ROKSO Home  |  ROKSO FAQs & Policies  |  About Spamhaus  |  FAQs
ROKSO
The Register of Known Spam Operations
PredictLabs / Sphere Digital

Evidence Menu:

PredictLabs / Sphere Digital Index


Country: United States
State: IL
This operation uses dozens of "hosting" companies as fronts to lease IP addresses which are then used to send spam. Based in Chicago, Illinois and Tangier, Morocco.


PredictLabs / Sphere Digital SBL Listings History
Current SBL Listings
Archived SBL Listings

Scripted boilerplate replies, aimed at dodging server termination


When caught spamming, they will try to blame it on a "customer" of their fake hosting sites, or possibly a "hacker".

This is all just a smokescreen to keep THEM from being terminated, so they can send out a few more day's worth of spam.

--------------------------------------------------------------------------------

Please accept our sincere apology for the late to reply you,

We have reviewed this matter and identified that it was one of the subscribers that was responsible for causing the spam complaints.

But everything is under control now as we used a confirmed opt-in system for our newsletter lists to ensure that emails are only sent to recipients who explicitly agreed to receive them and there's an easy method to opt-out (unsubscribe) whenever they decided to be removed from the list .

This way we're totally sure that there won't be any longer abuses coming from any of our servers .

We have taken action to further secure our accounts and systems and we promise you that this will never happen.

I just want to apologize for any inconvenience this may have caused.

Thank you for your understanding.

--------------------------------------------------------------------------------

Our account has been hacked by someone who was the responsible of all the spam abuses,

We are doing our best to protect our servers, and I guarantee that we are not using the server for any mass mail/spamming, it was out of our control, please to take that into consideration.

We promise you that this will never happen again and we have taken all the necessary steps to ensure that it doesn't.

We need your help to delist the Ips Please

Again, our sincere apologies.
We are looking forward to hearing from you good actions.

Have a wonderful day!

--------------------------------------------------------------------------------

Please accept our deepest apologies for the un-expected and un-intended mass spam.

We have been investigating with our professional IT team lately, and we have found that our account has been under attack from a hacker who gains the access to our account and send mass spam to our contact lists which result this issue, but we got back our account and fix this issue, and to ensure that this kind of troubles won’t happen again, we will take this following steps:

- Scanning and Removing viruses and malware
- Ensure passwords are secure
- Train our employees in email security
- Removing block machines from security network
- Removing malicious user from our data network
- Re-setting server to avoid not delivery reports

--------------------------------------------------------------------------------

Please accept our sincere apologize for this whole misunderstanding , we
have get back to our logs and emails and everything in our works and we
could resume that server might infected with a malware that is being
used to send spam.

we could remove mailserver software and block port 25 using a software
firewall in order to avoid this kind of issues in the future ,but this
is not an option unfortunately, please get the server back and we will
do our best to secure it from our end by making some changes such as

- reinstall Antivirus and Firewall
- remove/block machine from network
- remove vulnerable script from webserver
- remove malicious user from network
- reconfigure server to ignore NDRs to forged addresses/domains.

--------------------------------------------------------------------------------

Please accept our sincere apology for the late to reply you,

One hour ago or so, someone has gained access to our business e-mail account and used it to mass-mail spam links to a few hundred contacts, including these mailing lists. We have taken action to further secure our accounts and systems, and hope this doesn't happen again.

We have checked status of the server IP(s) and we found it that is Locked for Admin; Kindly to ask you for unblocking our server, we do not know exactly the issue is, but we made some technical changes to avoid such us issues at our business future, here are the last update that our IT expert made;

- Cleaning double-opt in list
- Removing blacklist emails
- Checking blacklist ALL IP(s) of the server
- Restoring and full cleaning by Anti-virus and Firewall protection service
- Removing block machines from security network
- Removing malicious user from our data network
- Re-setting server to avoid not delivery reports

We are looking hearing from you good actions

Would like to apologies for the recent unfortunate and un-intended act that resulted in the spam warning to pop up on your screen. Also I would like to assure you that this is not going to happen again in the future as we’ve taken the necessary actions in order to make sure that the sends are being monitored and sent according to the applicable rules.

We promise you that this will never happen again and have taken all the necessary steps to ensure that it doesn't.

I just want to apologize for any inconvenience this may have caused.

Fragrant regards

--------------------------------------------------------------------------------

Please accept our sincere apology for the late to reply you,

While we have caused this unpleasant experience, we are able to see where we went wrong and we have found that our business e-mail account was hacked by someone and used to send mass-mail spam to our contact, we have taken all necessarity steps to secure our accounts such as:

- Scanning and Removing viruses and malware
- Ensure passwords are secure
- Train our employees in email security
- Removing block machines from security network
- Removing malicious user from our data network
- Re-setting server to avoid not delivery reports

Please accept our sincerly apology for any inconvenience this may have caused and re-active our server. We ensure that you will not face again such problem in the future with us.

Best regards

--------------------------------------------------------------------------------

Please accept our sincere apology for the late to reply you,

As a managing part of the dedicated server I would like to apologies for the recent unfortunate and un-intended act that resulted in the spam warning to pop up on your screen. Also I would like to assure you that this is not going to happen again in the future as weâve taken the necessary actions in order to make sure that the sends are being monitored and sent according to the applicable rules, here are the details has taken below:
Quickly with the following tasks:

- Fixing all abuses
- Removing unsubscribe from the list
- Installing antivirus and scanning the whole system.

--------------------------------------------------------------------------------

Hello dear support, We are so sorry about what happened, we are a small company and we send information emails to our subscribers, we do not spam and we do not participate in such prohibited activities, but lately we have found that our account has been hacked and used to send mass spams. We promise this issues will not happen in the future, and we will be very careful for not down in such as problems. Kindly to ask you again for delisting our Ips Please. Thank you for your assistance

--------------------------------------------------------------------------------

Dear support, We promise this issues will not happen in the future, and we will be very careful for not down in such as problems. We do respect your security policy and we do not participate in spam or any other suspicious network activity. We understand that you are monitoring any activities of our servers, we promise you that the issue will never repeat again, just something out of control and permissions. We have been hacked but we promise you that we're going to fix it all. All we need now is to delist our Ips Please. Wish to hear from you good actions Thank you so much for understanding

--------------------------------------------------------------------------------

We have reviewed this matter thoroughly and identified that it was one
of our subscribers which was responsible for causing the spam complaints.

We have initiated immediate action against this offending subscriber by
cancelling the associated subscription.

To ensure that this kind of issues doesn't happen again we have
implemented stringent steps by reviewing our subscription list and
informing the existing subscriber about this

We have also started work on installing firewalls and other anti-spam
applications on our server to ensure that this in not repeated again. In
light of all this, we apologize once again to the inconvenience caused.

--------------------------------------------------------------------------------

As one of our missions ,we contact our costumers via emails to help them
to manage their services, we are sending mails to our real clients.

we have a certain list of our clients that needs our regular advice for
their different kind of advisory related work as well as their tax
calculations. if someone doesn't like to receive our mails, he should
just unsubscribe from our newsletters, and so he is immediately deleted
from our data base.

but unfortunately some of them instead of choose the unsubscribe button
they easily report our emails as spams and this is out of our hands we
cannot control that recently we have been thought of creating new
strategies or maybe new ways to get this matter dispensary by time

As we have a list of our subscribers and just after getting back the
access to the server again , we will make a synchronization to our
database to remove this subscriber for good

--------------------------------------------------------------------------------

In fact , we have already checked this matter few days ago and
discovered that the complaint was generated by one of our Opt-in
Newsletter subscribers. it has been already removed from our database
for good. also we were in middle of making a synchronization to make
sure that those kind of issues won't persist in the future. please
give turn on server for us in order to continue what we've started
earlier

--------------------------------------------------------------------------------

Thank you for bringing this to our attention , upon checking we could
resume that this issue was caused by one of our Opt-in Newsletter
subscribers, we have successfully deleted it from our database and
performed a synchronization to make sure that it completely removed so
there won't be any future communication between us.

--------------------------------------------------------------------------------

Sorry for the inconvenience caused
We do not spam. We sent informational email to existing client.
If they decide to report it as spam rather than unsubscribe (at the
bottom of the email)
is unfortunately not something we can control.
If you unblock the ips we will take those users out of our newsletter.

--------------------------------------------------------------------------------

sorry for this inconvenience, I think that we know where the problem
comes from,we have get back to our logs and emails and everything in our works and we could resume that server might infected with a malware that is being used to send spam.so please un-suspend the server and we promis you this will not happen again, we will do our best to secure it from our end.
We will be very happy to hear nice news from you.

--------------------------------------------------------------------------------


The Register of Known Spam Operations (ROKSO) collates information and evidence on entities with a history of spamming or providing spam services, and entities affiliated or otherwise connected with them, for the purpose of assisting ISP Abuse Desks and Law Enforcement Agencies.
The address of this ROKSO record is: https://www.spamhaus.org/rokso/evidence/ROK12285/

The above consists of information in the public domain. The Spamhaus Project makes every effort to avoid errors in information in the ROKSO database, and will correct any errors as soon as it is able to verify the correction, but accepts no responsibility or liability for any errors or omissions, or liability for any loss or damage, consequential or otherwise, incurred in reliance on the material in these pages. The Spamhaus Project makes no warranties or representations as to the accuracy of the Information in ROKSO records. The information in the ROKSO database is for information purposes only and is not intended as legal advice of any kind.

For information on contacting the ROKSO Team regarding any factual errors in this record, see the ROKSO FAQs.
© 1998-2019 The Spamhaus Project Ltd. All rights reserved.
Legal  |  Privacy