DoNotPay Spam?

Robert_Webb1 · January 13, 2021, 10:06pm

Anyone else getting spam from DoNotPay everytime they send an email to the list?

I have not sent anything in a while until my ATT email and now I am getting this on every new email I send to the list.

Michael_Thomas · January 13, 2021, 10:12pm

oh is that where it’s coming from. yes. my filter now zaps it.

Mike

Mike_Hammett · January 13, 2021, 10:12pm

I have reached out to the list admins and the donotpay people and they’re working on it.

In short, someone that uses that service reported the NANOG list as SPAM to the DoNotPay service.

Sabri_Berisha · January 13, 2021, 10:21pm

Hi,

Yep. I complained to their support. Then I complaint to their “mail provider” Mailgun. When that proved useless, I complaint to AWS who hosts Mailgun. AWS replied and said they would get in touch with Mailgun.

We’ll see whether or not Mailgun gets the Parler treatment.

Brian_Bruns · January 13, 2021, 10:22pm

Wow, someone needs to be whacked upside the head pretty hard for that.

I actually DM'd with their CEO guy (I think it was) on Twitter a week or so ago about their unsubscribe process that didn't seem to work right. Worthwhile for anyone having issues with their service to reach out on Twitter.

Bryan_Fields · January 13, 2021, 10:22pm

yup, I've spent a few hours to gleam who might be the source of it. It's
almost impossible to trace as they have the email subscribed as a normal user,
and then harvest the sender address and send it from a totally different spam
server.

What you can do is when you notice these, email geeks@nanog with the full
email including headers immediately. We can then cross check it against new
signups. I wish there was a more scientific way to process it.

Thanks,

Sabri_Berisha · January 14, 2021, 12:28am

Hi Bryan,

What you can do is when you notice these, email geeks@nanog with the full
email including headers immediately. We can then cross check it against new
signups. I wish there was a more scientific way to process it.

The first time I got it, I sent this to support@donotpay.com:

I received this email in, what appears to be, reply to a post I made on NANOG.

Needless to say, I never signed up for this. I did not even know you existed.
Since you do add "support@donotpay.com" in your email, I assume this is a
honest mistake, and you'll be happy that I'm contacting you and will be fixing
it immediately.

Obviously, further unsolicited emails will result in ... a different approach
taken.

A few days later, I got the same again, and contacted their hosting provider,
Mailgun (while CCing support@donotpay.com), with the following:

I've received, multiple times, email such as below after posting to the North
American Network Operators Group (NANOG) email list. I've tried contacting
support@donotpay.com (ticket #13202), but they seem oblivious to the issue
and asked me to unsubscribe.

Please educate your customer. Alternatively, I will contact Amazon, who seem
to advertise your IP space.

161.38.200.0/22 *[BGP/170] 00:51:18, localpref 150
AS path: 53356 60011 3356 16509 I, validation-state: unverified
> to 195.16.87.249 via ge-0/0/6.0

Headers are as follows:

[snip]

I did not even get a reply on that. So, as promised, the third time I was
spammed, I took the liberty of contacting AWS. They responded with:

This is a follow up regarding the abusive content or activity report that you
submitted to AWS. We have investigated this report, and have taken steps to
mitigate the reported abusive content or activity.

But of course, nothing changed.

This goes a lot further than someone accidentally subscribing. So, it seems
that there are few options other than to simply block mail from that /22.

Thanks,

Sabri

6x7_Networks_Lady_Be · January 14, 2021, 1:01am

FYI geek team I received it too.

Ms. Lady Benjamin PD Cannon, ASCE
6x7 Networks & 6x7 Telecom, LLC
CEO
ben@6by7.net
"The only fully end-to-end encrypted global telecommunications company in the world.”

FCC License KJ6FJJ

Rich_Kulawiec · January 14, 2021, 1:12am

This is solvable by permanently blocking all traffic from Mailgun in
your MTA. This should be a good start and may suffice:

  mailgun.info
  mailgun.net
  mailgun.org
  mailgun.us

---rsk

Mel_Beckman · January 14, 2021, 1:15am

Tons, and we are litigating them. They are spamming most of the addresses in several of our domains.

-mel via cell

Mel_Beckman · January 14, 2021, 1:20am

DoNotPay is a spammer and by all accounts a scammer too. They violate the US CAN SPAM Act by not including a clear opt-out mechanism (their Manage Preferences link leads to an “unsubscribe” form that in reality signs people up to your service!) I’ve also repeatedly ask that they unsubscribe all the emails in our domains, and they repeatedly claim, falsely, that we ever mentioned any other emails.

They don’t tell the truth, and the company is highly deceptive. As an ISP we can file a claim for damages, which I’m doing.

-mel via cell

Mailman · January 14, 2021, 4:28am

Any chance the HTML can be turned off ?

Mel_Beckman · January 14, 2021, 8:31pm

After we began the process to serve their agent for legal service, the CEO emailed me the following assertion that they’ve fixed the issue, including the missing unsubscribe. We are waiting to see if the fix has indeed been made.

-mel

Robert_Webb1 · January 14, 2021, 9:26pm

Thank you for the follow up and your time to take care of this.