Up until today, I had respect for GoDaddy. They're the registrar for pokerfraudalert.com, and all of the other domains I own, as well.
They are reasonably priced (especially if you're good at finding coupons/specials), and their telephone support always reaches a helpful/knowledgeable person in the US.
That is... until yesterday.
On Friday, I got an e-mail from Godaddy with a spam complaint about pokerfraudalert.com. It was a form letter, but demanded a response. I did not understand what they wanted:
Dear Todd Witteles,
We have received complaints that you are involved in sending
unsolicited email messages for/from the following domain(s):
POKERFRAUDALERT.COM
If this is the case, GoDaddy requires that you cease this activity
immediately. You are also required to respond to this notification within 24
hours to address the situation. Failure to do so may lead to the suspension
or cancellation of service.
Please review our Universal Terms of Service for details on the nature of
this situation: https://www.godaddy.com/Legal-Agreem...dy&isc=gdbb644
Specifically, we recommend you review Sections 4 and 9 of this agreement.
Again, as we stated above, you are required to respond to this notification
within 24 hours to address the situation. We look forward to hearing from you.
Sincerely,
Network Abuse Department
GoDaddy
Not knowing any of the details of the spam or what they wanted me to "address", I called them and was told just to reply and tell them that I hadn't been spamming and needed more info. I wrote the following:
I have not spammed anyone.
Please give me more information about this.
We had a hacking about 3 months ago, but I fixed the situation and it has not recurred.
Please let me know the nature of the spam and its originating IP.
-Todd Witteles
In response, I got a wall-of-text form letter which did not give me all the information I was looking for. At the end of the wall-of-text, they did include the spam e-mail:
To: *******@gmail.com
Subject: This Machine Defies All Laws Of Physics
From: "Poker Fraud Alert Forums Presented by Todd Witteles" <junk@pokerfraudalert.com> Date: Fri, 17 Jan 2014 13:55:31 -0500
This is a message from Gary Lincholn ( mailto: ) from the Poker Fraud Alert Forums Presented by Todd Witteles ( <a href="http://pokerfraudalert.com/forum/">http://pokerfraudalert.com/forum/</a> ). The message is as follows:
Hi, We know that the ultimate problem that we are facing today is energy. Now here is a machine that would overcome this problem which was designed many years ago but the blueprint was suppressed by huge oil companies and including the government for a one big reason.. their own PROFIT. To know more, please visit this site: [spam URL removed]
Have a good one. Gary .
Poker Fraud Alert Forums Presented by Todd Witteles takes no responsibility for messages sent through its system.
So at this point I knew that someone was exploting vBulletin in some way to send out spam, but I didn't know how.
I e-mailed again asking for the IP of the offending spam message, just to be sure it was really coming through my forum and wasn't being spoofed in some way.
They completely ignored my e-mail and sent me the following obnoxious wall-of-text:
The bolded part is the important stuff.Dear Sir/Madam, If you are not able to give us the opt in information we have requested this places you in violation of your registration agreement and GoDaddy's anti-spam policy. More information on GoDaddy's Anti-Spam policy can be found at https://www.godaddy.com/gdshop/no_spam.asp GoDaddy has a strict anti-spam policy, as the registrant of POKERFRAUDALERT.COM you are ultimately responsible for the use of your domain name, any email mail advertisement that is driving traffic to, or creating revenue for, your website or domain name is your responsibility. This also applies to the actions of any party generating this traffic or revenue on your behalf. This includes, but is not limited to, 3rd party marketers, business partners, mailing list providers and affiliates. Please keep in mind that it is not our intention to cause anyone's business to suffer and we do appreciate you cooperating with us on this matter. Because of your cooperation and willingness to resolve this issue thus far, your services have not been interrupted, but this situation remains unresolved. We present to you the following solution to resolve this issue: First, reply to abuse@godaddy.com with a statement that you (or your employees, affiliates, 3rd party marketers, etc.) will no longer send messages to individuals that did not ask to receive information specifically from your domain name. Second, include in this statement authorization for GoDaddy to charge a $75 non-refundable administration fee to the credit card on file for your account (you may want to log into your GoDaddy account and confirm that the card on file is valid and has not expired). GoDaddy believes this solution to be a fair one that will ensure that you will correct the problem on your end, and prevent any future violations of GoDaddy's Anti-Spam policy. Additionally your services are not interrupted and your customers and affiliates are not inconvenienced. If you reply with this statement and agree to pay this fee, GoDaddy will accept this, in good faith, as proof of your commitment to correct this problem. If not, your domain name may be immediately redirected and your service suspended. Please be aware that GoDaddy will continue to monitor this situation. If in the future it is determined that this problem persists, your domain name may be immediately redirected. We do realize additional complaints resulting from this mailing may come in and we will of course consider this, and contact you before taking any action. Thank you for your cooperation. Regards, Domain Name Abuse GoDaddy Hotline 480-624-2505 ARID 1024
So basically their "compromise" was for me to promise not to spam anymore (completely ignoring my statements that I wasn't guilty and that this was the work of either a hacker or spoofer), as well as a demand that I pay $75 as a commitment that I won't be spamming anymore!
Obviously I wasn't sending them a dime.
This was awful timing because I was extremely sick yesterday (read about it here: http://pokerfraudalert.com/forum/sho...-last-24-hours ..), but
I called them immediately, afraid they would suspend PFA if I didn't act quickly.
I spoke to some bitchy young woman there who, despite looking at the message and it being fairly obvious I was hacked/exploited, kept repeating, "It's impossible to tell if you were spamming or if someone else was."
When I asked why I was not given the information I was requesting, she had no answer.
I told her that I'm a programmer and would track down this exploit once I felt better.
She said that I had until Monday (LOL 2 days) to solve it.
We then got into a frustrating time-negotiation session, where I kept asking for a week, and she slowly moved up from 2 days to 4 days, and then 5 days.
When I explained how sick I was and that it would likely take a few days to resolve, she made the obnoxious statement:
"You've been responding to our e-mails. So you're telling me you are healthy enough to answer e-mails but not solve this problem?"
I blew up at her and asked, "Do you think writing a 1-liner back to you guys on my phone is the same level of effort as going through a complicated software package and looking for e-mail exploits? Do you really think those two require anywhere near the same level of concentration? Seriously?"
She paused and said, "Okay, we will give you a week."
Today I went and found the exploit and closed it. It was something stupid in the vBulletin blog system that allowed you to "e-mail blogs to a friend", which made it incredibly easy for spammers to abuse. There is no way to turn that feature off, so I had to modify the software myself to remove it.
I e-mailed GoDaddy today with the details and hopefully they will accept it.
Zero chance I am paying them a penny for this.
Really shady, especially how they ignore my e-mails and offer me this "compromise" where they take $75 from me in order to "show a commitment" not to spam.
I bet a lot of people just pay the $75, terrified that they will lose their domain accessibility, especially businesses that can't afford any kind of service interruption.
Reply With Quote
Originally Posted by Hockey Guy
