spam

Spam from kingex.io (Kingex Crypto and Cash exchange)

Comments are off for this post

Spam is frustrating. It is for me on many levels, not least of which because I run a mail server for a few thousand users. This is especially true since my company is a small hosting provider, so we have almost no leverage with the “big boys”, Google, Microsoft/Hotmail/Outlook (however they want to be known today), Yahoo, etc. The one that can’t make up their mind what they’re called has a programme called “Smart Network Data Services” but which used to be called “Postmaster Live”, but it’s as useless as tits on a bull. I’ve jumped through all of the hoops, but I still get just infuriating auto-replies and ignored when I try to interact with their system and the people behind their system. Google’s system is completely worthless and unworkable, as in order for my company to be a part of it, I’d have to create a new account for every domain we host! I can’t just sign up my mail servers’ IP addresses and deal with them that way! It’s stupid beyond belief.

But the point of these programmes/systems is for, as in the “old days” of the Internet, service providers — particularly the postmasters of said service providers — to interact and resolve issues. But the “big boys” don’t actually make any effort to “interact and resolve” anything; they just dictate how the rest of the world is supposed to interact with them, even when they’re operating outside of the RFCs, which are, essentially, the laws of the Internet.

One day I’ll write a more comprehensive post about how I think that all of said “big boys” are colluding to ensure that only they provide email service in the future, and companies like NinerNet Communications — with whom people are currently free to contract! — are shunted to the side, and encouraged to become their resellers.

But on a personal level, I myself get hardly any spam. Seriously! (Seventeen since 2021.) But when I do, I go through the roof, especially if it’s sent to one of my personal addresses, which I never give to anyone but close friends and family (I just don’t!), other than my “personal company” address, which I use to communicate with clients as well, of course. And I never enter it into a form on a website either! I have a system of rotating email addresses, and addresses I set up for individual suppliers and for specific purposes. For example, if I sign up for a Twitter account, the email address I give them is twitter123@myspecial.subdomain.com. That makes is easy to filter messages from them, and also makes it clear to me who leaked my email address if that address is spammed.

And if I’m going on a trip (as I just did), I set up an “alias” for the trip; that way I can use it for everything from plane tickets, to hotels, to entry tickets … the works! After the trip, I delete it. All of those airlines and hotels and theatres can spam me all they want — and they do! — but at the flick of a switch when I get home, all of that spam stops. Ahhhh, peace!

So after five paragraphs I should address the spam I received on Thursday from a company called Kingex, who bill themselves as a “crypto and cash exchange”. Years ago I gave up reporting spam to the email service providers from where the spam originated, and the hosts of the spamvertised websites. I used to have a very sophisticated and in-depth system for doing so — as good as if not better than Spamcop’s — but I eventually realised that it was a complete waste of time to do so … and it was a significant amount of time to do so, looking up the owners and contacts for multiple IP addresses and domains. It was a waste of time because my reports were completely ignored, and in some cases the hosts justified the spam, questioned my intelligence (“You probably just forgot you signed up for the spam”) and/or defended the spammers.

Anyway, this spam from kingex.io was sent to my personal company email address, not to one of my rotating or supplier email addresses. (I have a “personal company” email address, and a “personal personal” email address, both on their own domains, neither of which are the domain of this website.) Ironically the message included a request and a link: “Please leave us some feedback https://www.trustpilot.com/review/kingex.io”. So I thought, “What the hell, I won’t be reporting this, but I’ll give them some appropriate feedback.” And I did:

Never heard of these guys until I received spam from them a few minutes ago asking to be reviewed. So I am. Never deal with spammers.

I also perused a few of the other reviews, most of which were five (of five) stars, of course, as is typical on review websites where customers are coerced or otherwise strongly motivated into leaving reviews. But there were a few negative ones (read them yourself) where (a) Kingex representatice(s) was/were very aggressive in putting down the reviewer … which, as everyone knows, is Customer Service 101, put down any criticism with aggression.

In that vein my review received this response:

Dear customer,

We do not send unsolicited emails and do not promote our exchange services via email marketing. If you believe you received a message claiming to be from us, please provide the email address in question or contact us directly at support@kingex.io — we will be happy to investigate the matter thoroughly.

Until any evidence is presented, we consider this review an attempt to discredit our exchange service without basis.

Best regards,
Kingex Team

Because, as everyone knows, every negative review is quite clearly “an attempt to discredit our [company/]service without basis.” Yup, I’ve got nothing better to do all day than find new companies and leave them negative reviews.

Anyway, I’ve posted this here so that when I send these morons the copy of the spam I received, I will send it along with a link to this post, because on the Trust Pilot website there doesn’t seem to be a possibility of engaging in any back-and-forth, so my blog is where I will make this back-and-forth possible because Kingex will probably do all they can to have my Trust Pilot review removed. But, you know, when someone accuses you right off the bat with lying, there’s not much chance of any constructive back-and-forth. (Ironically, I see they now have another one-star review from someone else they spammed, with the same copied-and-pasted aggressive reply; see screenshot.) Here, the review cannot and will not be removed.

Oh, and their domain has been blocked on my company’s mail servers, so any future spam from them will not be delivered to our users’ mail boxes.

Kingex review and reply.

Kingex spam complaints.

And here’s the spam:

Return-Path: <dumbass@kingex.io> Delivered-To: xxxxx@xxxxx.xxx Received: from nc036.ninernet.net (nc036.ninernet.net [127.0.0.1]) by nc036.ninernet.net (Postfix) with ESMTP id DD920C540C3 for <xxxxx@xxxxx.xxx>; Fri, 25 Apr 2025 00:54:25 +0000 (UTC) X-Virus-Scanned: amavisd-new at nc036.ninernet.net X-Spam-Flag: NO X-Spam-Score: 2.787 X-Spam-Level: ** X-Spam-Status: No, score=2.787 tagged_above=-100 required=3.5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MISSING_HEADERS=1.021, RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_MSPIKE_BL=0.001, RCVD_IN_MSPIKE_ZBI=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_HELO_FAIL=0.001, SPF_SOFTFAIL=0.665, TVD_SPACE_RATIO=0.001, TVD_SPACE_RATIO_MINFP=0.85, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no Received: from nc036.ninernet.net ([127.0.0.1]) by nc036.ninernet.net (nc036.ninernet.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X-fluxj0TjIf for <xxxxx@xxxxx.xxx>; Fri, 25 Apr 2025 00:54:24 +0000 (UTC) Received: from domain.com (unknown [94.26.90.29]) by nc036.ninernet.net (Postfix) with ESMTP id D05C2C540C1 for <xxxxx@xxxxx.xxx>; Fri, 25 Apr 2025 00:54:24 +0000 (UTC) Message-ID: <252444ef1bdff5fed9e3aa01f5012a2fb46c4b@kingex.io> From: Kingex <dumbass@kingex.io> Subject: Best exchange Date: Thu, 24 Apr 2025 17:54:02 -0700 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="2b81c86397537de6c56f26bd48820a7ce3" X-Evolution-Source: 0ff2745c15978e92c527518f51fd77983813ec4b

–2b81c86397537de6c56f26bd48820a7ce3
Content-Type: text/plain; charset=”utf-8″
Content-Transfer-Encoding: quoted-printable

A BUNCH OF LINKS REMOVED

Please leave us some feedback https://www.trustpilot.com/review/kingex.io

–2b81c86397537de6c56f26bd48820a7ce3
Content-Type: text/html; charset=”utf-8″
Content-Transfer-Encoding: quoted-printable

A BUNCH OF LINKS REMOVED

–2b81c86397537de6c56f26bd48820a7ce3–

Updated, 2025-04-28: Firefox turns a bare Tiktok link into a tracking warning. I am not tracking anything.

Updated, 2025-04-28: Actually, removed most of the body of the spam message, as WordPress (Word-press?) just makes a mess of it, and all I was doing was helping to promote the spammer. Ain’t WYSIWYG great?!

One weird trick to avoid scams and spam

Jan 26th, 2024

by Craig.

Comments are off for this post

Forgive my clickbait title, but everyone and their dog has this one rule you must follow to avoid scams and spam … or some variation of it. Maybe it’s a top-ten list or something. They’re all valuable, to some extent, and yet every day people are duped. And now that scams are being written by AI, you can’t even count on spotting scams with broken English (or whatever your language is) and poor grammar.

But every time I read about the latest data breach I think to myself, “Thank god they don’t have my email address or phone number.” Wait, what?! How do I open accounts without giving that information?! Oh, I do, but it’s not the one email address and phone number that 99.99999% of the world give out. For that reason as well no connection can be made between accounts because each account has a different email address!

For many years I’ve operated a system of what I call “supplier addresses”. If I’m dealing with Twitter, for example — not that I use their name because they were mentioned in recent news about a data leak — I create the email address “twitter@mydomain.com”, and I only give that address to Twitter, nobody else. (I can do this, of course, because I own my own domain and use it to its potential. Here’s a clue: Stop using Gmail for everything and register your own domain!) Yes, I have the email address craig@mydomain.com (umm, that’s not the real email address, in case you’re stupid), but the only people who get that email address are my family (the ones I talk to, anyway) and friends. Nobody else on the planet gets that address, and I certainly don’t enter it into a form field on a web page and I don’t post it on the Web! This is why it drove me nuts, back in the 20th century, when people sent jokes out to everyone they knew and exposed all the email addresses in the “to” and “cc” fields! Some people still do that!

So if Twitter (in this example) sells my email address or is hacked, I know exactly who let my email address into the wild. To be frank, that hasn’t happened to me many times, but I quickly realised that it does happen, so the email addresses I create now all include a number (e.g., twitter123@mydomain.com). If the email address is compromised I just change the number and inform Twitter by changing it in my account with them and kill the old address. My numbering follows a system, but you can make your own rules.

I also use a system of rotating email addresses that change every month. I use those addresses for short-term relationships, like when you have to provide an email address to download some white paper or connect to free wifi or something like that. No problem, bud, have this address. If it does get spammed, it will only be for a few weeks, but the reality is that I almost never receive any spam that I don’t expect on those addresses because they don’t last long enough for spammers to sell, circulate and use.

For the last couple of years I’ve been doing the same with phone numbers. Well, almost the same, as I can’t create ad hoc telephone numbers on my domain. (I’m aware of ENUM, but I’m not nearly as knowledgeable about it as I’d like to be and society isn’t ready yet for phone numbers that look like 12345@mydomain.com.) I first started using VoIP (long term) in 2011 (if I remember correctly), but only in 2022 did I switch to a company where I have full control over setting up new phone numbers in multiple geographic locations as and when I please. Now I don’t give out my personal phone number to anyone except the aforementioned family and friends, I give out one of my junk phone numbers. (Actually, I make one other exception, for medical contacts.)

Do I still receive spam and attempts to scam me? OMG, of course I do! But my email and phone are not beeping every five seconds with a new one, and none of my thousands of grandchildren have called me to ask for bail money. In fact, because of my system I hardly ever have to deal with either. I know that if the email address I first used to register a domain in 1996 (now owned by AOL) was active I’d be inundated! But it doesn’t so I’m not. 🙂

There you go, my “one weird trick” that everyone can and should use to avoid spam email and scam phone calls. Maybe one of these days I’ll write a more comprehensive document on all the actions I’ve taken over the years and the nuances to protect myself. Here’s a hint though: It’s work, but it’s simple, and it’s way less work and aggro than deleting all the spam from your email and voice-mail accounts.

Samsung and Android: Out-of-box failure

Mar 28th, 2014

by Craig.

Comments are off for this post

I learnt a new term recently while doing research related to configuring my Samsung/Android tablet: Out-of-box failure. The current definition (as of this writing) on Wikipedia that applies in this case is as follows: “Out of box failure … is a negative experience a user has when installing and/or performing initial configuration on a piece of hardware ….”

In a nutshell, I am mightily disappointed in my Samsung/Android tablet.

While I have damn nearly two decades of experience being the go-to guy for computer problems among some of my friends (not to mention providing technical support to paying clients for almost that long), managing a tablet (or smart phone) is a new experience for me. I expected to run into challenges, but I didn’t expect to be let down so severely.

I remember learning about Android years ago — long before it was even released — and at the time I was excited. (Well, as excited as I get anyway.) Here was a new operating system (albeit based on an old [and good] OS, UNIX, with which I have almost as much experience as I do with Windows) that was going to allow people to turn their “dumb phones” (akin to the one-trick pony sitting on your kitchen counter: the toaster) into handheld, portable computers, just like their bigger cousins sitting on laps or desks. Not only that, it was going to create competition for the monopoly at that time — Apple and iOS — giving its users the freedom to manage their devices as they saw fit rather than as the dictatorial manufacturer saw fit. Besides the fact that I am a fan of competition, I have no love for Apple or their products. I specifically dislike the control they exert over the consumers of their products, the people who put ridiculous amounts of money into Apple’s coffers. Either you do it Steve Jobs’ way, or you can suck wind:

And yet, here I am — definitely not an “early adopter”! — with a new Samsung Galaxy Tab 3, running Android of course, and I find that I’m being railroaded into having to do things according to the Gospel of Google:

First, if you want to do anything useful with your tablet (other than read reams and reams of dire legal agreements as you run each app for the first time), you have to sign up for a Google/NSA account. If you don’t want to do that, you might as well return your tablet or use it for a paperweight, frisbee, coaster, or for skipping on a lake like you would with a stone.
Then, if you want to dump crap like Dropbox … well, you can’t! It’s a “system app”, so you can’t uninstall it. You can disable it, but only after you roll back the updates that were installed after you finally broke down and gave your name and email address to Google and the NSA.
The other thing I have found my Samsung/Android tablet is useful for is spam. Not sending spam or stopping it, but reading it. The fucking thing is always whistling at me or interrupting what I’m doing to ask me if I want to sign up for one Google service or another, or to remind me that I haven’t yet set up yet another “system app” (Peel Smart Remote in this case) that I also have no intention of ever using. Plus I’m now getting spammed by YouTube (“Happy dances around the world” for fuck’s sake), even though I keep clicking the “unsubscribe” link and even though the link takes me to a YouTube page that tells me that my “current setting” is “off”. Let me give you arseholes a tip: If you want me to use your software or service, hijacking my email account and the device for which I paid a couple of hundred dollars and generally pissing me off is a guaranteed losing strategy. This kind of shit is why, in the desktop world, the first thing I do with a new computer is “format c:” and install a fresh and unadulterated copy of the operating system to get rid of all the “crapware” cluttering the desktop and hard drive that companies have paid to have added to the system, but which is generally of little or no use to any thinking user. I suspect that once I get the hang of this, I will similarly root any future new Android device I buy (or work on) immediately.

OK, so as I think I understand it (I’m just guessing at this point in my learning experience, actually), it’s the decision of the device manufacturer to decide what apps are “system apps”, so I need to blame Samsung for that … and they (and Google) are starting to look more and more like Apple to me. This isn’t even a cell phone attached to one of the evil members of the cell phone cartel, who speciously claim that they must control what software runs on my phone — it’s just a tablet, which to me should be no different than a desktop computer when it comes to installing what I want on it — so I fail to understand why I am forced to keep apps that I have no intention of ever using, such as Dropbox and Peel Smart Remote. (Hasn’t Google learnt from Microsoft’s experience about bad behaviour like this in the latter’s various anti-trust lawsuits launched by the American and European governments?) To me this is like being forced to live with a slovenly neighbour from down the street, because the Communist Party Housing Authority said so. No thanks.

Although I have had this tablet for almost three months now, it has taken me this long to get over my feelings of loathing and dread (for all of the above reasons) and find the time to get this far in the experience, where I have finally installed my choice of web browser (Firefox, which crashes daily for no apparent reason) and anti-virus (Avast), and a crashing (because it wants to use the now disabled Dropbox) KeePassDroid so that I can actually access useful services that I use for which I need to log in. (Two out of three apps crashing; not what I would call “out-of-box happiness”.) I don’t have all the time in the world to screw around with this crap, as educating as it is, so time will tell whether or not this tablet turns out to be a productive and useful tool, or another listing on Craigslist.

It will also determine what new cell phone I buy shortly, ending my one-man, seven-year boycott of the anti-competitive cell phone industry, and a “dumb phone” (also known as a “feature phone”, although I can’t figure out why when it has only one feature!) or continuing with no phone is starting to look like a mighty attractive option right now.

Stay tuned!

spam

Spam from kingex.io (Kingex Crypto and Cash exchange)

One weird trick to avoid scams and spam

Samsung and Android: Out-of-box failure

Categories

Calendar

Bogroll

spam

Spam from kingex.io (Kingex Crypto and Cash exchange)

One weird trick to avoid scams and spam

Samsung and Android: Out-of-box failure

Tags

Categories

Calendar

Bogroll