McAfee uses third party to spam advertisement for their site. When attempting to complain, it is evident that McAfee doesn't even follow RFC standards regarding contact e-mail addresses.
From: security curmudgeon (jericho[at]attrition.org) To: firstname.lastname@example.org Cc: Declan McCullagh (declan[at]well.com), errata submission (errata[at]attrition.org), Thomas C. Greene (tcgreene[at]bellatlantic.net) Date: Mon, 18 Aug 2003 13:57:03 -0400 (EDT) Subject: You spam.. offer no abuse@ and no postmaster@ ... You are *exactly* why the Internet is a cesspool. When "security" companies resort to spamming to sell their products, they have violated the last shred of ethics they may have had. Worse, putting up these domains and not following RFC standards for e-mail contacts such as abuse@ and postmaster@ is a cheap way to try to hide from the complaints you clearly knew would pour in. Follow RFC 2141, RFC2821/4.5.1, and quit sending unsolicited commercial advertisements. ---------- Forwarded message ---------- From: Mail Delivery Subsystem (MAILER-DAEMON) To: jericho[at]attrition.org Date: Mon, 18 Aug 2003 13:41:24 -0400 Subject: Returned mail: see transcript for details The original message was received at Mon, 18 Aug 2003 13:41:19 -0400 from jericho@localhost ----- The following addresses had permanent fatal errors ----- (email@example.com) (reason: 550 5.7.1 (firstname.lastname@example.org)... Relaying denied) ---------- Forwarded message ---------- From: Mail Delivery Subsystem (MAILER-DAEMON) To: jericho[at]attrition.org Date: Mon, 18 Aug 2003 13:34:21 -0400 Subject: Returned mail: see transcript for details The original message was received at Mon, 18 Aug 2003 13:33:53 -0400 from jericho@localhost ----- The following addresses had permanent fatal errors ----- (email@example.com) (reason: 550 5.7.1 (firstname.lastname@example.org)... Relaying denied) ---------- ORIGINAL SPAM ---------- From: security curmudgeon (jericho[at]attrition.org) To: email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org Date: Mon, 18 Aug 2003 13:33:52 -0400 (EDT) Subject: SPAM: Were you protected from the Microsoft and Cisco vulnerabilities? (fwd) This is unsolicited ambulance chasing spam. The alias this was mailed to never signed up to any list, never "opted in" to receive your spam, etc. Welcome to Errata (www.attrition.org/errata/) [Original spam included]
Return-Path: (email@example.com) Received: from mail1.1stmail.com (ns1.1stmail.com [126.96.36.199] (may be forged)) by forced.attrition.org (8.11.6/3.8.9) with ESMTP id h7IHP5X14089 for (webmaster[at]attrition.org); Mon, 18 Aug 2003 13:25:06 -0400 Received: from localhost.localdomain (mail1.1stmail.com [188.8.131.52]) by mail1.1stmail.com (8.11.6/8.9.3) with ESMTP id h7IHOHn03663 for (webmaster[at]attrition.org); Mon, 18 Aug 2003 13:24:32 -0400 Message-Id: (200308181724.h7IHOHn03663@mail1.1stmail.com) Content-Disposition: inline Content-Transfer-Encoding: 7bit Content-Type: text/plain MIME-Version: 1.0 X-Mailer: MIME::Lite 2.117 (F2.6; T1.005; B2.11; Q2.03) Date: Mon, 18 Aug 2003 17:24:17 UT From: "McAfee Security" (firstname.lastname@example.org) To: "Hugh G. Rection" (webmaster[at]attrition.org) Subject: Were you protected from the Microsoft and Cisco vulnerabilities? X-Spam-Status: No, hits=3.6 required=4.8 tests=DEAR_SOMETHING,EXCUSE_3,REMOVE_FROM_LIST,REMOVE_SUBJ version=2.54 X-Spam-Level: ooo X-Spam-Checker-Version: SpamAssassin 2.54 (184.108.40.206-2003-05-11-exp) Dear IT Professional: As you may know, Network Associates(R) and McAfee(R) are committed to providing you not only with great products that protect your network, but also with expanding the scope of what we can offer. Recently, we have expanded our capabilities to deliver the industry's first network and system intrusion prevention solutions to detect and block known and unknown threats, like the recent Microsoft RPC or Cisco Systems IOS vulnerabilities. The effects of these threats could allow hackers to seize control of computer systems, where they could steal data, delete files, or eavesdrop. But with McAfee Protection-in-Depth(TM), our proactive approach to network and system protection, now you can identify vulnerabilities and block attacks before they happen. McAfee IntruShield(R) Network Intrusion Prevention http://www.networkassociates.com/us/products/sniffer/network_intrusion_prevention/category.htm The next-generation McAfee IntruShield delivers highly accurate detection and real-time intrusion prevention. The innovative McAfee IntruShield architecture integrates patented signature, anomaly and Denial of Service (DoS) detection techniques on a purpose-built appliance to protect even the most demanding networks from the threat of known, unknown and DoS attacks. McAfee Entercept(TM) Host Intrusion Prevention http://www.networkassociates.com/us/products/mcafee/host_intrusion_prevention/category.htm McAfee Entercept provides enterprise-class, system-based intrusion prevention. McAfee Entercept is manageable, cost-effective and capable of defending critical assets from malicious attacks such as buffer overflows and worms. We're excited to bring you these best of breed solutions that provide robust, multi-layered, scalable protection for your network perimeter, network core, servers and applications. Our new McAfee System and Network Protection Solutions will not only help protect against next generation attacks, but will also free up your security staff to focus on what they need to. To take full advantage of these industry-first intrusion prevention solutions, we encourage you to call us today at 1-888-847-8766. The sooner we can talk with you about all that we can bring to your network, the sooner you can ensure that your network is fully and proactively protected. We look forward to hearing from you soon, so we can put you in contact with your dedicated McAfee Security Specialist. Sincerely, McAfee Security www.mcafeesecurity.com Entercept, IntruShield, McAfee and Network Associates are registered trademarks or trademarks of Network Associates, Inc. and/or its affiliates in the US and/or other countries. Sniffer(R) brand products are made only by Network Associates, Inc. All other registered and unregistered trademarks in this document are the sole property of their respective owners. (c) 2003 Networks Associates Technology, Inc. All Rights Reserved. To be removed from our mailing list, please send an e-mail to: mailto:email@example.com and type REMOVE in the subject line.