No announcement yet.

Indirect spam from FlightRadar24

  • Filter
  • Time
  • Show
Clear All
new posts

  • Indirect spam from FlightRadar24

    Most of the time I create and use a unique email address (no public email provider and no webmail) for different websites, like to know exactly who is responsible for sending me spam directly or indirectly. In the last 3 days I got 3 spam emails with malware to this email address. I don't say that you sent them, but you are the only one (except me) who knows this email address, which means that you are leaking email addresses of your users somehow. Please pay more attention to how you handle our email addresses! Thanks.

  • #2
    Same here. I also got spam to an email address exclusively used here.

    EDIT: Maybe it helps narrowing down the source, here are the important headers from the spam I received (censored my email address with xxx(a)

    Received: from (unknown [])
    	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
    	(No client certificate requested)
    	by (Postfix) with ESMTPS id 7942980DAB
    	for <>; Wed, 10 Feb 2016 17:45:57 +0100 (CET)
    Received: from krause by with local (Exim 4.72)
    	(envelope-from <webmaster@xn--80akcjakgclcmadi5bfeca1o6a5cp.xn--p1ai>)
    	id 1aTXtI-00031m-CU; Wed, 10 Feb 2016 20:45:20 +0400
    Subject: DHL DeliverNow Notification Card on lost shipment ( Third Notification )
    X-PHP-Originating-Script: 519:rstoneham.php
    Date: Wed, 10 Feb 2016 20:45:20 +0400
    From: "DHL DeliverNow Network" <ewpcojvtkhsgr@xn--80akcjakgclcmadi5bfeca1o6a5cp.xn--p1ai>
    Received: from ( [])
    	by (Postfix) with ESMTP id 153B280DEA
    	for <>; Tue,  9 Feb 2016 00:47:34 +0100 (CET)
    Received: by (Postfix, from userid 5035)
    	id D399B71CCAC; Mon,  8 Feb 2016 23:46:56 +0000 (GMT)
    Subject: DHL DeliverNow Notification Card on lost shipment ( Second Notice )
    X-PHP-Originating-Script: 5035:wjm1940sr.php
    Date: Mon, 8 Feb 2016 23:46:56 +0000
    From: "DHL DeliverNow Network" <>
    (I think I already deleted the first one.)
    Last edited by mbirth; 2016-02-10, 18:58.
    T-EDDI15RasPi2 + RTL2838 USB dongle + stock antenna


    • #3
      That problem is reported and investigation is in progress.

      Here is a word from admin
      Last edited by Amper; 2016-02-10, 18:44.
      For official support use Contact Form


      • #4
        Oh, thank you. I'm not that much in the forums here, so I didn't noticed the thread. I will ask Olov via PM and if needed, send him the emails compressed. Maybe it helps.


        • #5
          I can also provide headers, if needed. From looking at them it seems like the mails were sent over hacked sites, probably their CMSes.
          T-EDDI15RasPi2 + RTL2838 USB dongle + stock antenna