Lately, I’ve been getting a lot of SPAM like this:

Date:   	Fri, 26 May 2006 01:41:37 -0400 [05/26/2006 01:41:37 AM EDT]
From:  	Mail Delivery System <Mailer-Daemon@my.domain>
To:  	fake_email@my.domain
Subject:  	Mail delivery failed: returning message to sender
Headers:  	Show All Headers
This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  info@agencymanagers.com
    SMTP error from remote mail server after RCPT TO:<info@agencymanagers.com>:
    host INBOUND.AGENCYMANAGERS.COM.NETSOLMAIL.NET [205.178.149.7]:
    550 5.2.1 <info@agencymanagers.com>... Mailbox disabled for this recipient

------ This is a copy of the message, including all the headers. ------

Return-path: <fake_email@my.domain>
Received: from ericptak by my.domain with local (Exim 4.52)
        id 1FdKyX-0007xZ-47
        for info@agencymanagers.com; Tue, 09 May 2006 01:41:37 -0400
To: "Lorna Leblanc" <info@agencymanagers.com>
X-Autorespond: First-level designers available for you
X-Loop: "Lorna Leblanc" <info@agencymanagers.com>
From: "Lorna Leblanc" <fake@email>
Content-type: text/plain; charset=us-ascii
Subject: Re: First-level designers available for you
Message-Id: <E1FdKyX-0007xZ-47@my.domain>
Date: Tue, 09 May 2006 01:41:37 -0400

The address you have tried sending email to does not exist.

Please update your records. 

Knowing this is spam, I decided to do some investigating.

1. First, I went to the Agency Managers homepage ^[1] to see what the site was about. Not to my surprise did I find out that it was pointed to a domain forwarder:

   
   
   

2. Next, I tried to find out someone named Lorna Leblanc. Obviously, it is either a fake name, or she is not exactly the brightest bulb in the box for leaving her name out there. I think that this is a fake name, because all I found was references to a student at Caledonia Regional High School in Hillsborough, New Brunswick, someone involved with minor league hockey, and a landlord in Rochester New York who is having problems with Section 8 tenants and her boss (she apparently works for Section 8!). This was a dead end.
3. Next, I tried a whois lookup for agencymanagers.com which was a dead end, because I got the following message:
   

   Unfortunately, this domain is registered through Network Solutions, the worst registrar (as far as WHOIS is concerned).
   They do not support WHOIS lookups from nearly ad-free sites like ours (because of the volume of hits from us), and try to force users of our site to use their ad-laden site.

   When I looked it up on Network Solutions, oddly enough the same site for the domain forwarding, I got something: A name, a supposedly real name: Malcolm Allgood, Sr. from Texas City, TX. He’s had the domain registered since November of 2001. The website is coming soon?!?!?!

4. I decided to look up the IP address 205.178.149.7 just because it was there. You have to look at all the details, and even one can lead you down a false road, or a road that leads to nowhere. This gave me a Mark Salerno, Vice President, Development & Operations of Inquent Technologies, a web hosting service from Toronto, Ontario, Canada. This is likely a dead end.
5. Back to Mr. Malcolm Allgood, Sr. from Texas City, TX. I blingo ^[2]ed him, and what did I get?
   

   AGENCY MANAGERS INSURANCE GROUP
   We are an Independent Insurance agency dedicated to serving your family’s needs. We shop many different companies so you can compare, and find the most affordable insurance to suit your particular needs. We offer all forms of insurance Auto, Motorcycle, Watercraft, Business, Homeowners, Windstorm, Flood. Many discounts are available also. We look foward to serving your family.

   This might be a dead end as well.

So, why would an insurance agency from Texas team with a web hosting service from Toronto and a woman involved with the Grande Prairie Minor Hockey Association? The world may never know.

Maybe it’s the Illuminati.

It’s a conspiracy!

It’s time wasted looking at SPAM is what it is.