How did my email address get registered as a "spammer"?

softdown
softdown Solar Expert Posts: 3,812 ✭✭✭✭
For the first time ever, my forum applications are getting rejected and consecutively. I have never done anything close to spamming in any way, shape, or form. This is the message that I last received:
vBulletin Message
The username, email address or IP address you are using to register has tripped our anti spam software and your registration has been rejected. All registrations are run against a database of known spammers. If you try to register a username (or email address or from a computer) that has been used by a spammer and is in that database your registration will be rejected. Almost always, in a case like this, the problem is you are trying to register a username that is common and not unique. As a result, some spambot somewhere has used that username in the past and it is included in the database. Simply choose another username or make your username unique. If your name is Robert Smith, then instead of "Robert" for a username make it "RobertS." Contact us via the "Contact Us" page link if you believe this is in error and we'll try to help.

My "guess" is as follows. The internet is, to a significant degree, controlled by trolls and shills who seek to shut down communications that they find threatening to their efforts toward a monopoly on power and control. Many find political opinions to be extremely distasteful. Especially if those opinions differ from their own. 

However....it is what it is. One would think that a different email would not "trip" their anti-spam filters. Spam.....huh...what a tactic to shut down dissent. Already tried a different username to no avail. It would be easier for Ingsoc to drop an email address that has fallen out of favor. So that is likely what Ingsoc has chosen.

Or perhaps the use of a VPN triggered this? This is a brand new phenomenon.
First Bank:16 180 watt Grape Solar with  FM80 controller and 3648 Inverter....Fullriver 8D AGM solar batteries. Second Bank/MacGyver Special: 10 165(?) watt BP Solar with Renogy MPPT 40A controller/ and Xantrex C-35 PWM controller/ and Morningstar PWM controller...Cotek 24V PSW inverter....forklift and diesel locomotive batteries

Comments

  • mcgivor
    mcgivor Solar Expert Posts: 3,854 ✭✭✭✭✭✭
    Didn't you recently aquire a second had computer? If so, the previous user may have a spamming history attached to the IP of the computer.....not my field but just a thought.
    1500W, 6× Schutten 250W Poly panels , Schneider MPPT 60 150 CC, Schneider SW 2524 inverter, 400Ah LFP 24V nominal battery with Battery Bodyguard BMS 
    Second system 1890W  3 × 300W No name brand poly, 3×330 Sunsolar Poly panels, Morningstar TS 60 PWM controller, no name 2000W inverter 400Ah LFP 24V nominal battery with Daly BMS, used for water pumping and day time air conditioning.  
    5Kw Yanmar clone single cylinder air cooled diesel generator for rare emergency charging and welding.
  • softdown
    softdown Solar Expert Posts: 3,812 ✭✭✭✭
    edited March 2018 #3
    mcgivor said:
    Didn't you recently aquire a second had computer? If so, the previous user may have a spamming history attached to the IP of the computer.....not my field but just a thought.
    Huh....I guess that is a possibility. Though it seems like I have had the same IP for many years....it always looks very familiar though I never wrote it down. I am still using an older Windows 7 computer that has issues. Just a little less issues than my used Windows 10 computer. Not major issues....just irritating ones. Like the screen frequently freestyling from 1600 x 900 to ~400 x 240. They both do that which is another mystery.

    My reading is that the spammer list is made from email addresses and forum usernames. I have a couple suspects on who turned me in as a spammer but what can one do? The internet is a safe space for so much, yet anybody can be turned in for anything with questions rarely being asked. 

    Still....I'd like to threaten legal action on principle. The forum (city-data) started flagging me frequently right after the new President took office. No problems prior to that. They finally blocked me saying that I had "trolled again". Then citing my post. My post agreed and elaborated with a post that agreed and elaborated with an earlier post. It was certainly not trolling. I thought "No big deal, I'll just find a more conservative board." Now I am blocked every new forum I turn to.  

    I know a website that got turned into Kapersky Anti-Virus for having pornography. Kapersky dutifully flagged it for pornography without even checking. I seriously doubt that hardly anyone checks the veracity of flags. That would be work. Work is hard. 
    First Bank:16 180 watt Grape Solar with  FM80 controller and 3648 Inverter....Fullriver 8D AGM solar batteries. Second Bank/MacGyver Special: 10 165(?) watt BP Solar with Renogy MPPT 40A controller/ and Xantrex C-35 PWM controller/ and Morningstar PWM controller...Cotek 24V PSW inverter....forklift and diesel locomotive batteries
  • BB.
    BB. Super Moderators, Administrators Posts: 33,431 admin
    edited March 2018 #4
    IP Addresses are not fixed with the computer (or migrate with the computer to other service providers). They are only fixed IP for a specific ISP if you pay for it (dynamic vs static Ip addresses). The only "fixed" address is the computer's "MAC Address". That is usually only used between the computer and the first "network router/etc." device and is not carried through to the final computer you are communicating with. Some devices (like routers, Ethernet adapters) you can reprogram the MAC address for various reasons (like if you have an ISP account that uses your MAC address as the "signature" for logging into the service).

    I generally use my old Windows 7 laptop (with a few different android phone/tablets/service cellular services) with no problems--But I am only registered with ~2 forums total (this one and one other for decade or more, plus a couple of news sites that I read but don't post).

    Softdown, I looked at your user ID, email address, and IP address you used to make your last post (a cellular provider?) and nothing comes back as "questionable" in the places I use for checking out if somebody is a spammer or not. Your user name does come up in a few forums and an EU software company--But again, nothing that looks out of the ordinary.

    As I told you before, sometimes using a VPN service can come back as little bit spammy (good and bad people use VPN services to mask their activity and generally use a relatively small range of IP addresses that is shared among thousands (?) of other other users--A bad actor can "poison" an IP address/range/service provider.

    Do a search for your VPN IP address in Google and see what comes back--Spam flagging and blacklists usually comeback pretty near the top of Google search results (first page). Log into your VPN and use something like:

    http://geobytes.com/iplocator/

    To get your IP address and see what country/geographic location it come back as.

    If you use a different email address (vs here), search for that "email@xyz.com" in Google and see what comes back.

    Sometimes I think you are connecting dots that are really not connected. But I keep a pretty low profile in general and use FireFox with ublock origin, NoScript, Disconnect, cookie autodelete, etc. to avoid the usual tracking/tagging (don't have facebook/etc. social media accounts). NoScript is a bit of work to setup (many websites "break" when you turn off Java Script/etc.--So you have to white-list your bank/some forum websites.

    Also, there is something relatively new called browser fingerprinting. This is when the website can ask your browser about itself, and the returned data, while supposed to be a generic response, is actually different enough between each computer installation that it is unique enough to link together different website accesses and track a single computer as it browses the web (can be used by Facebook, etc.).

    I do not know anything specific about the following website links. I have clicked on them and they seem to be technically accurate and "safe". As always, click at your own risk (standard warning when searching for security--Never know if the security site is "real" or not, or what hidden agenda they may have).

    https://hidester.com/browser-fingerprint/ (returns information about your fingerprint)
    https://www.malwarefox.com/browser-fingerprint/ (more/different information about fingerprinting)
    http://www.thewindowsclub.com/browser-fingerprinting (more information to prevent fingerprinting for Firefox, I.E., and Chrome)
    https://panopticlick.eff.org/ (another fingerprint result service)

    For example, I use the current version of FireFox (verson 58.0.2 as of this date) for browsing, My computer comes back as 1:619 (every 619 computers in a ~1,200,000 database comes back with same fingerprint). Whereas my generic install Windows 7 Internet Explorer (Windows--I have done nothing for IE security--I use Firefox for all my browsing) browser, on the same computer, comes back as unique (~1:200,000 computer data base). (using the panopticlick web link--3rd link listed)

    One (relatively?) new feature for FireFox is an anit-fingerprinting setting. In the browser URL window type the setup command "about:config" (without "" quotes). and search for "fingerprint" and turn on:
    privacy.resistFingerprinting;true (true is "on")
    That will stop (or at least greatly reduce the effectiveness of) websites from using fingerprinting. Using TOR also greatly reduces fingerprinting too.

    And use something like "duckduckgo.com" as your default browser to stop Google from gathering even more information from you (I still sometimes double check with Google searches for more technical questions like IP address searches and such).

    Anyway--Some suggestions... What works for me, may not work for you.

    -Bill "just because you are paranoid, does not mean that they are not out to get you" B.
    Near San Francisco California: 3.5kWatt Grid Tied Solar power system+small backup genset
  • BB.
    BB. Super Moderators, Administrators Posts: 33,431 admin
    edited March 2018 #5
    And some quick articles about tracking/check up on you YOU:

    Don't take your computer in for service if there is a working hard drive:

    http://pittsburgh.cbslocal.com/2018/03/07/best-buy-geek-squad-fbi/

    Facebook iOS app hovers your data through their "free vpn":

    https://tidbits.com/article/17796
    However, tapping Protect takes you to the App Store and displays an app called Onavo Protect — VPN Security. It is indeed a VPN — a virtual private network — that securely tunnels all your traffic through Onavo’s servers. The problem is that, as you might expect from the link source, Onavo is owned by Facebook. If you were to stumble on Onavo Protect in the App Store, you’d have to tap More and read the full description to discover that. If you read all the way to the end, you’d learn that Onavo Protect “directs all of your network communications through Onavo’s servers,” and that, “as part of this process, Onavo collects your mobile data traffic.”

    WhatsApp Gets One Month to Stop Data Sharing With Facebook.

    France’s data protection authority CNIL gave a sharp warning to WhatsApp by issuing a formal notice, criticizing it for “insufficiently” cooperating. The decision comes a year after European Union privacy authorities said they had “serious concerns” about the sharing of WhatsApp user data for purposes that weren’t included in the terms of service and privacy policy when people signed up to the service.

    CNIL “decided to make this formal notice public in order to ensure the highest level of transparency on the massive data transfer from WhatsApp to Facebook Inc. and thus to alert to the need for individuals concerned to keep their data under control,” the regulator said in a statement on its website on Monday.

    Facebook faces regulatory hurdles throughout Europe over a range of privacy issues. Germany’s Federal Cartel Office in preliminary findings published Tuesday criticized Facebook’s data collection practices, saying the company abusively requires users to allow it collect data from web use beyond its site. Menlo Park, California-based Facebook rejected the German authority’s findings as giving an “inaccurate picture.”

    Using your search history, logins, mobile location, frequent buyer reward programs at your local store, using personal telephone numbers for reward programs, signing up with your email address, etc. all allow you to be tracked with a great deal of accuracy.

    And no matter how well you protect your security, there are other places where it can be broken.

    For example, people are using their cell phone text messaging/phone numbers for backup/3rd factor authorization for bank logins, etc. ... And now online thieves are convincing cell phone companies to move your cell phone line to another phone--And then filing for lost passwords to be texted to the phone. A few months ago, T-Mobile (one of my cell providers) asked their customers to put a 6 digit code on their account to help block hackers from porting their phone numbers to another phone/service.

    Verizon and "perma-cookies":

    https://www.eff.org/deeplinks/2014/11/verizon-x-uidh

    Verizon users might want to start looking for another provider. In an effort to better serve advertisers, Verizon Wireless has been silently modifying its users' web traffic on its network to inject a cookie-like tracker. This tracker, included in an HTTP header called X-UIDH, is sent to every unencrypted website a Verizon customer visits from a mobile device. It allows third-party advertisers and websites to assemble a deep, permanent profile of visitors' web browsing habits without their consent.
    https://www.pcworld.com/article/2878561/verizon-to-allow-opt-outs-of-dubious-perma-cookie-program-but-isnt-giving-up.html

    Off of my Verzion privacy settings:

    Relevant Mobile Advertising

    Verizon's Relevant Mobile Advertising program helps make the ads you see more interesting and useful. This program shares information with Oath (formed by the combination of AOL and Yahoo).

    The Relevant Mobile Advertising program uses your postal and email addresses, certain information about your Verizon products and services (such as device type), and information that you provide or we get from other companies (such as gender, age range, and interests). This information may be combined with information collected by Oath advertising services on devices you use to access Oath services and visit third-party websites and apps that include Oath advertising services (such as web browsing, app usage, and location), as well as information that we obtain from third-party partners and advertisers.

    We do not share information that identifies you personally in this program outside of Verizon other than with vendors and partners who do work for us. We require that these vendors and partners protect the information and use it only for the services they are providing us.

    The program uses online and device identifiers, including browser cookies, ad IDs from Apple and Google, and one created by Verizon, known as a Unique Identifier Header or UIDH. Unless you opt out of the Relevant Mobile Advertising program and have not opted in to the separate Verizon Selects program, a UIDH will be included in the address information of internet requests going to Verizon companies (including Oath) and to a small number of partners to help deliver services unrelated to advertising. Verizon partners are authorized to use the Verizon identifier only as part of Verizon and Oath services. More information is available about the Relevant Mobile Advertising program and the UIDH.

    You have a choice about whether to participate. If you opt out of Relevant Mobile Advertising and you have not joined the Verizon Selects program, Verizon will stop including a UIDH in traffic coming from your device. The UIDH will still appear for a short period of time after you opt out. If you are a member of Verizon Selects, the UIDH will still be present even if you opt out of Relevant Mobile Advertising.

    You also have choices about how Oath uses information for advertising purposes.

    You have to keep up on privacy to stay somewhat protected... But short of abandoning your cell phone, stop using the Internet and paying with cash... There is no easy way to keep your privacy.

    -Bill "if you cannot figure out the product, you are the product" B.
    Near San Francisco California: 3.5kWatt Grid Tied Solar power system+small backup genset
  • westbranch
    westbranch Solar Expert Posts: 5,183 ✭✭✭✭
    Thank  you BB for your work on pulling all those pieces together for us.. 
    Up here in the Great White North I, it sounds like 'luckily' I have an aversion to all this damn 'targeted ads'... like 'be the first to rate X' or how did you like the service at X,  X  being the address that you walked by, or stopped momentarily to say hi to someone you know... really aggravating..
    thanks again Bill.
     
    KID #51B  4s 140W to 24V 900Ah C&D AGM
    CL#29032 FW 2126/ 2073/ 2133 175A E-Panel WBjr, 3 x 4s 140W to 24V 900Ah C&D AGM 
    Cotek ST1500W 24V Inverter,OmniCharge 3024,
    2 x Cisco WRT54GL i/c DD-WRT Rtr & Bridge,
    Eu3/2/1000i Gens, 1680W & E-Panel/WBjr to come, CL #647 asleep
    West Chilcotin, BC, Canada
  • BB.
    BB. Super Moderators, Administrators Posts: 33,431 admin
    edited March 2018 #7
    Firfox + Ublock Origin  (Firefox add in), fingerprinting true. That is the minimum. Disconnect add-in also works well without much fuss.

    Noscript is very powerful, but you need to white list many websites for them to work properly (most news sites work ok blacklisted, but no videos and few pictures -- which can be a  good thing).

    Auto delete cookies works well, again a bit of configuration for web sites you login to.

    Lots of other options out there, mine work well for me.

    Ublock has a very nice editor that allows you to strip out ads and,  for recalled, news site sections like entertainment or sports, which clog your browser.

    It is like surfing the web in 1995... Mostly text + simple pictures and menus, almost nothing moves or flashes or audio.

    Bill
    Near San Francisco California: 3.5kWatt Grid Tied Solar power system+small backup genset
  • mike95490
    mike95490 Solar Expert Posts: 9,583 ✭✭✭✭✭
    Here's where you can test for HTTPS spoofing / fingerprinting
    https://www.grc.com/fingerprints.htm  and some more data about it.

    forum.solar-electric.com gets passed via
    *.vanillacommunities.com77:F5:28:F7:40:0F:46:AD:0E:99:B6:A5:F3:69:98:4B:B2:B7:5E:D5


    Powerfab top of pole PV mount | Listeroid 6/1 w/st5 gen head | XW6048 inverter/chgr | Iota 48V/15A charger | Morningstar 60A MPPT | 48V, 800A NiFe Battery (in series)| 15, Evergreen 205w "12V" PV array on pole | Midnight ePanel | Grundfos 10 SO5-9 with 3 wire Franklin Electric motor (1/2hp 240V 1ph ) on a timer for 3 hr noontime run - Runs off PV ||
    || Midnight Classic 200 | 10, Evergreen 200w in a 160VOC array ||
    || VEC1093 12V Charger | Maha C401 aa/aaa Charger | SureSine | Sunsaver MPPT 15A

    solar: http://tinyurl.com/LMR-Solar
    gen: http://tinyurl.com/LMR-Lister ,

  • softdown
    softdown Solar Expert Posts: 3,812 ✭✭✭✭
    edited March 2018 #9
    BB.....for what its worth, I've had my hip fractured by an "ex" Secret Service agent on April 20th, 2005 at Smoky Hill & Main St by (name redacted...BB). 365 days after some Federal agents signed off on an interest in "talking" to me about five of the ~30,000 statements I had made at elitefitness. A judge later blocked their request for a SWAT raid...much to their surprise....finding a judge who "follows the Constitution". I may have, or may not have, later met that judge. He may, or may not have  advised me to lawyer up. No lawyers will take them on...not even the ACLU. Haven't heard a threat about another SWAT raid since 2013 though. So.....only nine years of bullying, harassment, attacks, threats etc. For several very early years they were "protecting" me. That changed. 

    No lawyer will take them on. Even NSA legend Bill Binney was unable to enlist a lawyer after they staged a 6am raid on his home....with drawn weapons. Thing is....what he did was perfectly legal. What they do.......is not. But they, more or less, are the law. What you going to do? 

    Yea....I've seen the "joking" around about paranoia probably a few hundred times. Kind of like telling Kareem Abdul-Jabbar he is tall....got old fast.

    21st Century America: a "million hunters and 100,000 deer". Orwell was such an optimist. 
    First Bank:16 180 watt Grape Solar with  FM80 controller and 3648 Inverter....Fullriver 8D AGM solar batteries. Second Bank/MacGyver Special: 10 165(?) watt BP Solar with Renogy MPPT 40A controller/ and Xantrex C-35 PWM controller/ and Morningstar PWM controller...Cotek 24V PSW inverter....forklift and diesel locomotive batteries
  • mcgivor
    mcgivor Solar Expert Posts: 3,854 ✭✭✭✭✭✭
    edited March 2018 #10
    The internet is a wonderful means to research, advertise, communicate etcetera, however it can be a resource for law enforcement officers when you least expect. Some time back I imported cars from Japan to Canada for personal use, later I was transporting a motorcycle to the US to exhibit in a show, a Suzuki RG 500, a street legal 2 stroke GP bike. Was stopped at the border where customs officials ran a search on my name, they said I was a dealer and my intent was to sell the bike in the US which didn't conform to EPA regulations and red flagged the serial number and turned me back. Later I Googled my name, all the important records were posted by the seller including shipping manifests, listing me as a dealer, there were many other things including membership in professional associations, newspaper articles and non payment of traffic ticket in Oregon, I had no idea that the information was public. 


    1500W, 6× Schutten 250W Poly panels , Schneider MPPT 60 150 CC, Schneider SW 2524 inverter, 400Ah LFP 24V nominal battery with Battery Bodyguard BMS 
    Second system 1890W  3 × 300W No name brand poly, 3×330 Sunsolar Poly panels, Morningstar TS 60 PWM controller, no name 2000W inverter 400Ah LFP 24V nominal battery with Daly BMS, used for water pumping and day time air conditioning.  
    5Kw Yanmar clone single cylinder air cooled diesel generator for rare emergency charging and welding.
  • BB.
    BB. Super Moderators, Administrators Posts: 33,431 admin
    Here is an interesting Wall Street J. article on how "Facebook" puts all of your information pieces together. Note, this is from Instapundit as WSJ is behind a paywall:

    https://pjmedia.com/instapundit/291064/

    March 13, 2018

    THAT’S NOT VERY COMFORTING: Facebook Really Is Spying on You, Just Not Through Your Phone’s Mic.

    “Facebook does not use your phone’s microphone to inform ads or to change what you see in News Feed,” says Facebook.

    Yeah, sure, and the government swears it isn’t keeping any pet aliens at Area 51. So I contacted former Facebook employees and various advertising technology experts, who all cited technical and legal reasons audio snooping isn’t possible.

    Uploading and scanning that much audio data “would strain even the resources of the NSA,” says former Facebook ad-targeting product manager Antonio Garcia Martinez. “They would need to understand the context of what you are saying—not just listen for words,” says Sandy Parakilas, a former Facebook operations manager.

    I believe them, but for another reason: Facebook is now so good at watching what we do online—and even offline, wandering around the physical world—it doesn’t need to hear us. After digging into the various bits of info Facebook and its advertisers collect and the bits I’ve actually handed over myself, I can now explain why I got each of those eerily relevant ads. (Facebook ads themselves offer limited explanations when you click “Why am I seeing this?”)

    Advertising is an important staple of the free internet, but the companies buying and selling ads are turning into stalkers. We need to understand what they’re doing, and what we can—or can’t—do to limit them.

    If you must use Facebook — I’ve found it can be a real boon for promoting BillWhittle.com video segments — try deleting the app from your phone and/or tablet. Because that’s where much of the “spying” takes place.

    Instead, limit your use to a desktop or laptop, and install what I call “a Facebook browser.” Whatever browser you regularly use, install Firefox or Edge or some other browser, and use that one exclusively for Facebook.

    No, I don’t actually think they’re out to get me. But being followed around, even virtually, is inherently creepy.

    Posted by Stephen Green at 7:39 am
    Note, if you happen to have FireFox and trip over an App with paywall in its name, you may just be able to read the whole article.

    -Bill
    Near San Francisco California: 3.5kWatt Grid Tied Solar power system+small backup genset