Blog for hpHosts, and whatever else I feel like writing about ....

Sunday, 26 June 2016

Pixel Federation: Downside of no weekend working .....

.... amongst other things.

What do you get if you cross an extremely prolific pharma spammer, with a company that both doesn't have anyone working weekends, nor allows non-staff to moderate? A crap ton of errr, crap of course. In this case, over 900 posts spanning almost 4 pages, from a single user account;


I've already grabbed a copy of the offending domains involved, and they're all sitting on just 2 IPs (or were at the time of writing);

These IPs belong to AS394466 MyNetMojo (C02682025), aka Fiber Hosting Canada, leased to them by AS18451 Les.Net. Personally, I'd blackhole the entire /24, but I've got zero tolerance for this rubbish. At the time of writing, I'm only seeing badness on these two specific IPs, so I'll leave the decision to you.

Domains list for anyone wanting it (if you see any not on this list, and owned by the same bunch of miscreants, feel free to ping me);

Friday, 24 June 2016

Oi BBC, Nigel - STOP IT!

Been watching the latest unfold all morning, and since the results were finalized, there's been one constant - a claim "the UK has voted to leave" - NO WE DID NOT!, only HALF of the UK did (51.9% to be exact, out of a 72% turnout (just under 3 quarters voted) - that is not "the UK", that's only half of those that voted!).

Wednesday, 22 June 2016

[INFO] hpHosts forums and website

Just a note folks, the hpHosts forums and website are now SSL (you shouldn't notice any different, the site will auto-redir an HTTP to HTTPS request). If you do encounter problems, please ping me.

[INFO] Site updates

Just a note folks, some of the sites are to be moved from their existing server, primarily the site, which is to be moved to to a server in the 1&1 DC.

Hoping to get it done by tomorrow, but may take longer (extremely swamped atm).

Additionally, the hpHosts website and forums are to finally have SSL by the end of today (if we can get DigiCert to play nicely).

Saturday, 18 June 2016

hpHosts: Updated Saturday June 18th 2016

The hpHOSTS Hosts file has been updated. There is now a total of 379,840 listed hostsnames.

If you are NOT using the installer, please read the included Readme.txt file for installation instructions. Enjoy! :)
  1. Latest Updated: 19/05/2016
  2. Last Verified: 19/05/2016
Download hpHosts now!


[INFO] Server updates

Just an FYI folks, the fSpamlist, vURL etc servers are being updated, shouldn't take long (will only be down whilst they reboot)

Thursday, 16 June 2016

fSpamlist: DB server downtime

Just a note folks, the DB server used for fSpamlist detected a power spike whilst I was sleeping this morning and went into fail-safe, effectively shutting itself down.

It's back online now. Apologies for any inconvenience.

Wednesday, 15 June 2016

Dear ClickSure - are you insane?

I send a plethora of abuse reports daily, for everything from generic spam to malware, exploits and our friendly tech support scammers (yes, you guys too - woops!). However, I received what has entered the list of the most frustrating responses, this time from ClickSure:

Hello Steven,

This is an automated email, please DO NOT reply to this message as responses are not monitored on this email address.

There has been a New Reply to the discussion entitled "Spam" (#CLKSPT4905643):


Thank you for contacting support.

We take spam complaints very seriously and will look into this.

Additionally can you please unsubscribe from any unwanted emails



Best regards,

ClickSure Support

Why is it frustrating you ask? Lets see shall we;

1. It doesn't include the original resport
2. It fails to provide a method for reply
3. It says there's been a reply to the discussion (errr, the what?)
4. It actively encourages those reporting spam to USE THE UNSUBSCRIPTION LINK

I can hear the cries already - why is using the unsubscription link a bad thing?

Well for starters, I never subscribed in the first place! You should NEVER EVER EVER (repeat that to yourself a hundred times, I'll wait) click an unsubscription link, reply with unsubscribe etc in the subject/body/whateveritisasking if you did not subscribe to it in the first place - all this does, is tells Mr and Mrs Spammy that the address is active and monitored (woops, you're now going to get a ton more).

ClickSure on the other hand, seem to be smoking something seriously wonky (or have had a severe case of the wedontgiveatossitis (what!, everything has an "itis" now apparently!), yep, I'm being VERY polite here for some reason). They may as well have responded with "just lean forward and allow that tree to be shoved up there, we're raking it in!" - it would've inferred the same lack of giving a toss.