Email spoofing from OZHealth and DrOZNetwork Newsletter

I have my sites hosted with and since a while I have a high file usage, mails with unknown
addresses undelivered in my inbox and a high amount of cron-jobs with my blogs. This month was the amount
of undelivered mails so many, with addresses which not mine, that I have written a support ticket.

The most of this mails were sent from OZHealth and DrOZNetwork Newsletter with fictive addresses and
my server.


My host support means, this company spoof my domain:

E-mail spoofing is the forgery of an e-mail header so that the message appears to
have originated from someone or somewhere other than the actual source.

Distributors of spam often use spoofing in an attempt to get recipients to open,
and possibly even respond to, their solicitations.
Unfortunately that is technical
realization of SMTP protocol, as well as settings of some mail sending systems, that allows
editing of headers of messages, for spoofing.

Spoofing is possibly the most frustrating abuse issue to deal with, simply because it
cannot be stopped. Spoofing is similar to hand-writing many letters, and signing someone else's
name to it. You can imagine how difficult that would be to trace.


I searched about this and found a lot of articles also a legal notice about spoofing:

Email Spoofing. Email spoofing is a serious computer crime with a likelihood of imprisonment.
Unfortunately because email spoofing is typically sophisticated, the government is likely to
arrest the innocent individual whose email address has been spoofed. Moreover, many attorneys do
not have the background and/or knowledge to successfully defend a person accused of email spoofing.
Someone accused of email spoofing needs the expertise of a strong computer crime defense attorney.

Email spoofing accusations fall under Email SPAM laws. (See table below.) A spoofed email may
appear to be from a lawful source, but it’s typically malicious in nature and contains defamatory
or damaging information, or it may ask for personal information, passwords, credit card numbers,
and other personal information, or it may offer a business proposition in which the sender offers
to pay a certain amount and sends a fraudulent check for many times the agreed upon amount with
the purpose of the receiver to send a refund with a lawful check in which the receiver has to
eventually reimburse the bank.

How do I protect my site from thieves?

This year has been stolen from me a lot. In particular, it was mainly WordPress themes and graphics for online marketing.

In most cases, my website has been downloaded and than the thieves have all the links available, or they go with the Web Developer Tool by the browsers .

The latest case has been made by an insider, who knows my program with which I have encrypted the download link.

I have protected my pictures folder with a blank index.html, no single file is displayed when you select this directory.

Also the download directory have a blank index.html and the content is not displayed, however, if someone has a direct link to the directory, he can download the file. After it is remarkably often happens this year, I let the download run through a script that protects me from theft and a database will store the movements. What I have forgotten here, my mistake, even if the movements are stored, I would have to protect the download directory with a blank index.html and promptly has a struck again.

In recent years, I had after all deserves so much that I could pay my host, this year is stolen in the first place, even if the item only costs $ 1.00 .

The surest way to protect its contents is probably still it to store outside of public_html or release the downloads only after payment via email.

Account suspended … … 36 month experiences


I started 2009 and stayed with Vodahost till 2012. I came to this host through the script BlueVoda Website Builder, which isn't bad also when I work with Dreamweaver, me interested the html codes.

From October 2009 till March 2010 I used and my new site for the testing of some scripts, but than was hacked my other site hosted with and I took my friends email addresses to Means my pure static site was now filled with live events and the scripts installed began to work.

I would say this was to much for and his support. The result was a endless series of support tickets, Vodahost blocked my databases, emails discarded, two times I had a suspended account, often I couldn't access to my webmail, cpanel or something upload, my site was often down. The last year Vodahost changed his server to Litespeed and I couldn't access to one of my important scripts, this was it, better Vodahost took the chance and my site was again static, since this time and till the end of contract my site was online without problems. Here is the opinion of two programmers:

In a litespeed server , a 503 could mean various problems.
Their blog works so it's not a server side or PHP problem I think.

Only thing I am thinking is server controlling the mysql connections and
memory usage by the script and outputting the error.

Yes, it's either resource restriction or certain PHP modules missing.
But in any case it's difficult to fix it without root access.

A answer of this outstanding, award winning (?) support:


We can deal with you any longer, you are too problematic, please do not renew your account and find a new web go find a new web host.


Always at your service.

But this was harmless, normally this member of the support forget who he and who the customer. Two other answers of this support:

It does not matter what we offer other customers. YOU "Irmgard Hartmann" are banned form sending out bulk emails...Its personal ban against your account..We do not want "Irmgard Hartmann" to send out any, none, nada, zilch, Get it????? You have been flagged as a spammer...You are never sending out email from our servers again...their are no second chances....

read # 3

why don't you check out

Always at your service.


My answer as always, when this came in this manner and it was often:


….I have an opt-out link in my mail and a message, if the member don't want no more a mail from me, can he/she every time opt-out. So it is legal and in the can-spam rules, when you banned me it is something other. .....

First search of my ... by ZEN, my domain isn't a reported spammer.

the proof please!

By the way I have done the conversation to my ... and he gave me the information that there is nothing?

You go against your own written contract and AUP, with your manner to handle this. I think you know that.

January 31, 201110940 domains-40 domains
January 24, 201110980 domains-44 domains
January 17, 201111024 domains-57 domains
January 10, 201111081 domains-69 domains
January 3, 201111150 domains-9 domains
Quick and brief overview of few months from previous years
December 27, 201011159 domains-63 domains
December 20, 201011222 domains-207 domains
December 28, 200911429 domains-9 domains
December 21, 200911438 domains-1479 domains
December 29, 200812917 domains-81 domains
December 22, 200812998 domains

There two versions for that, first your kind to handle with a customer or second you didn't have enough server capacity.

How many more times must we tell you that you are banned from sending out mass emails...we have told you 10 times already...when will you understand?? when we tell you 20 times??? Or maybe 30 times.

Always at your service.


This was to much for me, my answer:



Who you are?

We have a contract, dear Admin, in this contract is written that I can send emails 500/h.

Someone (?) isn't of the right way and see the support as little place to play his private war?

It's, OK, for you and I have to smile 🙂

but I repeat my rights as long our contract stay and you don't pay in return.



I left Vodahost with the end of my contract and had unsubscribe by Bluevoda.

503 service not available … Server

One of my scripts didn't run. The message for the Error was

'503 service not available'.

I couldn't access and nobody couldn't opt-in for something
free on my site. I asked my developer of the script for help.


The logs here says recording of script running.
Doesn't say errors or anything on script side.


I am going through a detailed look on this issue
and enabled required modules to correct this.
I have noticed following errors from server logs
and trying to correct this now. Please share the
error with developer and make sure it is not
development/version compatible issue.

> -----
> 2012-05-27 00:31:59.918 [INFO] > [] connection to
> [/tmp/lshttpd/APVH_xxx.com_Suphp.sock.531] on request
> #0, confirmed, 1, associated process: 31277,
> running: 0, error: Connection reset by peer!
> 2012-05-27 00:31:59.984 [INFO] > [] connection to
> [/tmp/lshttpd/APVH_xxx.com_Suphp.sock.531] on request
> #0, confirmed, 1, associated process: 31278,
> running: 0, error:
> Connection reset by peer!
> 2012-05-27 00:31:59.984 [NOTICE] > [] Max retries has
> been reached, 503!
> 2012-05-27 00:31:59.984 [NOTICE] > [] oops! 503 Service
> Unavailable
> 2012-05-27 00:31:59.984 [NOTICE] > [] Content len: 0,
> Request line: 'GET /Responder/ HTTP/1.1'
> 2012-05-27 00:31:59.984 [INFO] > [] File not found
> [/home/xxx/public_html/503.shtml]


The above errors are saying the script is
disconnected after connection (might be server
controlling script usage of resources) and you have
exceeded the number of attempts.

The following errors are saying the script
connection is reseted by server. After connecting
to mysql host > getting disconnected.

> #0, confirmed, 1, associated process: 31278,
> running: 0, error:
> Connection reset by peer!
> 2012-05-27 00:31:59.984 [NOTICE] > [] Max retries has
> been reached, 503!


Than he asked also someone other:


One of my client's host upgraded their server software.

Since then, he is getting this error:

503 service not available.

It was working before.

1. You can login and tell me why the error?
2. Your fee?
3. What else you need apart from ftp info?
Because client has no root access to server.
But has access to his website.
she answered:

In a litespeed server , a 503 could mean
various problems.

Their blog works so it's not a server side or
PHP problem I think.

Have they checked the error log available
in cpanel.

The above is the only one provided by the host.

I have no clue why this is happening.

Only thing I am thinking is server controlling
the mysql connections and memory usage by the
script and outputting the error. That is why I am
asking you if you can debug this for me.
she answered:

Yes, it's either resource restriction
or certain PHP modules missing.

But in any case it's difficult to fix
it without root access.


You don't have to fix it. I know it is difficult
to fix these issues without root access.

But can you tell me the problem (resource issue
or php module or someother)  with simple FTP info?

That is too, the script code is encrypted. But
I can give you any specific file (unencrypted version)
if you want.
she answered:

503 is a generalized error Ra....
It's difficult to diagnose with just

end user details.


He wrote me and included the Email correspondense:


What she saying is without root access it is
difficult to debug the 503 error.

Root access is out of question for you as
it is shared hosting.

So what you want to do?

I am including our Email correspondense BELOW.


I did something, I changed the host.