Getting spammed LSN adverts by FraudRecord?

[Steven F]

If anyone would like, I would be open to creating a community version of FraudRecord. Public code base, semi-public database (only for programmers), et cetera. We could have a dispute function that would allow pre-approved members to moderate the disputes (keep details private, so you don't know who you're moderating for) and even roll out a few "premium" features (text/phone call verification, maybe more?).

You could easily pop up a site that does the same thing in just a few hours. I'd be willing to start working on it over the weekend, if there was interest, using Laravel (it'll keep things simple).

The nice thing would be that we as a community can add additional features as we see fit. I've been working on WHMCS plugins the past few weeks (private stuff), and rolling something out in WHMCS would be very simple. We could automate it considerably and pop out a really nice replacement.

Edit:

If we used the same hashing algorithm as FraudRecord, we'd even be able to use their database (maybe just link to it, not actively steal content).

 

[Aldryic C'boas]

Heh...yeah, this is why I never jumped on the FR bandwagon, and just kept all of our anti-fraud in house.  My inbox gets enough BS from "Let me cut you a great deal" upstreams as it is.

 

[Steven F]

Heh...yeah, this is why I never jumped on the FR bandwagon, and just kept all of our anti-fraud in house.  My inbox gets enough BS from "Let me cut you a great deal" upstreams as it is.

Let me cut you a great deal...

 

[DomainBop]

The SPAMMER's email header info:

DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=fraudrecord.com; q=dns/txt;
 s=pic; t=1418831178; h=Sender: Content-Type: Mime-Version: Message-Id:
 Subject: From: To: Date;
 bh=HPKNf2jI4/ycXn44kAK8mNqaxuZKWgV4KZVh8+7bwPw=; b=3O46SIO+YvaHaA/YGB8s7JKboR2zrRn0FuIXORU54lxb4Gc36ai7dBu3YcitgEkUsaAj7vEJ
 Bmfmz15A1a9O/5BBV1pTQtDkwfrdUD5hcgilkDIarEYyWxJEKRD2qUNVdZJfUaoYst93ZI9d
 NH0cd2qn3iGtdZcPmmW973SIMUk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=fraudrecord.com; s=pic;
 q=dns; h=Date: To: From: Subject: Message-Id: Mime-Version:
 Content-Type: Sender;
 b=U82qF9jvlJ/Cxcrtynq/8XtV4RI/YRcTzyIeisZK7kfFl7jIgIa3vHN/QNyVZpHGx9mdYz
 rY6iWtxI+sErx/WbRmOV+wEcMvwUk69U1aHSATHEGEZbGqCemOwNjSfHXxpeeagZtkf0Y9wT
 xVT/+OsJRGhGAeAudXBziRA/CzU4k=
Received: from fraudrecord.com (chicago.storagenic.net [96.30.40.236]) by
 mxa.mailgun.org with ESMTP id 5491a535.7fbc949c82d0-in6; Wed, 17 Dec 2014
 15:45:57 -0000 (UTC)
Date: Wed, 17 Dec 2014 17:45:57 +0200

Bgp.he.net info on the SPAMMER:

96.30.40.236 resolves to chicago.storagenic.net.

The following A records are set to 96.30.40.236:
chicago2.storagenic.net, harzem.com, kutay.com, onlineyet.com, storagenic.com, vecoprotect.com

 

[KuJoe]

If anyone would like, I would be open to creating a community version of FraudRecord. Public code base, semi-public database (only for programmers), et cetera. We could have a dispute function that would allow pre-approved members to moderate the disputes (keep details private, so you don't know who you're moderating for) and even roll out a few "premium" features (text/phone call verification, maybe more?).

You could easily pop up a site that does the same thing in just a few hours. I'd be willing to start working on it over the weekend, if there was interest, using Laravel (it'll keep things simple).

The nice thing would be that we as a community can add additional features as we see fit. I've been working on WHMCS plugins the past few weeks (private stuff), and rolling something out in WHMCS would be very simple. We could automate it considerably and pop out a really nice replacement.

Edit:

If we used the same hashing algorithm as FraudRecord, we'd even be able to use their database (maybe just link to it, not actively steal content).

So you're proposing to make a FraudRecord alternative that is run by a hosting provider? No thank you. I know you're intent is not malicious, but I would rather use a system that's run by an impartial third party versus a competitor. Imagine if CompanyX ran a fraud submission website and they wanted to get a one-up on the competition by holding back fraud reports for clients that spam and chargeback so their competitors will get IPs blacklisted and hit with chargeback fees or even worse, adjusting reports submitted by other companies so that company looks bad. Again, I'm not saying you would do this but it's along the same lines of thought as to why websites like LEB/LET should not be run by a company in the same field that they post ads for, it's a trust kind of thing and even if you are well trusted, there will be some people with that thought in the back of their mind and it ruins it for a lot of people.

 

[DomainBop]

Limestone and some shady marketing/advertising.... Haven't they done something questionable prior?

2 years ago 24khost complained on LET about receiving an unsolicited sales email from them.  LSN responded by sending Chief a DMCA asking to have the copy of the email removed.

http://lowendbox.com/blog/limestonenetworks-threatens-lowendtalk-with-dmca/

http://www.lowendtalk.com/discussion/5328/spammed-by-limestonenetworks/p1

 

[KuJoe]

Ok, so instead of this back and forth. How about we actually do something about this instead of just complaining about it and hoping our words can change the minds of somebody who is spending money to provide us a completely free service that is invaluable to the industry.

If every provider who posted in this thread sponsored $5 per month (Contributor status), that's $360/year that they didn't have yesterday. I highly doubt they are making $360/year off that one e-mail so let's vote with our wallets and get the ads pulled and the e-mails stopped.

Sure, you are welcome to complain all you want on a public forum. Nobody will stop you to my knowledge, but this is the 2nd thread regarding FraudRecord and LSN this year so you can see how forum posts don't do much and when given the ability to make a change people would rather not.

 

[Steven F]

Ok, so instead of this back and forth. How about we actually do something about this instead of just complaining about it and hoping our words can change the minds of somebody who is spending money to provide us a completely free service that is invaluable to the industry.

If every provider who posted in this thread sponsored $5 per month (Contributor status), that's $360/year that they didn't have yesterday. I highly doubt they are making $360/year off that one e-mail so let's vote with our wallets and get the ads pulled and the e-mails stopped.

Sure, you are welcome to complain all you want on a public forum. Nobody will stop you to my knowledge, but this is the 2nd thread regarding FraudRecord and LSN this year so you can see how forum posts don't do much and when given the ability to make a change people would rather not.

What's the cost of being a Platinum Sponsor?

 

[KuJoe]

What's the cost of being a Platinum Sponsor?

Looks like $50/month according to their website.

 

[Steven F]

Looks like $50/month according to their website.

I just saw that. Honestly, it's kind of bothering me now. He's making $250+ a month on the site, while not a large amount, it's still something. To send out these Limestone e-mails (and note that they're not even a listed sponsor!) is really infuriating me.

 

[KuJoe]

I just saw that. Honestly, it's kind of bothering me now. He's making $250+ a month on the site, while not a large amount, it's still something. To send out these Limestone e-mails (and note that they're not even a listed sponsor!) is really infuriating me.

I was just looking at the pricing for the data center his servers are hosted in and it doesn't look like $250/month would cover his costs even with the free DDOS protection we're giving him.

 

[Steven F]

I was just looking at the pricing for the data center his servers are hosted in and it doesn't look like $250/month would cover his costs even with the free DDOS protection we're giving him.

Why does he need an entire dedicated server? A small VPS would be more than enough to host FraudRecord.

 

[KuJoe]

Why does he need an entire dedicated server? A small VPS would be more than enough to host FraudRecord.

I guess the 100% uptime is important for him (and based on the traffic to his website, it's important for 900+ other companies also). While I agree it could possibly be hosted cheaper, I would never complain about somebody hosting a website that is important (and one that needs to be online 24/7/365) on a premium provider.

 

[DomainBop]

I was just looking at the pricing for the data center his servers are hosted in and it doesn't look like $250/month would cover his costs even with the free DDOS protection we're giving him.

Based on the IP address the email was sent from and a traceroute (that shows vz----.wiredtree.com), it looks like FR is hosted on a VPS at WiredTree (WiredTree is the d/b/a name of Cogswell Enterprises Inc).

 

[KuJoe]

Based on the IP address the email was sent from and a traceroute (that shows vz----.wiredtree.com), it looks like FR is hosted on a VPS at WiredTree (WiredTree is the d/b/a name of Cogswell Enterprises Inc).

Hmm, that's a different IP than his webserver.

 

[AnthonySmith]

Its gone fully commercial, just license it for $20 p/month everyone will pay, problem solved.

 

[KuJoe]

Its gone fully commercial, just license it for $20 p/month everyone will pay, problem solved.

This was discussed but it wouldn't work and would most likely ruin the project.

 

[AnthonySmith]

This was discussed but it wouldn't work and would most likely ruin the project.

I missed the discussion, what were the reasons it would not work and why would it ruin the project?

 

[KuJoe]

I missed the discussion, what were the reasons it would not work and why would it ruin the project?

Harzem was against charging for it and even if he did it would alienate new companies from participating. Since the whole point of FraudRecord is community involvement, limiting who can be involved would at the very least limit growth and would be detrimental for those providers who are paying for it.

These are just my thoughts but I feel very strongly about this project because of the sheer amount of money this has saved my company.

 

[drmike]

Its gone fully commercial, just license it for $20 p/month everyone will pay, problem solved.

I don't think $20 is right price point but more like $5-10 a month is something most people would pay without even thinking.   Do the math 900 companies at $5 = $4500 a month.   Even if 400 companies chipped in $5 a month = $2k a month.  Serious scratch.

There is no such thing as free, at least not for some long sustained period, unless someone has other cash funders, advertising, etc.   Just remember that when benevolent, giving souls offer the sky then cry later with their teary eyes about the money.

Why this project wasn't a paid one purely is about mass adoption resistance at the start.  But that time is gone, project is mature and running, has multiple funders and now advertisers and advertisers who are 'spamming'.  Subscription time!