A global spam termination operation launched by CastleCops, the volunteer SIRT Squad is comprised of folks who report spam, investigate spam, and actively work on spam takedown and termination. SIRT is funded by CastleCops. Become a SIRT Squad terminator by reporting spam today!
This is one of many, many websites of VPXL, also known as Elite Herbal, Express Herbals, Megadik, Megadick, Manster,
Spur-M, MaxGain, MaxHerbal, HerbalKing, LNHSolutions, A-Plus Herbals, etc., which advertise products to cause penile
enlargement. It is associated with the Sancash affiliate operation, which also operates Canadian Healthcare, King
Replica, and others.
Sites continue to be registered and spammed despite police raids and seizure of the computers of someone believed to be
highly placed in the Sancash operation. In any case, people purchasing these products should consider the possibility
their purchase information will become publicly available during court proceedings in the near future.
Sancash has many affiliates, all spamming for the same brands and in essence competing with one another to refer orders
to Sancash. This has resulted in their brands constituting an extremely high percentage of all the spam clogging
inboxes.
The cashfade.com site claims:
>What you can expect
>60 Pills Of VPXL = 1 Months Supply
>
>First month you will notice an increase in
>penis size of up to 1/2 inch, you will also
>notice an increase in sexual desire, stronger
>erections and more enjoyable sex.
>
>Second month you will notice an increase in
>penis size of up to 1 inches, plus an
>increase in Girth (Width) of 5%, plus all
>the benefits of the first month.
>Third/Forth month you will notice an increase
>in penis size of up to 3 inches, plus an
>increase in Girth (Width) of 10%, plus all
>the benefits of the first month.
>Fifth/Sixth month you will notice an increase
>in penis size of up to 4 inches, plus a
>increase in Girth (Width) of 20%, plus all
>the benefits of the first month.
Those are pretty specific health claims for an herbal product. That would put them under the jurisdiction of the Food
and Drug Adminstration in the U.S., requiring them to prove the safety of their product, to conduct well-designed
studies to substantiate claims of efficacy, and to prove that all the ingredients and their quantities listed on the
label are accurate. The site claims the pills are manufactured in an FDA-approved laboratory; obviously they aren't
referring to the US FDA. Their site mentions research but does not cite any publications.
Simon Cox of the BBC investigated these brands and ended up speaking on the phone with someone who identified the
company as Tulip Lab Pvt., India. The product they purchased during that investigation for $70 contained no active
ingredients, and the bottle he received didn't even claim to effect penile enlargement.
http://news.bbc.co.uk/1/hi/magazine/7140449.stm
The author of the blog spaminmyinbox.com also traced Elite Herbal spammed sites to Tulip Lab via their ordering process.
Tulip Lab is attempting to silence him via a court proceeding in India, although how that court has jurisdiction where
he is located, in Denmark, is unclear.
http://www.spaminmyinbox.com/
http://ikillspammers.blogspot.com/2007/12/elite-herbal-genbucks-sancash-and-tulip.html
cashfade.com also claims
>FACT: In a recent survey by Durex Condoms,
>67% of all women admitted that they are
>unhappy with their partner's penis size.
>This proves that size really does matter.
Actually, the Durex Sexual Well-being Global Survey results are here (Turn off Javascripts to view text versions on
single pages):
http://www.durex.com/cm/sexual_wellbeing_results.asp
http://www.durex.com/cm/sexual_wellbeing_results_part2.asp
http://www.durex.com/us/gss2005result.pdf
The FACT is that the survey doesn't mention anything about penis size being important to women.
These spam emails violate the US CAN-SPAM act by failing to label the email as advertising or as having adult content,
by having forged "from" addresses, by failing to provide the physical address of the sender or a means of
unsubscribing, by mailing through open proxies without that server's owner's permission, and by sending to email
addresses harvested from websites by webcrawling bots, as evidenced by their being sent to spamtraps (email addresses
posted on the internet but never used for real email communication).
Spamhaus information on this IP address:
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL65849
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL66862
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL67180
The spam email submitted for this report originated at IP address 77.38.216.168, which is in Latvia. The forged
"from" address was "Karin Hooker" <linmarstarmet[at]marstar.de> in Germany.
77.38.216.168 is listed with the Composite Block List (CBL) as being infected with malware:
http://cbl.abuseat.org/lookup.cgi?ip=77.38.216.168
>IP Address 77.38.216.168 is currently listed in the CBL.
>
>It was detected at 2008-08-23 15:00 GMT (+/- 30 minutes),
>approximately 2 hours ago.
>
>ATTENTION: At the time of detection, this IP was infected
>with, or NATting for a computer infected with a high volume
>spam sending trojan - it is participating or facilitating a botnet
>sending spam or spreading virus/spam trojans.
>
>ATTENTION: if you simply repeatedly remove this IP address
>from the CBL without correcting the problem, the CBL WILL
>stop letting you delist it.
>
>This is the Cutwail BOT
>
>You MUST patch your system and then fix/remove the trojan.
>Do this before delisting, or you're most likely to be listed again
>almost immediately.
>
>If this IP is a NAT firewall/gateway, you MUST configure the
>NAT to prevent outbound port 25 connections to the Internet
>except from your real mail servers.
Handler Note: 23 Aug, 2008 17:00:24
AlphaCentauri: Generated and sent email spam alert to respective parties.
