1. By continuing to use the site, you agree to the use of cookies .This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the cookie policy.Find out more.
    Dismiss Notice
  2. Dismiss Notice
  3. Follow Casinomeister on Twitter | Facebook | YouTube | Casinomeister.us US Residents Click here! |  Svenska Svenska | 
Dismiss Notice

Poll:Best Screenshot of the Month?



Candidates Revealed...Cast your vote!.
Dismiss Notice
REGISTER NOW!! Why? Because you can't do diddly squat without having been registered!

At the moment you have limited access to view most discussions: you can't make contact with thousands of fellow players, affiliates, casino reps, and all sorts of other riff-raff.

Registration is fast, simple and absolutely free so please, join Casinomeister here!

From: <mailto:everify@slotsalley.com>SPAM

Discussion in 'Casino Complaints - Non-Bonus Issues' started by mikepipe, Feb 20, 2007.

    Feb 20, 2007
  1. mikepipe

    mikepipe Dormant account

    Occupation:
    owner
    Location:
    still progressing
    i have little knowldge about identifying spammers. Just got this mail (title is nice, guess it really means "verify"... Do they send this as a testmail?
    It doesnt have any content.

    not necessary to say: never played there and never will.
    Could someone give me a SHORT lesson in tracking this?

    I should mention: I transferred it from on of my email accounts to another to see the header.



    Return-Path: <yyymikepipe>
    Received: from fwd28.aul.t-online.de (fwd28.aul.t-online.de [172.20.26.142])
    by mhead43 with LMTP; Tue, 20 Feb 2007 17:44:55 +0100
    X-Sieve: CMU Sieve 2.2
    Received: from 127.0.0.1 (ZwjE7qZDge2Nabw6qH5K2z1Lfeaa1WWp5Cu5ae4Nznr-jqKvgV-30c@[IPxxxmikepipe]) by fwd28.sul.t-online.de
    with smtp id 1HJY6W-1Z8wDY0; Tue, 20 Feb 2007 17:44:36 +0100
    MIME-Version: 1.0
    Subject: {1244d4b9-7b3b-4636-bf4a-9940802c9bec} (fwd)
    From: yyyyymikepipe
    To: <yyyyymiekpipe>
    X-Mailer: T-Online eMail 6.02.0003
    Content-Type: Multipart/Alternative;
    Boundary="__Next_1171989874_Part16__"
    Date: 20 Feb 2007 16:44 GMT
    Message-ID: <1HJY6W-1Z8wDY0@fwd28.sul.t-online.de>
    X-ID: ZwjE7qZDge2Nabw6qH5K2z1Lfeaa1WWp5Cu5ae4Nznr-jqKvgV-30c
    X-TOI-SPAM: n;1;2007-02-20T16:44:55Z
    X-TOI-VIRUSSCAN: clean
    X-TOI-EXPURGATEID: 149288::070220174455-44BAF080-56239997/0-0/0-1
    X-TOI-SPAMCLASS: Clean, Whitelisted
    X-TOI-MSGID: ca683aec-e40c-4070-bd15-bf9661361ec8
    X-Seen: false
    X-ENVELOPE-TO: <yyymikepipe>
    ---Ursprngliche Nachricht---
    From: <mailto:everify@slotsalley.com>
    To: <mailto:yyyyymikepipe>
    Subject: {1244d4b9-7b3b-4636-bf4a-9940802c9bec}
     
  2. Feb 20, 2007
  3. Casinomeister

    Casinomeister Forum Cheermeister Staff Member

    Occupation:
    Homemaker
    Location:
    Bierland
    Slotsalley is notorious for using spam as a marketing tool. They usually blame an affiliate on doing it - but they got busted out some time ago when it turned out they were using the same aff link several times in a row.
    http://www.casinomeister.com/rogue/slotsalley.php

    As for figuring out where spam is coming from - you need to be able to decipher the header. Here is a good primer:
    You must register/login in order to see the link.
     
    3 people like this.
  4. Feb 20, 2007
  5. Casinomeister

    Casinomeister Forum Cheermeister Staff Member

    Occupation:
    Homemaker
    Location:
    Bierland
    Ha ha. Now I got one. Check it out. This is the full header:

    X-Persona: <Casinomeister>
    Return-Path: <everify@slotsalley.com>
    Delivered-To: This email is not visible to you.
    Received: (fqmail 4621 invoked from network); 20 Feb 2007 17:58:49 -0000
    Received: from mx10.futurequest.net (mx10.futurequest.net [69.5.6.182])
    by pt02.futurequest.net ([69.5.6.173])
    with FQDP via TCP; 20 Feb 2007 17:58:49 -0000
    Received: (qmail 27070 invoked from network); 20 Feb 2007 17:58:49 -0000
    Received: from application.luckytraffic.com (lnd207-232-25-36.netvision.net.il [207.232.25.36])
    by mx10.futurequest.net ([69.5.6.182])
    with ESMTP via TCP; 20 Feb 2007 17:58:48 -0000
    Received: from application ([127.0.0.1]) by application.luckytraffic.com with Microsoft SMTPSVC(6.0.3790.1830);
    Tue, 20 Feb 2007 12:58:46 -0500
    thread-index: AcdVGMSjPMsHJgyHR3+U1jGD530gEA==
    Thread-Topic: {017c0e97-6575-48a6-9642-e6e4654a6b01}
    From: <everify@slotsalley.com>
    To: <me@casinomeister.com>
    Subject: {017c0e97-6575-48a6-9642-e6e4654a6b01}
    Date: Tue, 20 Feb 2007 12:58:46 -0500
    Message-ID: <1bf5001c75518$c4a37050$fd42000a@luckytraffic.com>
    MIME-Version: 1.0
    Content-Type: text/plain;
    charset="iso-8859-1"
    Content-Transfer-Encoding: 7bit
    X-Mailer: Microsoft CDO for Exchange 2000
    Content-Class: urn:content-classes:message
    Importance: normal
    Priority: normal
    X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
    Return-Path: This email is not visible to you.
    X-OriginalArrivalTime: 20 Feb 2007 17:58:46.0997 (UTC) FILETIME=[C4A37050:01C75518]

     
  6. Feb 20, 2007
  7. Casinomeister

    Casinomeister Forum Cheermeister Staff Member

    Occupation:
    Homemaker
    Location:
    Bierland
    Now, let's take this apart:

    In this section, it shows what email address sent this (in many cases it's spoofed) and shows the IP that it was delivered to. 69.5.6.182 is my server's IP.

    X-Persona: <Casinomeister>
    Return-Path: <everify@slotsalley.com>
    Delivered-To: This email is not visible to you.
    Received: (fqmail 4621 invoked from network); 20 Feb 2007 17:58:49 -0000
    Received: from mx10.futurequest.net (mx10.futurequest.net [69.5.6.182])
    by pt02.futurequest.net ([69.5.6.173])
    with FQDP via TCP; 20 Feb 2007 17:58:49 -0000


    The following is important. Here shows us where the email came from. This is usally not spoofed. Lucktraffic.com is the domain where Slotsalley, etc resides. So this is coming directly from the casino. Busted.


    Received: (qmail 27070 invoked from network); 20 Feb 2007 17:58:49 -0000
    Received: from application.luckytraffic.com (lnd207-232-25-36.netvision.net.il [207.232.25.36])
    by mx10.futurequest.net ([69.5.6.182])
    with ESMTP via TCP; 20 Feb 2007 17:58:48 -0000
    Received: from application ([127.0.0.1]) by application.luckytraffic.com with Microsoft SMTPSVC(6.0.3790.1830);
    Tue, 20 Feb 2007 12:58:46 -0500
     
  8. Feb 20, 2007
  9. winbig

    winbig Keep winning this amount.

    Occupation:
    Bum
    Location:
    Pennsylvania
    What's even more funny is the return address - everify@ ??

    Anyone with half a brain would know that replying to this email would only verify your email address so they can continue to spam you. :what:

    I like how gmail and other web-based systems now have embedded graphics turned off. If you receive spam with images in it, do not view the images! That is another sure way for them to verify a working email address.
     

Share This Page