All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Another "reliable and honest" provider (aka Dudrop) using stolen emails
I got this e-mail in my spam inbox this morning from a hosting provider called "Dudrop":
I got a laugh out of seeing this on their website:
We've gained a reputation as a reliable and honest company in the last two years with most of our customers coming from referrals.
Yup. A "reputable and honest company" steals people e-mail addresses to spam and don't even give them an option to opt-out of receiving them.
I never gave them my email address, nor, did I give them permission to email me. I'm suspecting they got my email from the GVH database backup that was stolen. They seem to be a fly-by-night hosting (or as others call it here, a summer host) as the website was just put up a week ago. There's not even an unsubscribe option so there's not much I can do stop them from emailing me (except making sure they all get marked as spam).
I hope that others will see this thread before signing up with them. I mean, spamming people (without their permission) right from the start can only mean things are going to get worse for them later down the road. Also, if they're doing something that's technically illegal themselves, then they probably let their customers get away with stuff like this as well.
Comments
Repost this on WHT & report to mods http://www.webhostingtalk.com/showthread.php?t=1453813
this is one of the reasons i use Abine's Blur (it can also track where the spam originated as in which email)
https://abine.com/index.html
I contacted WHT, but it looks like they can't do anything
You should put their brand in the thread title, it'll rank better for future people Googling for the brand.
Updated
Aside from the fact that the spam is web hosting related, how does @ub3rstar know that his email address was taken from the GVH database? Did @ub3rstar create a special email address that only GVH knows?
If more than one company is aware of @ub3rstar's email address, then I suggest that @ub3rstar may be jumping to conclusions regarding the source of the spam.
Please don't get me wrong here:
Spam is bad. Even if @ub3rstar had a past business relationship with "Dudrop", then not including unsubscribe information is also bad. In addition, GVH has exhibited bad behaviors in so many ways, and it would not surprise me if GVH sold the email addresses to outsiders or if the email list had been hacked. Still, if others had @ub3rstar's email address, then any one of them could have been the source of the leak.
I can cite several examples where I created a unique email address for a company and used it once and only once, and suddenly spam started arriving at that unique email address at a later time. In a case like that, you can support a conclusion that the company did not properly secure your email address. (By the way, when that happens, the final culprit is most often a partner company that handles customer communications for the primary company. In the most recent case a few months ago, a huge US tool conglomerate had passed my email address to a local distributor.)
Some people are just too summer to write an email.
Use aliases or recipient delimiter.
Even if it wasn't from the GVH database, then who is giving Dudrop my email address or how is Dudrop getting it? It was sent to my personal GMail account so it wasn't pulled from any of my websites. Either way, I hope they start thinking twice about calling themselves "reliable and honest".
Yeah, it doesn't really matter if they directly scooped it through GVH or whether they got it from pastebin. However they acquired the addresses, it's a dubious source, and unsolicited spam.
Report them to the data center they are located in. Most places do not allow spam or spamvertized sites. You can find the datacenter by taking their IP address and running it against the whois on www.arin.com. If they aren't on an IP address issued by ARIN, it will tell you which regional registry they are with :-)
Edit: Here are their peers: http://bgp.he.net/AS54600. Looks like they might be in the Hurricane Electric data center. I would send an abuse report to each uplink provider they utilize however.
Too bad I deleted the e-mail and it was in my spam so I can't get it back
I don't have much of a case without the raw email that was sent.
A lot of providers have had WHMCS installations breached but never stated publicly it happened. Remember back about a year or so ago when WHMCS was getting hammered pretty hard, including the infamous Robert Clarke shenanigans?
That was about the time DBs were being exported and stolen
Here are the facts that I have found:
I did some digging around about DuDrop:
The overarching business appears to be Peg Tech Inc., which filed for an H1B visa for a Haiyan Zhang, CFO (of Peg Tech)
See also these links:
http://pegtech.com/products/law-enforcement-solutions/30-spam-from-peg-tech-inc
When I did traceroutes to dudrop.com, raksmart.com, aquanx.com they all went to HE in San Jose.
Without doing a lot of research, I say your spam came from a Chinese firm that is notorious for sending spam. There is no way to know how they got your email address, but there is no evidence to believe that there is any direct involvement by GVH. We all know that GVH is bad, but we cannot in fairness blame all the world's troubles on them, including this spam.
I wonder if the list was possibly sold due to "debt"?
Good digging @emg, but I can't see how it matters much if the source was GVH or just plain old email harvesting... out in the wild is out in the wild.
Thread summary: Dudrop sending unsolicited mails.
You are 100% correct.
The reason I jumped in was the OP's accusation that GVH was the likely source. Hopefully anyone considering Dudrop will notice this thread and go elsewhere.