From: Rick Moen (rick at domain linuxmafia.com)
Date: Mon 17 Jun 2002 - 17:08:15 IST
Quoting Philip Trickett (phil at domain techworks.ie):
> Does anyone have any advice on stopping a spammer who is forging an
> address from your domain?
By looking at Received headers, figure out the IP addresses of IP
addresses upstream of the spammer, look up the netblock, and telephone
the NOC to demand they null-route the bastard.
> I have contacted the hosts for a website which is contained in the
> email, to notify them, and I have contacted the postmaster of the target
> domain (aol.com) to notify them of the forged addresses.
Note that the "Web site that is contained in the e-mail" may well be
operated by the spammer himself.
The regulars on the news.admin.net-abuse.email newsgroup may be able to
give you additional help. http://www.nanae.org/ Note Links, which
include http://www.stopspam.org/email/headers/headers.html
> Anything else I can do here? Is there something which can figure out
> the headers on the emails.
Your eyes, your mind. Welcome to the ranks of spamhunters, and enjoy
the wise words of Caveman Og: http://linuxmafia.com/pub/humour/caveman-og
-- Cheers, The difference between common sense and paranoia is that common sense Rick Moen is thinking everyone is out to get you. That's normal; they are. rick at domain linuxmafia.com Paranoia is thinking they're conspiring. -- J. Kegler
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:17:18 GMT