts.com
Dan Doherty (PLEASUREPRODUCTS-DOM)
   8912 E. Pinnacle Peak Rd 8140
   Scottsdale, AZ 85255
   USA

   Domain Name: PLEASUREPRODUCTS.COM

   Administrative Contact:
      Doherty, Dan  (DD3464)  skirts4u@SPRINTMAIL.COM
      (602)860-9598 (FAX) (602)860-9598
   Technical Contact, Zone Contact:
      Wallace, Sanford  (SW1708)  domreg@CYBERPROMO.COM
      215-628-9780
   Billing Contact:
      Doherty, Dan  (DD3464)  skirts4u@SPRINTMAIL.COM
      (602)860-9598 (FAX) (602)860-9598

   Record last updated on 20-May-97.
   Record created on 20-May-97.
   Database last updated on 2-Sep-97 05:14:00 EDT.

   Domain servers in listed order:

   NS7.CYBERPROMO.COM           205.199.2.250
   NS9.CYBERPROMO.COM           207.124.161.50
   NS8.CYBERPROMO.COM           207.124.161.65
   NS5.CYBERPROMO.COM           205.199.212.50

While not quite a match, this does confirm CyberPromo's involvement. Based on the user
name of the billing/adminstrative contact, I don't think they are concerned about flames.

Just wanted to confirm this one:
>whois mnkmniforu.com
No match for "MNKMNIFORU.COM".

So, let's see who owns the address:
>whois 203.8.28.0
Asia Pacific Network Information Center (APNIC2) APNIC-CIDR-BLK
                                                     202.0.0.0 - 203.255.255.0
Challenge Bank Ltd (NETBLK-CHALLENGENET-AU) CHALLENGENET-AU
                                                       203.8.24.0 - 203.8.31.0
The Australian Internet Registry Pty Ltd (NETBLK-AUSTRALIA) AUSTRALIA-CIDR-BLK
                                                      203.0.0.0 - 203.63.255.0

To single out one record, look it up with "!xxx", where xxx is the
handle, shown in parenthesis following the name, which comes first.

Man, that's a full Class A worth of addresses and then some. That's pretty serious. This
is more important for educational purposes than anything else. It also helps show the lack
of credibility spammers have.

A traceroute does place this in Australia, but it will not resolve past the NAP:
Network Access Point. The address could be down, or the service provider could be
down as well.

Now, let's look into the deliberate false headers including in the spam to try and distract
the spam fighters:

>whois 211.11.111.0
Asia Pacific Network Information Center (NETBLK-APNIC-CIDR-BLK)
   Tokyo Central Post Office Box 351
   Tokyo
   100-91
   JAPAN

   Netname: APNIC-CIDR-BLK2
   Netblock: 210.0.0.0 - 211.255.255.0
   Maintainer: AP

   Coordinator:
      Conrad, David Randolph  (DC396)  davidc@APNIC.NET
      +81-3-5500-0480 (FAX) +81-3-5500-0481

   Domain System inverse mapping provided by:

   JATZ.AARNET.EDU.AU           139.130.204.4
   TECKLA.APNIC.NET             202.12.28.129
   NS.KRNIC.NET                 202.30.64.21
   NS.RIPE.NET                  193.0.0.193
   MOZART.TECHNET.SG            192.169.33.107
   RS0.INTERNIC.NET             198.41.0.5

   *** please refer to whois.apnic.net for more information ***
   *** before contacting APNIC                              ***
   *** use whois -h whois.apnic.net                 ***

   Record last updated on 11-Mar-97.
   Database last updated on 2-Sep-97 05:14:00 EDT.

Wow! A new whois machine to check addresses with. The bogus name from the bogus headers
would not resolve, so I looked up the netblock. Other than that, you'll notice typical
garbage in the false headers.

All done. Yet another UU.Net complaint. These UU.Net folks should be getting sick of me by
now. Until the spam from their domain stops, I am going to keep complaining.





Want custom DVD slideshows with music?