How to warn a site of a threat?

[irlandes]

This is not exactly a Linux question, so perhaps an answer is a suggestion where I can ask it.

I am trying to find a way to contact a forum administrator.

www.foro-mexico.com

I am an active participant on part of this forum which has a sub-forum for every municipality in Mexico, which means a huge number.

The e-mail for the administrator is foro-mexico@foro-mexico.com but the mail comes back, no such address known. It did work at one time.

The board is shown on whois as registered in France, and that IP says it has 13 sites on it, if I pay $20 they will sell me the list, but there is no guarantee that would give me a mail anyway. I believe the operators are in Spain, but can't remember what told me that.

Some brain-dead came on, assumed because I am a heavy poster that I own the board, and DEMANDED I give him the passwords so he could 'improve' the board. I told him I am not an official, at which time he said, well, he actually wanted to work on another board for the same community. This asking on an unrelated board was a clue to his state of mind.

We told him who owned the other board, and I gave him an address for that person, who I am guessing told him to go pound sand. Why would a builder of a home page give an unknown person his passwords?


He got angry, said we are apprentices, and said he was going to 'jaquear' (hack) the boards and apparently mess them up. He insisted I was the same person who owned the other board, ignoring the fact I am well known in this town, and so is the other man.

Anyway, I'd sure like to communicate with the operators, but have found no other address than the bad one. They do not seem to read postings so that doesn't work either.

Is there any method by which one can trace site operators? They do record IP's of posters, unless he used a proxy but only the operators can see them.

Or, where can I go to ask this question? Thanks.

[bwkaz]

There are RFCs (...he said, without knowing what they are...) that strongly recommend making a webmaster@ email address available for any domain that hosts web pages. So it *might* work to use that address.

Of course, because lots of sites did that, that address is also targeted for spam, a *LOT*. So some (IMO dumb) site admins have taken that address down.

It *may* also work to notify abuse@ (if that address is valid; it has the same problem as above).

Let's see what's in whois... Ah, this might work as well (though I'm not too hopeful). A technical contact is listed at http://www.enom.com/whois/Whois.aspx...oro-mexico.com -- assuming that address actually works, that might be good as well.

[irlandes]

Hey, thanks. Today is market day here in the mountains of Mexico, which is when 10 acres of rocks becomes a gigantic shopping mall and where we buy our goodies for the week, so it will have to wait until this afternoon. But, this is the sort of thing I was hoping for.

I did try webmaster@foro-mexico.com but never thought of abuse@. And, just in case, I may try it in Spanish, whatever abuse is. My trusty E-Sp dictionary should know.

I will also try that other link.

Thanks for taking the time to type in an answer. If nothing works, the studly hero will have to make himself known by the usual disastrous means.

But, at least you have given me some things to try.

[irlandes]

I sent a new message to all suggested possibilities, and also to

info2REMOVETHESELETTERS@dnbuy.com (info2@dnbuy.com).

I got this error message:

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

abuse@foro-mexico.com
all relevant MX records point to non-existent hosts
abuso@foro-mexico.com
all relevant MX records point to non-existent hosts
webmaster@foro-mexico.com
all relevant MX records point to non-existent hosts
foro-mexico@foro-mexico.com
all relevant MX records point to non-existent hosts


So, info2@dnbuy.com must be a good mail, though I am not sure it will be a contact.

Now, to wait and see what happens.
Thanks for trying.

[bwkaz]

Oh nice, broken DNS records. Good job, whoever put together that site. Sigh.

Yeah, looks like "mail.foro-mexico.com" (which is what the MX points to) doesn't resolve. Oops.

Hopefully the other address worked...

Er, hang on, wtf? The whois page that I linked to last time no longer has an email for the technical contact? For one, that's against ICANN rules, but for two, who deleted it? Sheesh. (It was some random string at a domain that sounded like they were doing whois-privacy operations. But since I can't remember the random string -- or the domain, actually -- it's kinda hard to repost the address. )

[irlandes]

Thanks, yeah, that was my observation, they are a sorry operation.

The URL has a forum page for virtually every municipality, town of any size, in the nation of Mexico. One can upload photos.

The workers (aka generally known as illegals ;D) use the forums to communicate with their neighbors and friends at home. I am retired, and have a hobby of taking family pictures and sending them north by e-mail when someone requests them.

In one case, there had been no pictures for 18 years. Three brothers had never seen their now 15 year old brother, and I was told they got real emotional when they got the pictures I sent.

Another case, was 13 years, and they sent the kids, U.S. citizens by plane alone from Florida to Mexico City for family to pick up, and I went to the birthday party for the 10 year old.

So, this is not a URL I can just abandon if it were only me.

But, in this case it looks like a lost cause. I wonder if they deleted the contact because I used it. The mail did go away and not come back, so someone got it.

Well, we gave it the old college try. Thanks all for advice.

[leonpmu]

Maybe this info will help you, I used www.netcraft.com to get it..

http://toolbar.netcraft.com/site_rep...oro-mexico.com

[irlandes]

I did send mails to all the possibles. The only one that didn't come back immediately was the address listed on whois.

I got no direct response, but a few days later, the bad address for admin on each page was gone. Someone told me the contact e-mail for whois was also deleted.

And, I am again authorized to upload photos.

So, unless there is a coincidence, I would say someone talked to someone.

Still, pretty cheesy not to have an abuse address to report. In this case, a nut was threatening to hack the system.

Thanks. I had most of that information, but appreciate the effort.

I don't like foro-mexico, but am a captive audience because that is where so many workers go for contact.