I just received an unsolicited commercial e-mail from a company named, ironically, PermissionEmailCorp.com. They did not receive my permission before sending me the e-mail. Their site states that they provide “choice / opt-out” for recipients. Funny, the spam message they sent me didn’t contain any such option.
Apparently they provide “free advertising for charities.” They also promise not to collect any customer information. Wow, how nice of them. But if they really cared about your charity, they wouldn’t use “third-parties” to “advertise and collect information about customers.” The company appears to be based out of China and related to AdvertisingEmailCorporation.com.
PermissionEmailCorp.com retrieved the e-mail address from my Godaddy account. Not from my public DNS who-is information, but from my GoDaddy account itself. GoDaddy needs to set-up their customer protection.
Update 13-March-2007: I started receiving e-mail messages to the address I use in my domain name whois information. Every domain has to have a contact e-mail address and it must be shared (unless your pay your registrar to make is private.) This is information is not allowed to be used for this purpose, but obviously this company is not playing by the rules. Once your e-mail address is out there for them to use, there is nothing you can do to get it hidden again. Either setup a spam filter or change your e-mail address (which may be found again.) Be careful about using a false e-mail address for your domain contact information. Your registrar may charge you an administrative fee if someone reports not being able to contact you because of that. To see you public whois information for your domain, try the Network Solutions Whois Lookup page.
permissionemailcorp.com have been spamming me as well. They got hold of the address that is used only for the technical contact for domain names I own. I changed that address a few days ago. I just got a spam to the new address.
What this means is that they are roboting WhoIs sites to harvest the contact addresses of domain name owners, and they refresh their list frequently. Since changing the address didn’t work I must now find another way to stop them.
I have received two of their pieces of garbage. They may be harvesting from domain names, but not necessarily the email addresses – they are also making up what appear to be valid email addresses based on the domain names they find.
I have 4 domain names – two are active, the other two are in preparation for other planned functions related to my main .com domain. Only one of those domains has any email addresses assigned – the .com domain, and those addresses are openly available to any visitor to the site, whether real or robotic. None of them were used. They instead made up an authentic-appearing address based on the .info domain.
Romane
They definitely pulled my contact info from my Godaddy account. I use that e-mail address only at Godaddy and nowhere else. It’s not at all a generic address. It is not listed in any of the who-is contact names, but maybe Godaddy shares more account information than is shown in the who-is listing. Regardless, I’m going to change that e-mail address and see what happens.
I just had the same problem, I think they are some how finding common names like [email protected]. I do think they are using robots to scan domains and might be even sending out random e-mail to your domain until they get one that matches. My domain e-mail address is not posted anywhere on the internet because my site is not completed and my domain is ran off of an e-mail server off of my computer. Even with companies like MSN and Yahoo uses robots to look for sites, even if you don’t submit your site to them they will find your site down the road.
I would NOT visit PermissionEmailCorp.com because this gives them the opportunity to grab your IP address.
This was the IP address with in the e-mail that was sent to me.
Ip Lookup
68.188.32.37 resolves to
“68-188-32-37.dhcp.stls.mo.charter.com”
Top Level Domain: “charter.com”
Charter Communications CHARTER-NET-7BLK (NET-68-184-0-0-1)
68.184.0.0 – 68.191.255.255
Charter Communications DRDN-MO-68-188-32 (NET-68-188-32-0-1)
68.188.32.0 – 68.188.63.255
Good morning
Have done some research since my last post. Did a WhoIs at http://www.whois.net/ and a Google on permissionemailcorp. The domain was registered in November last year. The anti-spam and anti-net-abuse people have had some discussion regarding them. They seem to be based out of China, and I gather that these anti-spam and anti-net-abuse people have tried to nail the person or persons behind this site in relation to other scams and similar parasitic activities previous to permissionemailcorp’s registration.
The issue with them grabbing the IP address is mostly relevant when you have a static address. As mine changes every time I log in, and the address range is shared between a number of ISPs, I took the opportunity to go to their home page (but no deeper). By not visiting, you have not missed much.
Maybe one day, *all* the Governments and relevant authorities in the world will get together to eradicate this pathetic disease that blights the Internet – but I’m not holding my breath for any time soon.
Romane
What a surprise to get an email from these people using my email address. What exactly does it mean? Have they sent out thousands of spam using my address? How do they do that and what should I do?
JB
My favorite quote on their site (on PermissionEmailCorp.com/welcome.html) is “CEO Ranked as The #1 Broadcast Emailer in The World by Wikipedia; The World’s Largest Online Encyclopedia.”
Congratulations, a user-editable wiki ranked you number one. I wonder who made that edit?
The message I get is from myself! Now, how do I stop them? If I categorize them as SPAM, then my own e-mail address goes on the blocked list.
I’ve received the same spam message… “we email advertise your charity web site to 7,500,000 people. free.
“permissionemailcorp.com” FROM MY EMAIL ADDRESS, TO MY EMAIL ADDRESS. I also wonder who they are spaming with my own email address. What is the recourse for damages?
Interesting that I use GoDaddy for my domains and recently changed my contact info to my personal email address that received this spam message twice, today (Feb 23 6:43 AM) and yesterday (Feb 24 at 7:04 am).
After a bit of research, this could very well be a scam originating from another country (China?). Likely a clever attempt to get an order via American Express, MC, Visa or Discover, through a non-secured webpage (http vs. https). Unsuspecting business owners might enter their credit card numbers, only to have them stolen.
There is a fax number provided,+1(206)260-3270, but that could be an IP phone (Vonage, etc.) sitting somewhere in China. Microsoft targeted Robert Soloway in 2005 so it would be easy to direct upset recipients to that person while grabbing a few hundred (thousand?) credit cards before closing up shop. That’s my guess…
John
http://www.IndianaDigital.net
——————————————————————-
Here’s what I found with 10 minutes of searching…
Here’s an update from SpamHaus that should shed some light on this:
http://www.spamhaus.org/organization/statement.lasso?ref=3
Here’s the company contact info for “Broadcast Email Service” when you follow the link in the spam email:
Corporation Headquarters
Located In The Heart of the Downtown Business District Located in Seattle, Washington, USA.
Corporate Address:
1001 4th Ave – #1259
Seattle, WA 98111
United States of America
Additional Information:
Please Read Under Email Software, Email Services, Custom Emailings and Charity Info to Learn About All of Our Products & Services. Thank You.
——————————————————————
Google the following [ 1001 4th Ave – #1259 seattle ] for insight to who shows up with this address.
——————————————————————
One of the Google links takes you to http://robertalansoloway.com where you can click a link to view a PDF of a lawsuit from Microsoft against Robert Soloway, who is identified as the CEO of Broadcast Email Service. In this lawsuit, Robert Soloway is identified as “Newport Internet Marketing” of CA.
However, even this is misleading. A WhoIs lookup reports the Domain Holder as…
Domain Name: PERMISSIONEMAILCORP.COM
Registrar: BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN
Whois Server: whois.dns.com.cn
Referral URL: http://www.dns.com.cn
Name Server: NS1.PERMISSIONEMAILCORP.COM
Name Server: NS2.PERMISSIONEMAILCORP.COM
Name Server: NS3.PERMISSIONEMAILCORP.COM
Name Server: NS4.PERMISSIONEMAILCORP.COM
Status: clientTransferProhibited
Updated Date: 19-feb-2007
Creation Date: 17-nov-2006
Expiration Date: 17-nov-2007
Domain Name………. permissionemailcorp.com
Creation Date…….. 2006-11-17 21:43:02
Registration Date…. 2006-11-17 21:43:02
Expiry Date………. 2007-11-17 21:43:02
…If you lookup who administers the domain, you get:
advertisingemailcorporation.com
——————————-
Domain Name: ADVERTISINGEMAILCORPORATION.COM
Registrar: BEIJING INNOVATIVE LINKAGE TECHNOLOGY LTD. DBA DNS.COM.CN
Whois Server: whois.dns.com.cn
Referral URL: http://www.dns.com.cn
Name Server: NS1.KANJERIMADA.INFO
Name Server: NS2.KANJERIMADA.INFO
Name Server: NS3.KANJERIMADA.INFO
Name Server: NS4.KANJERIMADA.INFO
Status: clientTransferProhibited
Updated Date: 25-jan-2007
Creation Date: 17-nov-2006
Expiration Date: 17-nov-2007
I’d like to hear what others come up with after a bit more digging.
John
http://www.IndianaDigital.net
How to stop them,anyone know? I’m in Cnada, registered my site through godaddy.com and I’m spammed everyday by this permissionemailcorp.
I got the same issue, multiple SPAM emails as-if originating from me and having the following two-liner:
————————————————————–
we email advertise your charity web site to 7,500,000 people. free.
www . permissionemailcorp . com
————————————————————–
Hope somebody can take care of this issue.
Best regards,
VJ
Seems like godaddy is the common thread in all these posts. Funny how the other registrars aren’t losing their customers’ emails to this “harvesting.” I guess if I had choked up the extra $2 a year they wouldn’t let my email “slip” into permissione’s hands.
Seems they have changed their details…I actually gave them a call, all Chinese strangely enough…then after a while they just keep putting down the phone on me after a few rings…
I will be giving this number and email address to all my new Nigerian Email scammer friends…
[email protected]
Domain Name………. permissionemailcorp.com
Creation Date…….. 2006-11-17 21:43:02
Registration Date…. 2006-11-17 21:43:02
Expiry Date………. 2007-11-17 21:43:02
Organisation Name…. liu feng
Organisation Address. guang zhou
Organisation Address. [email protected]
Organisation Address. guang zhou
Organisation Address. 321000
Organisation Address. GD
Organisation Address. CN
Admin Name……….. liu feng
Admin Address…….. guang zhou
Admin Address……..
Admin Address…….. guang zhou
Admin Address…….. 321000
Admin Address…….. GD
Admin Address…….. CN
Admin Email……….
Admin Phone………. +86.20321000232
Admin Fax………… +86.20321000232
Tech Name………… liu feng
Tech Address……… guang zhou
Tech Address……… [email protected]
Tech Address……… guang zhou
Tech Address……… 321000
Tech Address……… GD
Tech Address……… CN
Tech Email………..
Tech Phone……….. +86.20321000232
Tech Fax…………. +86.20321000232
Bill Name………… liu feng
Bill Address……… guang zhou
Bill Address………
Bill Address……… guang zhou
Bill Address……… 321000
Bill Address……… GD
Bill Address……… CN
Bill Email……….. [email protected]
Bill Phone……….. +86.20321000232
Bill Fax…………. +86.20321000232
Name Server………. ns4.mangoorangee.org
Name Server………. ns3.mangoorangee.org
Name Server………. ns2.mangoorangee.org
Name Server………. ns1.mangoorangee.org
Domain Name………. advertisingemailcorporation.com
Creation Date…….. 2006-11-17 21:43:14
Registration Date…. 2006-11-17 21:43:14
Expiry Date………. 2007-11-17 21:43:14
Organisation Name…. liu feng
Organisation Address. guang zhou
Organisation Address.
Organisation Address. guang zhou
Organisation Address. 321000
Organisation Address. GD
Organisation Address. CN
Admin Name……….. liu feng
Admin Address…….. guang zhou
Admin Address……..
Admin Address…….. guang zhou
Admin Address…….. 321000
Admin Address…….. GD
Admin Address…….. CN
Admin Email……….
Admin Phone………. +86.20321000232
Admin Fax………… +86.20321000232
Tech Name………… liu feng
Tech Address……… guang zhou
Tech Address………
Tech Address……… guang zhou
Tech Address……… 321000
Tech Address……… GD
Tech Address……… CN
Tech Email………..
Tech Phone……….. +86.20321000232
Tech Fax…………. +86.20321000232
Bill Name………… liu feng
Bill Address……… guang zhou
Bill Address………
Bill Address……… guang zhou
Bill Address……… 321000
Bill Address……… GD
Bill Address……… CN
Bill Email………..
Bill Phone……….. +86.20321000232
Bill Fax…………. +86.20321000232
Name Server………. ns4.kanjerimada.info
Name Server………. ns3.kanjerimada.info
Name Server………. ns2.kanjerimada.info
Name Server………. ns1.kanjerimada.info
Follow the exploitations of Robert Soloway who is behind this SPAM…
http://en.wikipedia.org/wiki/Robert_Soloway
http://en.wikipedia.org/wiki/SPAMIS
I receive this email 2 times a day and have for the past week.
I’ve been getting this. They are apparently guessing at addresses based on domain names. I don’t really care where they got the domain name. If I have to protect my domain name to prevent someone from doing this type of thing, then there really is no point in having a domain name that is easy for folks to remember.
The emails are not compliant. There is no From field and the return path is the address they are guessing. As a result bounces don’t work. So if they are doing this to see what addresses are valid, they are not likely getting any feedback unless someone follows the URL in the message. So my guess is that they are simply trying to advertise. And because they are not getting any bounce feedback, they will just keep sending them.
In the headers, the path histories of the messages are extremely short (one hop to my server) and seem to come from a variety of IPs from all over the world. Bots, I presume.
I also have seen the url for www . emailsolutioncorp . com.
je recois aussi des mail mais pas avec godaddy mais relais internet “orange”
comment faire et quels sont les retour pour mon ordi car tous les plans et les achat passent par là ils passent par le mon de domain donc direct sur ma boite
merci
je reçois des mail aussi mais pas par godaddy mais relais internet “orange”
comment faire pour les stoper car je fait mes achats en ligne et en passant par le nom de domain ils arrivent direct sur ma boite
merci
Based in France, I’ve been spammed from those guys for weeks now (since February 07). I would suggest not to write their domain adress in each of our pots because this may increase their ranking over the net. One major point is that they are able to spam each of us with our proper e-mail adress as the sender. They are able to write things in our names.
For everybody’s information, I also own domain names but through 1and1.fr and gandi.fr
Update 13-March-2007: I started receiving e-mail messages to the address I use in my domain name whois information. Every domain has to have a contact e-mail address and it must be shared (unless your pay your registrar to make is private.) This is information is not allowed to be used for this purpose, but obviously this company is not playing by the rules. Once your e-mail address is out there for them to use, there is nothing you can do to get it hidden again. Either setup a spam filter or change your e-mail address (which may be found again.) Be careful about using a false e-mail address for your domain contact information. Your registrar may charge you an administrative fee if someone reports not being able to contact you because of that. To see you public whois information for your domain, try the Network Solutions Whois Lookup page.
Got email from www . emailsolutioncorp . com send from my own email address..
isn’t there a way to spam those spammers back? Flood their email or something.
Hi All,
I got the spam too. I order the product they have by sending the all info as You Mother F…. Spamers. Then it show the following as one of the e-mail for them:
[email protected]
With same title I send them an e-mail too. I think for each spam from this company we showld send them an e-mail directly.
I have received this SPAM also: See Below, I have contacted the WA Attorney General’s office. Though the State of WA does not have laws against spam, the do have laws against deceptive business advertising. We can become a nuisance to this business like it is to us, file a complaint with the WA AG’s office they are at http://www.atg.wa.gov
emailsolutioncorp.com/contact.html
Corporation Headquarters
Located In The Heart of the Downtown Business District Located in Seattle, Washington, USA.
Corporate Address:
1001 4th Ave – #1259
Seattle, WA 98111
United States of America
emailsolutioncorp.com is registered in china by a registrant that is named “Beijing Innovative linkage technology”. They are well known for fraudulent emails and domains.
Unfotunatly since it in China. there is not much we can do.
I have tried a formal FTC complaint and no response.
Its not a godaddy problem .. I use another registrar and unique throwaway addresses for my whois info. They grab the info from whois, and update fairly regularly.
BTW look into http://www.sneakemail.com (I’d be lost without them)
Look no further – The research has been done (not that it seems to help).
All China and whois references are red herrings (other than hosting etc). Full Robert Alan Soloway (http://blog.opsan.com/archive/2005/07/29/1148.aspx) history and latest updates are available via these dedicated anti-soloway blog links.
http://blog.opsan.com/archive/2006/05/25/28138.aspx
http://sjwest01.googlepages.com/broadcastspam.html
Join the club & best of luck in your solving the Eternal soloway problem.
Hi All,
I find a flaw in the emailsolutioncorp.com system.
go to emailsolutioncorp.com/orders/doorder.php and complete the form with any thing and any number such as 1111111111111111111111 for the credit card number and submit the order.
it is using emailsolutioncorp.com/orders/doorder-process.php. hoping I can extract the email address for them
They are blasting me 1-2 times a day. If anyone finds a permenant solution, please post.
Thanks
Hello guys, I have the same problem!
i receive many emails everyday anytime form UNKNOWN SENDER and the advertised website is emailsolutioncorp.com
Please anyone has got any solution to stop him?
Many thanks and have a nice day,
Marco.
These spammers drive me nuts and have done for months. Perhaps someone with some spare time could have a go at updating the Wikipedia entry with the facts about these a-holes.
If you would like to contact this company directly, they have another email address:
[email protected]
This can be found by following Ramin’s flaw instructions above.
They have been reported here too, so Mcafee users will be warned before visiting their site.
http://www.siteadvisor.com/sites/emailsolutioncorp.com?ref=safesearch&aff_id=0&premium=false&suite=false
liu feng mail address
[email protected]
or
[email protected]
or
[email protected]
all these adresses seems to work.
I have a legitimate Internet advertising business and I am getting SPAM to and from my primary business e-mail address. Are other people getting this SPAM ‘from’ my e-mail address too? I also get e-mails from e-mail addresses containing my domain that do not exist. The last thing I want to do is delete my primary business e-mail address and lose contact with potential and actual clients, but I can’t afford to have my good name associated with SPAM like this.
Suz: I’m not sure, but I think every recepeint receives the e-mail as if it was sent from their own address. It’s easy for them to forge the spam headers to make this appear like that – to eliminate spam bouncing back to the actual sender.
Word of caution: never use your primary e-mail address in your domain name registration public contact info. It’s obviously not protected.
These dirtbags are also using several of my domain names as the ‘from’ address in their spams, and as a result, my legitimate business email cannot get through to my customers. Many of the major email companies have banned any email address with my domain name in it because of all the spam these losers have sent using my domain in the from address. “Beijing Innovative Linkage Technology” is th common denominator – they are the registrar for all of the prescription drug sites these spam emails are trying to direct traffic to. I noticed they don’t even put a link in their email anymore, instead they use an image that shows their website address and tell you to type their domain name in your browser to get to their (probably) illegal prescription drug site. The reason they do that is because the spam filters have gotten so sophisticated, they actually scan the email for banned URLs before letting it through. If this company put its URL or a link to it in the email, it would probably not get through most spam filters. I know this why? Because they have gotten my URL banned and I cannot even put my website address in the signature block of my emails anymore, or they get filtered out as spam.
by the way, I don’t think it’s just the whois info where they are stealing dmail addresses…it’s the internet in general. I don’t use godaddy and I still have the same issue. The common denominator seems to be that all of my domain names that are being used have email addresses that are published somewhere on the internet (i.e. my websites).
I never publish plain-text e-mail addresses because of this. I use a graphic (picture) or use a contact form with validation. If you e-mail address is published, it’s sure be receive spam and probably will be used in the from address as spam.
On thing you can do is modify the MX record of your domain to include Sender Protection Framework. Your hosting provider may have to do this. It means that you have to specify which servers/IP addresses are approved for sending e-mail using your domain name. It causes all messages sent from unauthorized IP addresses to be marked and spam, and valid e-mail to be marked as “not spam”. Check out http://www.openspf.org/ .
I saw that GoDaddy accounts had this problem with the spam, well 1and1.com has the same issue. What you think is a private registration really isn’t because these guys get the proxy email account and you get spammed. I have several hundred domains (all privately registered), and receive hundreds of these spam messages daily. The problem is that every now and then you want to check your junk emal to see if some important email got filtered out and is now in your junk mail. I am receiving between 30 and 40 of these spams AN HOUR!!
We need to get them shut down now!
Thanks for the link Carlton – I’ll definitely look into it.
And Bob – I agree, let’s shut these spammers down. You own several hundred domain names …so do I. Let’s find a way to use the power of the internet to stop these jerks. I’ve done some research and made a few phone calls. Does anybody see a link to the Metro Bank in Houston, TX whose phone# is listed in the whois info as the admin and technical contact for many of these prescription drug sites? Or do you think the bank is just an innocent victim of someone who used their phone#? You’d think that even dumb spammers would use legitmate info as the technical and admin contact for the domain names. Then again, perhaps they open and shut down websites so often they don’t care. Either way, I think there’s something suspicious about this bank whose phone# is listed in the whois. When I called they said they don’t know anything about these websites, but they were almost too quick to say it – like they had a sort of rehearsed answer. I asked for their legal department and was told they don’t have a legal dept – a publicly traded bank with 10 offices in Houston & 3 in Dallas, and they don’t have a legal department or even a legal person to forward legal issues to? Instead, they referred me directly to the President, David Tai. It’s hard for me to believe that after calling the bank’s main phone # (that’s posted on their website), that the first person I talked to would send me straight to the bank’s President. I own a small business with less than 5 employees and even my phone calls are screened better than that!
This bank has a ‘China Town’ connection (see this website I found which promotes the bank):
http://www.chinatownconnection.com/metro_bank_redirect.htm
And according to the bank’s website, “The foundation of our success truly has been in the ethnic markets – especially the Asian and Hispanic ones – where we have strong ties and direct involvement with the communities”
Something stinks about this bank. I think their “Asian-connection” may be relevant considering that:
1.) their phone# is listed on the whois, and
2.) all of these spammer sites are registered by a Chinese registrar in China
Coincidence? Perhaps, but again, something about this bank stinks.