This SBL listing is for a 'random questions' illegal spam operation identified as "X Media Partners" based in Canada and consisting of the following domains:

xmediapartners.com
extremecow.com
askmefast.com <- domain hidden behind anonymous Whois
answermefast.com <-domain hidden behind anonymous Whois
goftp.com <-domain hidden behind anonymous Whois
msn4u.net <-domain hidden behind anonymous Whois

Currently hosted at:

5/8/09 23:42:27 : 246.42 : 209.97.203.242 : goftp.com
5/8/09 23:42:28 : 250.06 : 209.97.203.243 : xmediapartners.com

xmediapartners.com : 209.97.203.243 <- SBL77368
extremecow.com : 74.53.13.27 <- SBL77369
askmefast.com : 74.53.13.27 <- SBL77369
answermefast.com : 74.53.13.27 <- SBL77369
goftp.com : 67.205.89.171 <- SBL77370
msn4u.net : 174.123.254.130 <- SBL77371

These domains are owned or operated by the same outfit and each is participating in a spamming campaign in which spam is sent out with seemingly random questions from 'innocent' users. The purpose of the spam is to trick recipients into responding to answer the questions. The questions and their responses are actually a system of gathering data to compile a series of "Answer your questions" websites run by "X Media Partners" which generate revenue from Google adverts placed alongside the answers. The purpose of the spam operation is to generate as much Google-indexed content as possible in order to reap profits from Google adverts on the pages.

The main person behind this spam operation appears to be a Canadian named "Doug Collins" who also goes as "Ryan Collins" and "Amanda Collins", of 30 Gooderham Dr., Georgetown, ON L7G5R6, CA.

When Spamhaus investigated these 'random question' spams, we found that in each case the identical questions were used by the websites above and the answers sent back by recipients who had fallen for the spams were also on these same websites. To verify this, Spamhaus answered one spam from "winstonfinancial@gmail.com". Our answer, word-for-word including intentional mispellings appeared as if by magic a few minutes later on the website www.goftp.com.

X Media Partners' illegal spam operation is conducted using a multitude of email addresses which include: petrov.gazprom@gmail.com, iris.accountants@gmail.com, mike.power200@gmail.com, andri.manager@gmail.com, petersons.production@gmail.com, teronspoons@gmail.com, winstonfinancial@gmail.com, d12treskey@gmail.com

Spam examples include:

Subject: How much does it cost to start a truck stop

How much does it cost to start a truck stop?
There are so many factors to consider. Would you be kind enough as to give me
some pointers as what to look for or avoid? Any help appreciated.
Thank you in advance.
Gratefully, Tim
----
Subject: How we write an Application of Opening Bank Account

How we write an application of opening bank account? What are the pros and cons
I should be looking out for? Please help me.
Thank you so much.
Thanks, James
----
Subject: Do i have to pay taxes on profit i make from selling my house

Do i have to pay taxes on profit i make from selling my house?
I am not sure what criteria are important. Can you please guide me. Any help would
be appreciated.
Thank you so much.
Thanks, Lacey
----
Subject: How long to wait on first time home refund

How long to wait on first time home refund? I don`t know if you are the right person to ask, but any advice/pointers you might have would be very much appreciated. Any info much appreciated.
Thank you very much.
Thanks, Kim
----
Subject: What is the average homebuyers credit score

What is the average homebuyers credit score? What things should I be considering before going ahead? Please point me in the right direction.
Thank you in advance.
Thanks, Leanne
----

To have record SBL77368 (209.97.203.240/29) removed from the SBL, the Abuse/Security representative of rackforce.com (or the Internet Service Provider responsible for supplying connectivity to 209.97.203.240/29) needs to contact the SBL Team by email (use this link) to explain how the spam problem has been terminated (we need to know exactly how the issue has been dealt with and that this spam problem is fully terminated). If the spam problem that caused this listing has been terminated we will normally remove the listing from the SBL without delay.

It is essential that emails to the SBL Team about this SBL listing include this exact ticket information in the email Subject:

If you are a representative of rackforce.com, you also need to see: Current Live rackforce.com SBL Listings