ROKSO Home  |  ROKSO FAQs & Policies  |  About Spamhaus  |  FAQs
The Register of Known Spam Operations
Mihail Fortis

Evidence Menu:

Mihail Fortis Index

Country: Estonia
Estonian B2B spammer for hire that spams mostly people in the Baltics and surrounding countries. Obtains service on VPS and cloud hosting providers using a large number of borrowed or forged identities.

Mihail Fortis SBL Listings History
Current SBL Listings
Archived SBL Listings

Main Information

Mihail Fortis is a B2B marketer who spams on behalf of small business customers in Estonia, the Baltics, Finland, and the Scandinavian peninsula. He manages to send a great deal of unsolicited bulk email to our spamtraps for somebody who spams in languages spoken by only a few million people.

Fortis currently does business under the name, using the business name Saiake OÜ. This is the name that his customers know him by and the domain/website that they use to sign up for service.

Fortis uses a variety of names and contact information to sign up for IP space. Many of the names are Russian, and he favors Russian ISPs as of April 2016. He often pays using the Russia-based Webmoney service (, which is commonly used in Russia. (It has been compared to Russia's Paypal.)

Fortis registers the domains that he uses to spam under a large number of names. Initially he used the name "Mihail Fortis" for domain registrations, but in late 2015 he started using other names that might be aliases or might be actual persons that register domains on his behalf. Most Fortis spam is sent under a personal name rather than a business name, although certain "fronts" used to register domains recently have had businesses associated with them.

In the past this spam organization's nameservers as shown in Whois records for were often stale or did not exist, and IP ranges that sent spam did not have rDNS, but in January 2016 the Fortis operation changed some of its methods, probably because email from these IPs and domains was widely blocked due to Fortis' carelessness. Now IPs and domains usually have proper configuration for sending email.

The name "Mihail Fortis" shares a postal address with one "Alexei Petrov" (a Russian name), sometimes known of as "Aleksejs Burovs" (the Latvian equivalent). We are not certain whether Petrov/Burovs is an alternate identity or a different person. Fortis is associated with at least two business names found in the Estonian Business Registry: Euro Marketing OÜ and Scanman Grupp OÜ. Both of these businesses appear to have poor or no reputations, but we have found no direct link between them and his spamming activities.

Fortis normally uses hosting in Russia, although he has been known to use German, Czech, and Swedish hosting as well. In the past few months, he has been abusing the free and redirector services to mask the links in his spam URIs. He seems to go back and forth between spamming very dirty lists and attempting to listwash so that he doesn't hit as many spamtraps.

What we have not seen is any indication that he has ever attempted to gain permission from the recipients of his bulk email.



Saiake OÜ

Raua tn 1
Kesklinna linnaosa
10124 Tallinn
Harju maakond
Eesti Vabariik (Estonia)




Mihail Fortis

Kreenholmi 14-24
20104 Narva

Telephone: +372.58395564
Fax: +372.58395564

Email Addresses: (domain registration) (forum posts)



Euro Marketing OÜ (contact email:

Scanman Grupp OÜ (contact email:



Aivar Tihamets
Kangelaste prospekt 5-3
20305 Narva


Aleksandr Primakov

Aleksandr Trubin
Slavjanskii bulvar 12-4
121352 Moscow
Russian Federation


Daniil Alexandrovich Malinkov
Данил Александрович Маликов

Milvi Langberg
Uus-Aduri 7
74637 Allika kula
Kuusalu vald


Moonika Lensberg
Lensberg LCC
Vikerlase tanav 13
13616 Tallinn


Triinu Vats
AAA Omnikum LCC
Jaan Korti 15-3
13523 Tallinn




"Alexei Petrov":

"Alexei Petrov" posts job for translator to translate letters from
Latvian to Russian:

"Aleksejs Burovs" businesses listing:

Photo of Flats at Fortis' postal address:

Saiake OÜ:

The Register of Known Spam Operations (ROKSO) collates information and evidence on entities with a history of spamming or providing spam services, and entities affiliated or otherwise connected with them, for the purpose of assisting ISP Abuse Desks and Law Enforcement Agencies.
The address of this ROKSO record is:

The above consists of information in the public domain. The Spamhaus Project makes every effort to avoid errors in information in the ROKSO database, and will correct any errors as soon as it is able to verify the correction, but accepts no responsibility or liability for any errors or omissions, or liability for any loss or damage, consequential or otherwise, incurred in reliance on the material in these pages. The Spamhaus Project makes no warranties or representations as to the accuracy of the Information in ROKSO records. The information in the ROKSO database is for information purposes only and is not intended as legal advice of any kind.

For information on contacting the ROKSO Team regarding any factual errors in this record, see the ROKSO FAQs.
© 1998-2016 The Spamhaus Project Ltd. All rights reserved.
Legal  |  Privacy