IamCraig.com Rotating Header Image

spam mitigation

Spam from kingex.io (Kingex Crypto and Cash exchange)

Spam is frustrating. It is for me on many levels, not least of which because I run a mail server for a few thousand users. This is especially true since my company is a small hosting provider, so we have almost no leverage with the “big boys”, Google, Microsoft/Hotmail/Outlook (however they want to be known today), Yahoo, etc. The one that can’t make up their mind what they’re called has a programme called “Smart Network Data Services” but which used to be called “Postmaster Live”, but it’s as useless as tits on a bull. I’ve jumped through all of the hoops, but I still get just infuriating auto-replies and ignored when I try to interact with their system and the people behind their system. Google’s system is completely worthless and unworkable, as in order for my company to be a part of it, I’d have to create a new account for every domain we host! I can’t just sign up my mail servers’ IP addresses and deal with them that way! It’s stupid beyond belief.

But the point of these programmes/systems is for, as in the “old days” of the Internet, service providers — particularly the postmasters of said service providers — to interact and resolve issues. But the “big boys” don’t actually make any effort to “interact and resolve” anything; they just dictate how the rest of the world is supposed to interact with them, even when they’re operating outside of the RFCs, which are, essentially, the laws of the Internet.

One day I’ll write a more comprehensive post about how I think that all of said “big boys” are colluding to ensure that only they provide email service in the future, and companies like NinerNet Communications — with whom people are currently free to contract! — are shunted to the side, and encouraged to become their resellers.

But on a personal level, I myself get hardly any spam. Seriously! (Seventeen since 2021.) But when I do, I go through the roof, especially if it’s sent to one of my personal addresses, which I never give to anyone but close friends and family (I just don’t!), other than my “personal company” address, which I use to communicate with clients as well, of course. And I never enter it into a form on a website either! I have a system of rotating email addresses, and addresses I set up for individual suppliers and for specific purposes. For example, if I sign up for a Twitter account, the email address I give them is twitter123@myspecial.subdomain.com. That makes is easy to filter messages from them, and also makes it clear to me who leaked my email address if that address is spammed.

And if I’m going on a trip (as I just did), I set up an “alias” for the trip; that way I can use it for everything from plane tickets, to hotels, to entry tickets … the works! After the trip, I delete it. All of those airlines and hotels and theatres can spam me all they want — and they do! — but at the flick of a switch when I get home, all of that spam stops. Ahhhh, peace!

So after five paragraphs I should address the spam I received on Thursday from a company called Kingex, who bill themselves as a “crypto and cash exchange”. Years ago I gave up reporting spam to the email service providers from where the spam originated, and the hosts of the spamvertised websites. I used to have a very sophisticated and in-depth system for doing so — as good as if not better than Spamcop’s — but I eventually realised that it was a complete waste of time to do so … and it was a significant amount of time to do so, looking up the owners and contacts for multiple IP addresses and domains. It was a waste of time because my reports were completely ignored, and in some cases the hosts justified the spam, questioned my intelligence (“You probably just forgot you signed up for the spam”) and/or defended the spammers.

Anyway, this spam from kingex.io was sent to my personal company email address, not to one of my rotating or supplier email addresses. (I have a “personal company” email address, and a “personal personal” email address, both on their own domains, neither of which are the domain of this website.) Ironically the message included a request and a link: “Please leave us some feedback https://www.trustpilot.com/review/kingex.io”. So I thought, “What the hell, I won’t be reporting this, but I’ll give them some appropriate feedback.” And I did:

Never heard of these guys until I received spam from them a few minutes ago asking to be reviewed. So I am. Never deal with spammers.

I also perused a few of the other reviews, most of which were five (of five) stars, of course, as is typical on review websites where customers are coerced or otherwise strongly motivated into leaving reviews. But there were a few negative ones (read them yourself) where (a) Kingex representatice(s) was/were very aggressive in putting down the reviewer … which, as everyone knows, is Customer Service 101, put down any criticism with aggression.

In that vein my review received this response:

Dear customer,

We do not send unsolicited emails and do not promote our exchange services via email marketing. If you believe you received a message claiming to be from us, please provide the email address in question or contact us directly at support@kingex.io — we will be happy to investigate the matter thoroughly.

Until any evidence is presented, we consider this review an attempt to discredit our exchange service without basis.

Best regards,
Kingex Team

Because, as everyone knows, every negative review is quite clearly “an attempt to discredit our [company/]service without basis.” Yup, I’ve got nothing better to do all day than find new companies and leave them negative reviews.

Anyway, I’ve posted this here so that when I send these morons the copy of the spam I received, I will send it along with a link to this post, because on the Trust Pilot website there doesn’t seem to be a possibility of engaging in any back-and-forth, so my blog is where I will make this back-and-forth possible because Kingex will probably do all they can to have my Trust Pilot review removed. But, you know, when someone accuses you right off the bat with lying, there’s not much chance of any constructive back-and-forth. (Ironically, I see they now have another one-star review from someone else they spammed, with the same copied-and-pasted aggressive reply; see screenshot.) Here, the review cannot and will not be removed.

Oh, and their domain has been blocked on my company’s mail servers, so any future spam from them will not be delivered to our users’ mail boxes.

Kingex review and reply

Kingex review and reply.

Kingex spam complaints

Kingex spam complaints.

And here’s the spam:

Return-Path: <dumbass@kingex.io>
Delivered-To: xxxxx@xxxxx.xxx
Received: from nc036.ninernet.net (nc036.ninernet.net [127.0.0.1])
by nc036.ninernet.net (Postfix) with ESMTP id DD920C540C3
for <xxxxx@xxxxx.xxx>; Fri, 25 Apr 2025 00:54:25 +0000 (UTC)
X-Virus-Scanned: amavisd-new at nc036.ninernet.net
X-Spam-Flag: NO
X-Spam-Score: 2.787
X-Spam-Level: **
X-Spam-Status: No, score=2.787 tagged_above=-100 required=3.5
tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MISSING_HEADERS=1.021,
RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_MSPIKE_BL=0.001,
RCVD_IN_MSPIKE_ZBI=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001,
RDNS_NONE=0.793, SPF_HELO_FAIL=0.001, SPF_SOFTFAIL=0.665,
TVD_SPACE_RATIO=0.001, TVD_SPACE_RATIO_MINFP=0.85, URIBL_BLOCKED=0.001,
URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001]
autolearn=no autolearn_force=no
Received: from nc036.ninernet.net ([127.0.0.1]) by nc036.ninernet.net
(nc036.ninernet.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id
X-fluxj0TjIf for <xxxxx@xxxxx.xxx>; Fri, 25 Apr 2025 00:54:24 +0000
(UTC)
Received: from domain.com (unknown [94.26.90.29])
by nc036.ninernet.net (Postfix) with ESMTP id D05C2C540C1
for <xxxxx@xxxxx.xxx>; Fri, 25 Apr 2025 00:54:24 +0000 (UTC)
Message-ID: <252444ef1bdff5fed9e3aa01f5012a2fb46c4b@kingex.io>
From: Kingex <dumbass@kingex.io>
Subject: Best exchange
Date: Thu, 24 Apr 2025 17:54:02 -0700
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="2b81c86397537de6c56f26bd48820a7ce3"
X-Evolution-Source: 0ff2745c15978e92c527518f51fd77983813ec4b

–2b81c86397537de6c56f26bd48820a7ce3
Content-Type: text/plain; charset=”utf-8″
Content-Transfer-Encoding: quoted-printable

A BUNCH OF LINKS REMOVED

Please leave us some feedback https://www.trustpilot.com/review/kingex.io

–2b81c86397537de6c56f26bd48820a7ce3
Content-Type: text/html; charset=”utf-8″
Content-Transfer-Encoding: quoted-printable

A BUNCH OF LINKS REMOVED

–2b81c86397537de6c56f26bd48820a7ce3–


Updated, 2025-04-28: Firefox turns a bare Tiktok link into a tracking warning. I am not tracking anything.

Updated, 2025-04-28: Actually, removed most of the body of the spam message, as WordPress (Word-press?) just makes a mess of it, and all I was doing was helping to promote the spammer. Ain’t WYSIWYG great?!