Justin's Linklog Posts

So a few months ago, I setup a cookie-producing mailto honeypot page at foojlist.php.

Well, I just got the first bite — and it’s a live one. It’s our old friends at artprice.com. They’re a French spamhaus, operating from Saint-Romain-au-Mont-d’Or, France, and reports claim that it’s all the work of one guy — Thierry Ehrmann.

There’s lots of reports in USENET, and here’s their SBL listing, noting ‘extremely intense french spam source.’

This posting to NANAE notes that Colt France are not responding to complaints about them, either — but notes that ‘in France collecting e-mail addresses with the intention to send commercial mails without permission of the holders can be punished by law (article 226-18 of the Code Pe’nal – up to 5 years of prison or 300.000 euro)’. Interesting!

Full details of the spam, and the access_log entries from their web-scraper’s accesses, are attached.

Here’s the spam:

Received: from mail1.artmarket.com (mail1.artmarket.com [194.242.43.183])
by dogma.slashnull.org (8.11.6/8.11.6) wixh ESMTP id h8SLJZV12710
for < ( email addr deleted ) @fooj.jmason.org>; Sun, 28 Sep 2003 22:19:35 +0100
Date: Sun, 28 Sep 2003 22:19:35 +0100
Message-Id: (spam-protected)
From: A  R  T (spam-protected)
To: < ( email addr deleted ) @fooj.jmason.org>
Subject: [adv] 1700 - 2003  Story of the Art Market
MIME-Version: 1.0
Content-Type: text/html;    charset=iso-8859-1
Content-Transfer-Encoding: 8bit
<HTML><HEAD>
<TITLE>Artists search engine by Artprice TM - copyright Artprice.com</TITLE>
<META http-equiv=''Content-Type'' content=''text/html; charset=iso-8859-1''>
<META name=''UNSUB'' content=''<!--26398522_1-->''>
<META name=''ROBOTS'' content=''NOINDEX''>
</HEAD>
<BODY bgcolor=''#FFFFFF'' text=''#000000''>
<TABLE cellspacing=''0'' cellpadding=''0'' align=''center'' border=''0''>
<TR> 
<TD><IMG src="''http://web.artprice.com/img/affil.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/fs.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><A" href="''http://www.artistbiography.com/''><IMG" src="'http://web.artprice.com/img/bio.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><A" href="''http://web.artprice.com''><IMG" src="'http://web.artprice.com/img/Home.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/G.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><A" href="''http://web.artprice.com''><IMG" src="'http://web.artprice.com/img/Home.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/fs.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>A</B></TD>
<TD><IMG src="''http://web.artprice.com/img/map.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>R</B></TD>
<TD><IMG src="''http://web.artprice.com/img/HelpBlack.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/AMI/AMInsight.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><A" href="''http://web.artprice.com/corporate/EN/Visite/pages/nb.htm''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
<TD align=''center'' bgcolor=''#FF0000''><B>T</B></TD>
<TD><IMG src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/today.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/E.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>P</B></TD>
<TD><IMG src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/G.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/today.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/D.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/A.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/D.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/G.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/H.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>R</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>I</B></TD>
<TD><IMG src="''http://web.artprice.com/img/contact.gif''></TD>
<TD><A" href="''http://web.artprice.com/corporate/EN/Visite/pages/3818.htm''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/today.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>C</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/L.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/Mediums/D.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>E</B></TD>
<TD><IMG src="''http://web.artprice.com/img/map.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B>C</B></TD>
<TD align=''center'' bgcolor=''#FF0000''><B>O</B></TD>
<TD align=''center'' bgcolor=''#FF0000''><B>M</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/G.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/fs.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/contact.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/contact.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/H.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/bio.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/today.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/affil.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><A" href="''http://www.artprice.net''><IMG" src="'http://web.artprice.com/img/map.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/L.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/bio.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD" align=''center''><A href="''http://www.art-online.com''> </A></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/fs.gif''></TD>
<TD><A" href="''http://www.americanartists.com/''><IMG" src="'http://web.artprice.com/img/bio.gif'" border=''0''></A></TD>
<TD align=''center'' bgcolor=''#000000''><B><FONT color=''#FF0000''>A</FONT></B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><A" href="''http://web.artprice.com/corporate/EN/Visite/pages/arch02.htm''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/affil.gif''></TD>
<TD" align=''center''><B><FONT color=''#FF0000''>R</FONT></B></TD>
<TD><IMG src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD" align=''center''><B><FONT color=''#FF0000''>T</FONT></B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/affil.gif''></TD>
<TD><A" href="''http://web.artprice.com/corporate/EN/Visite/pages/3834.htm''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/H.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/search.gif''></TD>
</TR>
<TR>" 
<TD><IMG src="''http://web.artprice.com/img/bio.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD" align=''center'' bgcolor=''#FF0000''><B><FONT color=''#000000''>M</FONT></B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/C.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/fs.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD" align=''center''><B>A</B></TD>
<TD><IMG src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD" align=''center''><B>R</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/F.gif''></TD>
<TD" align=''center''><B>K</B></TD>
<TD><IMG src="''http://web.artprice.com/img/ps.gif''></TD>
<TD><A" href="''http://www.artprice.de''><IMG" src="'http://web.artprice.com/img/Home.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Shop.gif''></TD>
<TD" align=''center''><B>E</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/B.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ps.gif''></TD>
<TD" align=''center''><B>T</B></TD>
<TD><A href="''http://web.artprice.com/corporate/EN/Visite/pages/jb02.htm''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
</TR>
<TR> 
<TD><IMG src="''http://web.artprice.com/img/contact.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/G.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/contact.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/map.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/affil.gif''></TD>
<TD" align=''center''><B>C</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/D.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/sig.gif''></TD>
<TD><A" href="''http://www.13thcenturyart.com/''><IMG" src="'http://web.artprice.com/img/HelpBlack.gif'" border=''0''></A></TD>
<TD><IMG src="''http://web.artprice.com/img/Home.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/E.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/affil.gif''></TD>
<TD" align=''center''><B>O</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Account.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/D.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/Mediums/J.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/ind.gif''></TD>
<TD" align=''center''><B>M</B></TD>
<TD><IMG src="''http://web.artprice.com/img/Mediums/I.gif''></TD>
<TD><IMG" src="''http://web.artprice.com/img/bio.gif''></TD>
</TR>
</TABLE>
<BR><BR><BR>
<TABLE" border=''0'' bgcolor=''#FFFFFF'' align=''center''><TR>
<FORM method=get action=''http://web.artprice.com/en/artistsearch.aspx''><TD>
<A href="''http://web.artprice.com''>
<IMG" src="'http://web.artprice.com/Img/B/artprice_140.gif'" align=''absmiddle'' border=''0'' alt=''artprice''></A> 
<INPUT type=text name=searcharti size=39>
<INPUT type=submit value=''OK'' style=''CURSOR: hand''>
<INPUT type=hidden name=l value=en>
</TD>
</FORM>
</TR></TABLE>
<CENTER>
<FONT size=''1'' face=''Arial''>
THE WORLD LEADER IN ART MARKET INFORMATION - WELT-LEADER IN KUNSTMARKT-INFOS
<BR>LEADER MONDIAL DE L'INFORMATION SUR LE MARCHE 
DE L'ART</FONT>
</CENTER>
<BR><BR><BR>
<BR><BR><BR>
<BR><BR><BR>
<BR><BR><BR>
<BR><BR><BR>
<BR><BR><BR>
<BR><BR><BR>
<TABLE cellspacing=''3'' background=''http://web.artprice.com/Img/B/pixBl.gif''>
<TR> 
<TD> <FONT face=''Arial'' size=''1''>
<b>To remove</b> your email: (spam-protected)
please click below:<br><a 
href="'http://list.artaddiction.com/?m=(email_address_hidden)%40fooj.jmason.org'>
(spam-protected)
</a><br>
In" case the above link does not work you can go to<br>
http://list.artaddiction.com/<br>
or reply to this message as it is.<br>
Please allow us 72 H for your e-mail to be removed.<br>Thank you for your co-operation. </FONT></TD>
<TD><FONT face=''Arial'' size=''1''>
<b>Pour désinscrire</b> votre email : (spam-protected)
cliquez ci-dessous :<br><a 
(spam-protected)
Si le lien ci-dessus ne fonctionne pas, vous pouvez aller sur :<br>
http://list.artaddiction.com/
<br>ou répondez svp à ce message sans en modifier le contenu.<br>
Votre désinscription sera effective dans les 72 H.<br>Merci de votre coopération. </FONT></TD>
</TR><TR><TD colspan=''2''><FONT size=''1'' face=''Arial''>En conformité avec la loi 
78-17 du 6/1/78 (CNIL), vous pouvez demander à ne plus figurer sur notre 
fichier de routage.<BR>
<IMG src="'http://web.artprice.com/img/LogoArtp_90.jpg'" border=''0'' align=''absmiddle''>IX 
:28<BR>
</FONT><FONT face=''Arial, Helvetica, sans-serif'' size=''1''>Artprice.com - Domaine 
de la Source BP 69 - F-69270 St Romain au Mont D'or - RCS : 411 309 198</FONT></TD>
</TR></TABLE></BODY></HTML>

And, after decoding the address it was sent to, here’s the access_log entries the address was scraped with:

194.242.43.13 - - [26/Sep/2003:21:09:34 +0100] ''GET /foojlist.php HTTP/1.0'' 200 4066 ''-'' ''Art-Online.com 0.9(Beta)''

That’s one line from their scraping run, during which they scraped every single page on spamassassin.taint.org, including tar and zip archives, CGI scripts, everything — making 534 requests between 21:07:31 and 21:16:49.