Demon Internet joins the webmail hall of shame

September 17, 2005

Selected headers of a just-received advance fee fraud spam:

Received: from
  by <redacted> ...
Received: from
  by (MOS 3.5.8-GR)
  with ESMTP id CTM15721;
  Sat, 17 Sep 2005 04:55:21 +0100 (BST)
Received: from
  (MOS 3.5.8-GR)
  with HTTP/1.1;
  Sat, 17 Sep 2005 04:55:21 +0100
From: Queensley Rhoda <>
X-Mailer: Mirapoint Webmail Direct 3.5.8-GR has been listed as part of SBL16836 since June 1st, 2004 as an advance fee fraud spam source. It's also in a number of other DNS blocklists. In September of 2005, more than a year later, Demon is still perfectly willing to accept outgoing webmail from it and as a result be part of spamming us.

I am especially angered and saddened at Demon Internet joining the webmail hall of shame because there once was a time when Demon was a shining example of high quality, geek friendly, clued in ISP. If there is any ISP that should know better, I would have thought it was Demon Internet.

Time to teach our mail scanner how to determine IP origin information for yet another webmail source that is making us do their work for them. (I am not ready to refuse all email from Demon, which is my default reaction to webmail providers who make me do their work for them these days. It's tempting, though.)

Written on 17 September 2005.
« Getting a list of all objects in Python
Weekly spam summary on September 17th, 2005 »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Sat Sep 17 01:17:33 2005
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.