UCE Protect Level 2 has 64.62.128.0/17 Blacklisted

http://www.uceprotect.net/en/rblcheck.php

(example IP - 64.62.190.246)

Not sure if this is specific to Linode - or other providers on the same network space….

23 Replies

UCEProtect is an extortion racket. They serve no useful purpose. If your mail is getting blocked by this, the people you are mailing need a new provider.

@pclissold:

UCEProtect is an extortion racket. They serve no useful purpose. If your mail is getting blocked by this, the people you are mailing need a new provider.
Interesting, you have a bad experience with them?

Disclaimer I don't use them all I did was google and really I haven't discovered anything that would lend me to believe that they aren't legit.

It's a sad reality that due to Scum Spammers these services are a MUST. In a perfect world this scum would not exist, but hence life isn't perfect ;)

@marcus0263:

@pclissold:

UCEProtect is an extortion racket. They serve no useful purpose. If your mail is getting blocked by this, the people you are mailing need a new provider.
Interesting, you have a bad experience with them?

Disclaimer I don't use them all I did was google and really I haven't discovered anything that would lend me to believe that they aren't legit.
If you're in their blacklist on level 1, you'll either have to wait 7 days for automatic expiry, or pay 50 Euros per IP address for immediate removal.

http://www.uceprotect.net/en/index.php?m=7&s=6

And on level 2, UCEPROTECT has this to say:

"Your provider didn't act fast enough to disconnect abusers, or has no clue how to install preventive measures against spammers."

On removal from level 2:
> UCEPROTECT-Level 2 deescalates dynamic and removes the listed allocation if the number of Level 1 listed abusers went below a predefined trashcount within the last 7 days.

We expect that you have implemented our 4 Steps against email abuse, which you can find at Help for ISPs, before contacting us.

Should you not have implemented those 4 Steps, we can only offer to remove your netblock (and all IP addresses within that range from Level 1) on a payment basis. The fee for this is 150.- Euro per allocation.(This is a real discount compared to end-users, which have to pay 50.-Euro per IP.)
http://www.uceprotect.net/en/index.php?m=7&s=7

Regarding level 3:
> YYour provider has no interest to stop spammers, or he seems to think spam is, what the internet was made for. His IP's belong to the worst SPAMMERHEAVENS on the net, but you are also not innocent, because you support spammers by giving your money to such a sewer.

Your provider will be automatically removed from Level 3, as soon as there are less than 0.2% abusers from all his allocations left in UCEPROTECT-Level 1 within 7 days.

There is no manual removal or exception for end customers at LEVEL 3 - Requests are futile.

Only your service provider can change your situation.
http://www.uceprotect.net/en/index.php?m=7&s=8

In other words, if you manage to get listed in some way, and are able to block further spamming attempts, you'll be on the blocking list for at least 7 days, or pay up either 50 Euro for a single IP (as an end user) or 150 Euro for a netblock (as an ISP). If that's not extortion, I don't know what is.

@marcus0263:

It's a sad reality that due to Scum Spammers these services are a MUST. In a perfect world this scum would not exist, but hence life isn't perfect ;)
Yes, but it's no reason for blacklists not being somewhat flexible in their removal policies.

@marcus0263:

Disclaimer I don't use them all I did was google and really I haven't discovered anything that would lend me to believe that they aren't legit.
First hit that isn't one of their own pages when I Google for uceprotect: OpenRBL Wiki.

NeonNero's post pretty much has it covered. I rest my case.

Whether we like or dislike UCEProtect's policies on listing and delisting is somewhat irrelevant here I think. Can we all agree that it is not a good thing to have your IP test positive on spam databases if you are planning on sending email from your linode?

I know one of the first things I did when I considered linode was to test a few of their ip's against spam databases. I subscribe to dnsstuff's RBLalert service, so I see whenever my ips get added to any blacklists. As of about a week ago, AS3595 (gnax, the whole atlanta datacenter) is listed on UCEProtect level three. Now I don't think that is the end of the world, but if I had seen that when I was choosing linode I might have kept looking. If they continue to get added to more lists, I will probably have to consider moving elsewhere, which would suck since linode is IMHO the best thing going.

As for UCEProtect:

If you are on the level 1 list, then your IP sent spam to their systems and YOU need to fix something. I don't think 7 days is an unreasonable time for them to wait to see if you've really fixed the problem.

The level 2 and 3 listings on UCEProtect are based on netblocks and ASNs, so they are not based on anything you have done, but simply indicate your neighbors have sent spam. I personally think anyone using these lists to filter email is going overboard just to make a point, but it is their server so they can reject us if they want.

The 7 day timeout might not be as bad, although more popular blocking lists like SpamCop.net and Spamhaus.org operate with much lower default timeout periods (24 hours for SpamCop.net, upwards from 48 hours for Spamhaus.org) if there are no new reports.

Problem is, extortionists like UCEProtect doesn't take into account short-term technical difficulties or single-user errors, and will charge you if you want the IP delisted immediately. SpamCop.net and Spamhaus.org doesn't charge anything for delisting if there's a valid reason for manual delisting.

Also, with level 2 listings, UCEProtect says that your ISP "didn't act fast enough" to stop the spam. They don't say what they define as "fast enough". For what we know, this could be anywhere from 30 minutes to 1 hour to 2 days to 3 weeks.

For those who spam for a living, a charge of 50 Euros for delisting is petty cash, as UCEProtect doesn't appear to bother checking if there's more spam coming from the IP address being delisted, they only say that the IP will be delisted as soon as the payment has been received.

This brings on the feeling that UCEProtect is more interested in making money on delisting IP addresses rather than actually solving the spam problem.

I also notice that their website is more or less riddled with bad English and "high-school level" informal language. Yes, they're German, but that still no excuse for proper grammar and spelling (or even basic formal language) when presenting information. To me, they present the image of high school kids (or the German equivalent) rather than actual business professionals.

@Stever:

Whether we like or dislike UCEProtect's policies on listing and delisting is somewhat irrelevant here I think.
Whether or not these thieves have taken part of the Internet hostage for their own ends or not should be irrelevant. No sensible provider takes them seriously and they will go the same way as SPEWS.

Granted a week to remove without paying is long, but bottom line is the reality of filth from Scum Spammers opens the door for people to charge for blocking them. And it takes money and resources to combat these low life's.

So bottom line is UCEProtect is a bad service, complain to the companies who use them. I myself outsource my email services and they have excellent anti-spam. Yes it cost's me more than other services and if I were to run my own email, but then again you get what you pay for ;)

@marcus0263:

Granted a week to remove without paying is long, but bottom line is the reality of filth from Scum Spammers opens the door for people to charge for blocking them. And it takes money and resources to combat these low life's.
Yes, it takes money and resources in terms of man-hours for the ISPs. The only costs I'm aware of for many of these blocking lists boils down to hosting, marketing and maintenance, all of which are basically minor costs nowadays, especially judging by the image displayed by UCEProtect.

The problem with UCEProtect and similar systems is mainly the fact that as an ISP (or hosting provider), you'll not only pay for the man-hours to plug the hole used by spammers, but you'll also need to pay off somebody (which can basically be seen as a bribe) to continue regular e-mail traffic.

By charging money to remove an entry from your blocking list, rather than doing a proper job at maintaining it, you're basically stooping down to the level of those spammers.

And I repeat, those who are likely to pay off this type of - and let's be honest - bribe, are spammers and those who simply don't know any better.

@marcus0263:

So bottom line is UCEProtect is a bad service, complain to the companies who use them. I myself outsource my email services and they have excellent anti-spam. Yes it cost's me more than other services and if I were to run my own email, but then again you get what you pay for ;)
Thankfully, I don't use UCEProtect myself, and I don't personally know of any systems (or sysadmins) using them.

It should be noted that we have an existing thread on the matter, when they threw the same AS# on their blacklist.

http://www.linode.com/forums/viewtopic.php?t=2863

As far as I can tell, we had the UCE "admin guy" (or one of them) post in that thread, explaining his… 'position.' Even a GNAX employee responded.

It's worth a read.

heh, that was rather comical :lol: :lol: :lol:

Yeah, they're blacklisting Verizon :lol: :lol: :lol:

So I guess they won't let uunet through since Verizon owns them eh?

These guy's are a joke :roll:

@pclissold:

UCEProtect is an extortion racket. They serve no useful purpose. If your mail is getting blocked by this, the people you are mailing need a new provider.

Sure, that is the ususal claim made by spammers.

Spammers lie.

It seems the problem is GNAX once again hosting lots of spammers.

Have a look at the IP's which are causing the problem and see what you get as PTR's:

http://www.uceprotect.net/en/rblcheck.php?asn=3595

Scroll down complete to see the IP's which got listed at Level 1 and so causing the problem.

So lets see some of the IP's and decide what it is:

63.247.64.65 mail1.awesomemktg.net

63.247.64.66 mail2.awesomemktg.net

and so on some hundrets more of that one..

Now lets look to whom you can say THANK YOU for being listed:

Domain Name: awesomemktg.net

Registrar: Name.com LLC

Expiration Date: 2009-04-28 00:00:00

Creation Date: 2008-04-28 16:06:07

Name Servers:

ns1.awesomemktg.net

ns2.awesomemktg.net

REGISTRANT CONTACT INFO

Inet Advertising

Domain Administrator

234 Morrell Rd.

Suite 160

Knoxville

TN

37919

US

Phone: +1.6155126750

Email Address: inetadvertising.admin@gmail.com

63.247.64.100

and let's see who is that:

Domain Name: differentmktg.net

Registrar: Name.com LLC

Expiration Date: 2009-04-28 00:00:00

Creation Date: 2008-04-28 16:06:08

Name Servers:

ns1.differentmktg.net

ns2.differentmktg.net

REGISTRANT CONTACT INFO

Inet Advertising

Domain Administrator

234 Morrell Rd.

Suite 160

Knoxville

TN

37919

US

Phone: +1.6155126750

Email Address: inetadvertising.admin@gmail.com

Lets pick another IP from that space …

63.247.95.100 mail4.mailingsforconsumers.net

Domain Name: mailingsforconsumers.net

Registrar: Name.com LLC

Expiration Date: 2009-04-13 00:00:00

Creation Date: 2008-04-13 16:33:56

Name Servers:

ns2.mailingsforconsumers.net

ns1.mailingsforconsumers.net

REGISTRANT CONTACT INFO

Inet Advertising

Domain Administrator

234 Morrell Rd.

Suite 160

Knoxville

TN

37919

US

Phone: +1.6155126750

Email Address: inetadvertising.admin@gmail.com

I recommend that you youse your brain and investigate first before claiming others extortion racketeers, if you don't want to be called a spamsupporter.

If you will do the work and have a look to that list above then you will find that GNAX did lease some hundret IP's to a well known spammer.

Claiming they would not have known about that is futile.

The PTR's given should have been warning enough to know that it will be no brave customer.

All of the domains within the complete Listings were registered less than 3 month ago and for only one reason - spamming.

Spammers lie and so does GNAX.

GNAX wants YOUR money, but they also want spammers money.

They did exactly knew that they will end up in UCEPROTECT-Level 3 again if they will give complete /24 Networks to spammers again as they did it one year ago too.

It might be a good idea if Linode would for a better uplink instead.

Companies using our lists do exactly know why they are using UCEPROTECT and you will not get them to drop us, because UCEPROTECT works for them.

Have a look at AL IVERSON's independant staistics:

http://stats.dnsbl.com/uce3.html

That translates to: UCEPROTECT-Level 3 (which lists complete providers) has blocked about 40% spammails, but less than 0.3% false positives

Could that mean that those some hundret providers which manage to end up in Level 3 are responsible for 40% of the global spam, but less than 0,3% real mail came from their networks and ranges?

@Claus von Wolfhausen:

@pclissold:

UCEProtect is an extortion racket. They serve no useful purpose. If your mail is getting blocked by this, the people you are mailing need a new provider.
Sure, that is the ususal claim made by spammers.

Spammers lie.
It's not just a usual claim from spammers, the extortion racket claim is also wide used among non-spammers, especially with regards to blocking lists who charge money to remove people from that list. (No, you can't send your important e-mail message now. You'll have to wait a full week or pay me money to let it through.)____ __@Claus von Wolfhausen:

It seems the problem is GNAX once again hosting lots of spammers. __With the same logic I could claim that AT&T, Microsoft, Google, LiquidWeb and the majority of China are all supporting spammers by letting spammers host websites with them. How so? I've reported a wide share of IPs and websites via SpamCop.net to these, and via your logic, they must support spammers.

Problem is, all of these provide hosting space for cheap (or free), attracting spammers everywhere to use up trial offers and such.

Also, in terms of assigning a wider IP segment to the spammers, they will most likely get into legal trouble if they claim them to be spammers unless they can provide hard evidence of this themselves. Either that, or they don't know beforehand whether or not they are spammers.

The way you're fighting spam, can be compared to the US government fighting terrorism by releasing, say, Anthrax into the ventilation system of a random skyscraper, simply because they know there's a couple of terrorists in there, and then go in and charge money for immediate healtcare to the others who were affected. Just to throw a random example to the extremes.

Well-fed spammers won't think twice to pay for your express removal, even if it means he gets listed less than an hour after being delisted. SpamCop.net and Spamhaus.org require you to contact them and provide an explanation for the delisting rather than a payment. There's the difference between an extortion racket like yourself and legitimate blocking lists.

Also, saying that GNAX is a spammer's haven based on 300 IPs out of 92,000 (yes, ninety-thousand IP addresses) last year is a bit extreme, don't you think? And in the other thread, the IP mentioned was 64.62.190.246, which you follow up with a reference to GNAXNET ("AS3595"). The IP mentioned isn't even remotely near GNAX's network.

Frankly, as a non-customer with Linode, I don't know how you can find time in your workday to visit, read and write posts on a relatively small forum like this one.____

@NeonNero:

It's not just a usual claim from spammers, the extortion racket claim is also wide used among non-spammers, especially with regards to blocking lists who charge money to remove people from that list. (No, you can't send your important e-mail message now. You'll have to wait a full week or pay me money to let it through.)____ ____UCEPROTECT runs on autopilot at 99,85%

That means no one has to lift a finger here to remove listings, they just expire if there is no abuse seen for 7 days.

That is the usual way UCEPROTECT works.

Oh i forgot, there are these very important persons which's lifes are depending on email-delivery.

If email would be so important for them, they would better think about security of their systems before they got hacked.

Oh and there are providers that give a shit to who are their new customers and it does not matter to them to abuse their other customers as human shields.

If those get listed and the whining starts about the bad guys at UCEPROTECT, there are always some dumbsters which think they must come up with the extortion storyand the even dumber claim that no one would use that lists.

Why do i say dumbster?

Because those can't think logic.

If no one would use our lists, then you wouldn't even get aware of our listings and wouldn't have to tell your even dumber story of extortion.

The facts are:

If people here have to do manual work to check if problems are really fixed and removing IP's manually it is something which costs the company money.

That is only in parts payed by the expressdelisting fees.

If you are willig to do the work of 8 employees 24/7 free of charge here to deal with athe spamfriendly providers and lusers which got hacked and were abused for spamming then no problem.

We would really preferre to have a genius as you doing their work free of charge, it would save us a lot of money.

If so we would no longer need to charge fees for expressdelistings.

So did you apply for that position here?

If not - simply shut up and blame the right persons for the listing - the sewers that caused the listings.

They did get listed 4 days ago, and what do you think?

Did they boot their massive spamming customer in the meantime?

You guess it - they did of course not.__

@NeonNero:

SpamCop.net and Spamhaus.org require you to contact them and provide an explanation for the delisting rather than a payment. There's the difference between an extortion racket like yourself and legitimate blocking lists. SpamCop.Net does not inquire anything, you will be removed automatically whitin 24 hours after a spamrun from your machine ends. The fact you can contact them does not really mean you can hurry up things.

@SPAMCOP-WEBSITE:

__Dispute Listing

If you are the administrator of this system and you are sure this listing is erroneous, you may request that we review the listing. Because everyone wants to dispute their listing, regardless of merit, we reserve the right to ignore meritless disputes.__ __Spamhaus.org is a commercial system which charges users of their blocklists instead.

See here: http://www.spamhaus.org/datafeed/pricecalculator.lasso

Different to that UCEPROTECT-Blocklists can be used free of charge by anyone who wants to do so.

I guess even you should now see that you can't compare blocklist models which couldn't be more different in their concepts.__

@NeonNero:

Also, saying that GNAX is a spammer's haven based on 300 IPs out of 92,000 (yes, ninety-thousand IP addresses) last year is a bit extreme, don't you think? And in the other thread, the IP mentioned was 64.62.190.246, which you follow up with a reference to GNAXNET ("AS3595"). The IP mentioned isn't even remotely near GNAX's network. __Sorry my fault, i didn't read the complete thread so let's talk about

64.62.128.0/17

It's not better at all, even more worse:

Lets see this:

http://www.uceprotect.net/en/rblcheck.php?asn=6939

How can a professional provider manage to get 200 spamming IP's within a /17 network within 7 days?

Yes one needs to be negligent to not notice their new customers are spammers.

Checking PTR'S for those 200 IP's and run whois for the domains you get there you will find that they are WELL KNOWN to everyone that ever had to deal with spam.__

@NeonNero:

Frankly, as a non-customer with Linode, I don't know how you can find time in your workday to visit, read and write posts on a relatively small forum like this one. __That is because my employer pays me to do public relations and Google is my friend too. :-)

It is very easy to find threads as that one where dumbsters claim the story of extortion again and again.

Serious: If we would be racketers, then we would not even care about your writings.____

@Claus von Wolfhausen:

That is because my employer pays me to do public relations and Google is my friend too. :-)

It is very easy to find threads as that one where dumbsters claim the story of extortion again and again.

Your employer pays you to be a rude forum troll, throwing around insults and epithets at people who don't agree with you?

Wow.

WOW.

That's not the type of company I, or anyone that I know, wants to do business with.

@Claus von Wolfhausen:

That is because my employer pays me to do public relations and Google is my friend too. :-)
You're pissing into the wind doing PR here.

A. Dumbster

@Claus von Wolfhausen:

That is because my employer pays me to do public relations and Google is my [only] friend
Yes, Google is your friend.

@Claus von Wolfhausen:

@NeonNero:

It's not just a usual claim from spammers, the extortion racket claim is also wide used among non-spammers, especially with regards to blocking lists who charge money to remove people from that list. (No, you can't send your important e-mail message now. You'll have to wait a full week or pay me money to let it through.)____ ____UCEPROTECT runs on autopilot at 99,85%

That means no one has to lift a finger here to remove listings, they just expire if there is no abuse seen for 7 days.

That is the usual way UCEPROTECT works.__ __SpamCop.net and Spamhaus.org are mainly automated systems, too. But that doesn't mean that they don't care about customer service. Waiting a full 7 days is a bit extreme, no matter which blocking list it is, considering that's for _any_ offense, and not taken any exponential factors into account (such as 5 hours for 1-5 offenses, 24 hours listing for 5-50 offenses, 48 hours for 50-100 hits, 7 days for more than 100, just to throw an example out there).__

@Claus von Wolfhausen:

__Oh i forgot, there are these very important persons which's lifes are depending on email-delivery.

If email would be so important for them, they would better think about security of their systems before they got hacked.

Oh and there are providers that give a s*** to who are their new customers and it does not matter to them to abuse their other customers as human shields.

If those get listed and the whining starts about the bad guys at UCEPROTECT, there are always some dumbsters which think they must come up with the extortion storyand the even dumber claim that no one would use that lists.

Why do i say dumbster?

Because those can't think logic.

If no one would use our lists, then you wouldn't even get aware of our listings and wouldn't have to tell your even dumber story of extortion.__ _"Extortion" is a more than sufficient word for your operation. According to WordNet:_ > __extortion

noun

1. an exorbitant charge__ _(definition 2 and 3 probably doesn't apply here, unless someone has better information), and_ > __exorbitant

adjective

greatly exceeding bounds of reason or moderation; "exorbitant rent"; "extortionate prices"; "spends an outrageous amount on entertainment"; "usurious interest rate"; "unconscionable spending"__ _Additionally, insults and cusswords get you nowhere, they only display your own childishness._

@Claus von Wolfhausen:

__The facts are:

If people here have to do manual work to check if problems are really fixed and removing IP's manually it is something which costs the company money.

That is only in parts payed by the expressdelisting fees.

If you are willig to do the work of 8 employees 24/7 free of charge here to deal with athe spamfriendly providers and lusers which got hacked and were abused for spamming then no problem.

We would really preferre to have a genius as you doing their work free of charge, it would save us a lot of money.

If so we would no longer need to charge fees for expressdelistings.

So did you apply for that position here?

If not - simply shut up and blame the right persons for the listing - the sewers that caused the listings.

They did get listed 4 days ago, and what do you think?

Did they boot their massive spamming customer in the meantime?

You guess it - they did of course not.__ __If, by the same measure, all development on Linux had been paying work, it would probably cost way more than any given Windows version. Volunteer work is where it's at. Volunteers at other blocking lists do it to better the world, not just to get a paycheck out of it.

Besides, since you have such amazing automated listing facilities, why not also provide a similar and secure infrastructure/system for automated de-listing? And for the proper reasons, mind you. The amount of man-hours would plummet on a case-by-case basis.

I mean, you do send an automated report to the ISP you list (to their abuse desk or other technical contact) about the fact that they are on the list, right? That is, to let them know they have a spam source on their hands.

If not, I don't get what your 8 employees are being paid for doing 24/7.

And no, I didn't apply for that position at your company, and judging by how you operate, I would be seriously offended to be in any type of affiliation with UCEPROTECT or any of its owners and/or partners.__

@Claus von Wolfhausen:

@NeonNero:

SpamCop.net and Spamhaus.org require you to contact them and provide an explanation for the delisting rather than a payment. There's the difference between an extortion racket like yourself and legitimate blocking lists. SpamCop.Net does not inquire anything, you will be removed automatically whitin 24 hours after a spamrun from your machine ends. The fact you can contact them does not really mean you can hurry up things.

@SPAMCOP-WEBSITE:

__Dispute Listing

If you are the administrator of this system and you are sure this listing is erroneous, you may request that we review the listing. Because everyone wants to dispute their listing, regardless of merit, we reserve the right to ignore meritless disputes.__ _No, hurrying up things is no guarantee when contacting them, but it will give the ISP a greater chance to dispute false reports._

@Claus von Wolfhausen:

__Spamhaus.org is a commercial system which charges users of their blocklists instead.

See here: http://www.spamhaus.org/datafeed/pricecalculator.lasso

Different to that UCEPROTECT-Blocklists can be used free of charge by anyone who wants to do so.

I guess even you should now see that you can't compare blocklist models which couldn't be more different in their concepts.__ __Charging for usage is all a matter of what volume of e-mail you process. If you're somewhat larger ISP, you would be better off subscribing to their Data Feed service. However, if you're just a single server owner, you're more or less free to use their DNSBL service.

http://www.spamhaus.org/organization/dnsblusage.html__

@Claus von Wolfhausen:

@NeonNero:

Also, saying that GNAX is a spammer's haven based on 300 IPs out of 92,000 (yes, ninety-thousand IP addresses) last year is a bit extreme, don't you think? And in the other thread, the IP mentioned was 64.62.190.246, which you follow up with a reference to GNAXNET ("AS3595"). The IP mentioned isn't even remotely near GNAX's network. __Sorry my fault, i didn't read the complete thread so let's talk about

64.62.128.0/17

It's not better at all, even more worse:

Lets see this:

http://www.uceprotect.net/en/rblcheck.php?asn=6939

How can a professional provider manage to get 200 spamming IP's within a /17 network within 7 days?

Yes one needs to be negligent to not notice their new customers are spammers.

Checking PTR'S for those 200 IP's and run whois for the domains you get there you will find that they are WELL KNOWN to everyone that ever had to deal with spam.__ _How can such a large professional provider not manage to get 200 spamming IPs within such a short timeframe, especially if caught at a bad time. With a /17 network (that accounts to 32766 hosts), 200 IPs are roughly 0.6% of the total. Those would now no longer be customers._

@Claus von Wolfhausen:

@NeonNero:

Frankly, as a non-customer with Linode, I don't know how you can find time in your workday to visit, read and write posts on a relatively small forum like this one. __That is because my employer pays me to do public relations and Google is my friend too. :-)

It is very easy to find threads as that one where dumbsters claim the story of extortion again and again.

Serious: If we would be racketers, then we would not even care about your writings.__ __First of all, if you're being paid for doing public relations, I think you're mainly performing your function as a public relations representative rather poorly with your unprofessionalism, rude language and offensive behavior. In my opinion, and I may have mentioned it before, politeness and a small amount of flexibility comes a long way in my book.

Second, who's your employer, then?__

WHOIS for UCEPROTECT.NET:

domain:                      uceprotect.net
status:                      LOCK
owner-c:                     LULU-10008350
admin-c:                     LULU-10008350
tech-c:                      LULU-10008350
zone-c:                      LULU-10008350
nserver:                     ns1.lautenschlager.net
nserver:                     ns2.lautenschlager.net
nserver:                     ns3.lautenschlager.net
created:                     2003-05-14 15:35:00
expire:                      2009-05-14 00:00:00 (registry time)
changed:                     2008-06-11 17:21:13

[owner-c] handle:            10008350
[owner-c] type:              PERSON
[owner-c] title:
[owner-c] fname:             Claus
[owner-c] lname:             von Wolfhausen
[owner-c] org:               UCEPROTECT-Orga
[owner-c] address:           Postfach 23023
[owner-c] city:              Muenchen
[owner-c] pcode:             80535
[owner-c] country:           DE
[owner-c] state:             BY
[owner-c] phone:             +49-1805-444894208
[owner-c] fax:               +49-1805-444894268
[owner-c] email:             _stop_spam_to_be_removed@uceprotect.org
[owner-c] protection:        B
[owner-c] updated:           2008-04-07 13:30:54

[admin-c] handle:            10008350
[admin-c] type:              PERSON
[admin-c] title:
[admin-c] fname:             Claus
[admin-c] lname:             von Wolfhausen
[admin-c] org:               UCEPROTECT-Orga
[admin-c] address:           Postfach 23023
[admin-c] city:              Muenchen
[admin-c] pcode:             80535
[admin-c] country:           DE
[admin-c] state:             BY
[admin-c] phone:             +49-1805-444894208
[admin-c] fax:               +49-1805-444894268
[admin-c] email:             _stop_spam_to_be_removed@uceprotect.org
[admin-c] protection:        B
[admin-c] updated:           2008-04-07 13:30:54

[tech-c] handle:            10008350
[tech-c] type:              PERSON
[tech-c] title:
[tech-c] fname:             Claus
[tech-c] lname:             von Wolfhausen
[tech-c] org:               UCEPROTECT-Orga
[tech-c] address:           Postfach 23023
[tech-c] city:              Muenchen
[tech-c] pcode:             80535
[tech-c] country:           DE
[tech-c] state:             BY
[tech-c] phone:             +49-1805-444894208
[tech-c] fax:               +49-1805-444894268
[tech-c] email:             _stop_spam_to_be_removed@uceprotect.org
[tech-c] protection:        B
[tech-c] updated:           2008-04-07 13:30:54

[zone-c] handle:            10008350
[zone-c] type:              PERSON
[zone-c] title:
[zone-c] fname:             Claus
[zone-c] lname:             von Wolfhausen
[zone-c] org:               UCEPROTECT-Orga
[zone-c] address:           Postfach 23023
[zone-c] city:              Muenchen
[zone-c] pcode:             80535
[zone-c] country:           DE
[zone-c] state:             BY
[zone-c] phone:             +49-1805-444894208
[zone-c] fax:               +49-1805-444894268
[zone-c] email:             _stop_spam_to_be_removed@uceprotect.org
[zone-c] protection:        B
[zone-c] updated:           2008-04-07 13:30:54
WHOIS for UCEPROTECT.ORG:

Domain ID:D106342186-LROR
Domain Name:UCEPROTECT.ORG
Created On:17-May-2005 15:48:02 UTC
Last Updated On:18-May-2008 01:24:08 UTC
Expiration Date:17-May-2009 15:48:02 UTC
Sponsoring Registrar:PSI-USA, Inc. dba Domain Robot (R68-LROR)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT RENEW PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Registrant ID:ABM-10008350
Registrant Name:Claus von Wolfhausen
Registrant Organization:UCEPROTECT-Orga
Registrant Street1:Postfach 23023
Registrant Street2:
Registrant Street3:
Registrant City:Muenchen
Registrant State/Province:BY
Registrant Postal Code:80535
Registrant Country:DE
Registrant Phone:+49.1805444894208
Registrant Phone Ext.:
Registrant FAX:+49.1805444894268
Registrant FAX Ext.:
Registrant Email:_stop_spam_to_be_removed@uceprotect.org
Admin ID:ABM-10008350
Admin Name:Claus von Wolfhausen
Admin Organization:UCEPROTECT-Orga
Admin Street1:Postfach 23023
Admin Street2:
Admin Street3:
Admin City:Muenchen
Admin State/Province:BY
Admin Postal Code:80535
Admin Country:DE
Admin Phone:+49.1805444894208
Admin Phone Ext.:
Admin FAX:+49.1805444894268
Admin FAX Ext.:
Admin Email:_stop_spam_to_be_removed@uceprotect.org
Tech ID:ABM-10008350
Tech Name:Claus von Wolfhausen
Tech Organization:UCEPROTECT-Orga
Tech Street1:Postfach 23023
Tech Street2:
Tech Street3:
Tech City:Muenchen
Tech State/Province:BY
Tech Postal Code:80535
Tech Country:DE
Tech Phone:+49.1805444894208
Tech Phone Ext.:
Tech FAX:+49.1805444894268
Tech FAX Ext.:
Tech Email:_stop_spam_to_be_removed@uceprotect.org
Name Server:NS9.SCHLUNDTECH.DE
Name Server:NS10.SCHLUNDTECH.DE

Both domain names are listed in your name directly, and with the organization "UCEPROTECT-Orga", which I think is a rather strange name. Also, looking at your uceprotect.org website (which, for us "outsiders", is just a front page), it rather reminds me of a some sort of hacker organization. With that particular look, I must say I found it rather odd to not see the phrase "w33 p0wnz th4 w0r1d" or something along those lines.

Now, who's your employer, exactly? Yourself?

Also, I'd like to add that I've reported a small share of websites mentioned in spam messages (more than twice in any given month, actually) to Schlund.de. Does that mean you might be on a network that supports spammers as well? Given the presentation at the uceprotect.net website, I'd say they do qualify.

@mwalling:

@Claus von Wolfhausen:

That is because my employer pays me to do public relations and Google is my [only] friend
Yes, Google is your friend.
I followed the entire thread on that third link, and I'd have to say that I agreed with most of the points against UCEPROTECT in that discussion. The policies appear to be beyond abusive, and especially punitive to those who just happen to be at a same datacenter as a spammer managed to break himself into for a day (before being thrown back out).__

:lol: :lol: :lol:

This is just way too funny!

Heh Heh, Claus you've blacklisted Fastmail?

Fastmail

You know I can't believe I actually said a few positive words about you when I noticed the thread on these forums. But after doing a lot more "googleing", reading your posts it's blatantly obvious you've got a racket going on here.

No respectable Company nor Admin will use your service. Bit of advice.

1. Reality check before you "blacklist"

2. Take a class on customer relations

@Claus von Wolfhausen:

@pclissold:

UCEProtect is an extortion racket. They serve no useful purpose. If your mail is getting blocked by this, the people you are mailing need a new provider.

Sure, that is the ususal claim made by spammers.

Spammers lie.

And so do scammers, such as yourself.

As before when this came up… no one with a clue uses the uceprotect service. If you meet a user of the service then educate them on why they're doing it wrong. And if they can't learn then just laugh at them.

@sweh:

@Claus von Wolfhausen:

@pclissold:

UCEProtect is an extortion racket. They serve no useful purpose. If your mail is getting blocked by this, the people you are mailing need a new provider.

Sure, that is the ususal claim made by spammers.

Spammers lie.

And so do scammers, such as yourself.

As before when this came up… no one with a clue uses the uceprotect service. If you meet a user of the service then educate them on why they're doing it wrong. And if they can't learn then just laugh at them.
No need to even attempt to convince them, just point them to this thread, Claus does all the work for ya! :lol: :lol:

Actually, there is no need to read the thread… I only need to send them a link to their page where it says that my IP is clean, but my provider is blacklisted.

Also some other pages where they claim they do know what they are doing, and a page with all lists out there where only their level 2 and 3 blacklists me, all other lists show me clean, including their level 1. Also the multiple proxies and layer 7 gateways I use to be sure no virus and rogue traffic comes out of my net, not to mention enters.

Yeah, it is my fault that Romania is blacklisted, sure, My fault UPC Romania is blaclisted, I just need to go out there and kill every infected host and after many months perhaps I will get removed.

Now, guess what… I won't give them a penny. If an admin is stupid enough to use their list, well, he/she called it upon himself/herself.

I still feel sorry for the poor chaps that feel the urge to pay. Not to mention those that use that list… Does their employer really know the cause for which important mail never reaches company inboxes ? Saving on a free list and losing important business ??? Sheeesh, that is a very good decision to make.

85.186.159.230

That is my IP. Feel free to blacklist it forever. You will still not get a penny from me.

M

P.S. I just need to add that such a respectable company uses Paypal as the only method to pay for their "services". That really shows their intended target, small companies and individuals who cannot afford top-notch datacenters.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct