Thank you. Added to the ignore list.

FYI, MailMunky is a spammer's e-mail harvester. Strangest spam I've ever received ... poetry from a guy who signs his e-mail "Super Genius from Outer Space" . I managed to get his free site shut down at [mailmunky.0catch.com...]
but I'm sure he'll pop up elsewhere.

Hmmm... visited the Munky's page and it says:

This site has been banned for SPAM violations. We apologize for the idiot webmaster who could not control him/her self.

That's cold!

That's Excellent!

idiotgirl,

ROTFSMKLMAOTMSSH!

So, does this mean that Epsilon Softworks is going to need a new ISP or hosting provider? Or that
they'll likely change the UA string? ... I'm trying to figure who/what got shut down, and whether I
should drop the "munky" line from my .htaccess file.

Thanks,
Jim

Yup, no doubt the Munkster is going to be on the prowl for another ISP. He is definitely harvesting e-mails, he proudly announces in his spam the URL where he gets your address.

I haven't decided yet whether this is a 12-year-old kid with no friends or a 35-year-old guy living in his parent's basement (also with no friends). But anybody who signs his spam "Super Genius from Outer Space" is certainly missing a few bulbs from his chandelier.

He's using his own e-mailer to spam.... his IP is 24.174.38.143, a high-speed account with Road Runner (cs2417438-143.houston.rr.com). Maybe I'll report him to the ISP.

FYI, here's the last spam I received from him, headers and all (my info censored out):

============================================================
Received: from xxx.xxx.xxx [xxx.xx.xxx.xxx] by xxx.xxx.xxx. with ESMTP
(SMTPD32-7.12) id AFC71A9B00DC; Mon, 26 Aug 2002 01:42:31 -0400
Received: (qmail 17375 invoked by uid 552); 26 Aug 2002 05:39:12 -0000
Delivered-To: xxx.xxx@xxx.xxx
Received: (qmail 17372 invoked from network); 26 Aug 2002 05:39:11 -0000
Received: from unknown (HELO epsilon) (24.174.38.143)
by 0 with SMTP; 26 Aug 2002 05:39:11 -0000
From: MailMunky <TestMunky@hotmail.com>
To:
Cc: MailMunky Friend <xxx@xxx.xxx>
Subject: It's Stephen
Date: Mon, 26 Aug 2002 00:39:12 -0500
X-Mailer: Epsilon SoftWorks MailMunky
Reply-To: MailMunky <TestMunky@hotmail.com>
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Message-Id: <20020826014215.SM01060@twinlark.arctic.org>
Status: U
X-UIDL: 284561739
-----------------------------------------------
Hi! It's Stephen, again!

How are you? I found you on [xxx.xxxx.xxx...] Remember?

ANYway, some people (just a very few) were angered by my last poem, though most were very happy to read it. A few bad apples, and all that...

They're trying to shut me down, but they can't take my database away from me. Or my poetry.

Here's another one (about my mother - she's dying of Alzheimers - it's really awful):

OH, THE BLACK GARDENS
March 31, 2000

she listens at the whispers
when they hasten to her door
her keen eyes upon the shadows
that make a hateful, bloody war
across her ceiling and her walls
without regard for private places
but muster in her drawers
and make within her closets
such awful, spiteful faces
for she listens with the whispers
when they cry out for revenge
for the catcalls oft returned
from beneath the wells of shade
so long harbored safe
beneath her bed
and listening to her whispers
so carefully from her chair
she may let slip her cautious grip
she may unwind
her twisted hair
she may let go all meaning
as a tumbler slips the wire
she may free fall through black gardens
where little girls dance
but never tire

My new web site (for now) is [mailmunky.0catch.com...]

My new email is TestMunky@hotmail.com

Best Regards,

Stephen
Super Genius
From: Outer Space

MailMunky Design By:

[mailmunky.0catch.com...]

============================================================

Well, it looks like the originating IP for the munky-bot that visited me and the one that sent the poetry is one and the same. However, it was the UA and Epsilon softworks' "under development" site (at the time I checked) that had me concerned. I didn't know, until BruceH was kind enough to share the munky-prose, that it appears a spammer is using the product... or maybe the munky-spammer has something to do with the product (UA) itself? Did this literary genius help develop MailMunky, or did he simply forge the UA, or customize the UA of a product made by Epsilon Softworks? It grows stranger and stranger - this rare and unusual munky-bot.

idiotgirl,

I think that this "Stephen" may be the one responsible for the UA. I think Epsilon SoftWorks is his company, and he wrote the UA and is using it to harvest e-mail addresses (among other things). He's also got another domain registered (http://www.epsilon-softworks.cc). Whois record reveals more info:

Stephen D. Huff
2001 Gemini #1806
Houston, Texas 77058
US
214-418-7589
Email: epsilon_softworks@msn.com

So maybe someone can e-mail him about his UA... but it won't be me.

Hmm... That's a Dallas area code, not Houston.

Oh well, .htaccess will take care of him for now.

Thanks all,
Jim

Most everybody knows I'm unusally overbearing in these things.

I've had no visits from munky :-(

However in regards to Road Runner?
I've had more than a dozen intrusions (which is how I refer to them when emailing a service provider) from RR with no replies.
That last intrusion in early August made me so made I denied the entire range of Road Runner IP's.
Against my better judgement
I'm might add. Since a major portion of my websites content visitors are concentrated in the eastern US. However in past months RR has been expanding their IP ranges to SOUTH and West and a few others.
While the intrusions multiply. Or at least they did ;-)

In summary it seems almost (to me at least) as if RR intruders seem to be replacing the Bell South and Bell Southwest intruders of the past. Whether they be spam or harvesters.
I cannot tell you if RR is aware of this or even has interest as long as their bandwidth and market expands.

I can tell you, RR so far doesn't care. I have RR and have had it since it first became available in my area. It's gone down hill ever since from bad email list mgmt (to this day I get emails meant for other RR users - no idea why, some is really private, like accounting etc) the minute i turn off my firewall I have several versions on nimda and a few new ones tend to popup - always fun ;)

I've talked to them time and again, 50 phone calls later, late one frustrated at the end of my rope night I found the only tech there that actually knows more than the canned responses they are supposed to serve up. That was the first and last admission of the virus problem.. his comment was along the lines that it was my problem and they were not responsible (not *his* just what he was supposed to say).