The Daily Static
  The Daily Static
UF Archives
Register
UF Membership
Ad Free Site
Postcards
Community
Geekfinder
UFie Gear
Advertise on UF
Forum Rules
& FAQ

Username

Password


Create a New Account

  
 

Back to UserFriendly Strip Comments Index
Need Help with Spammer by mortaine2002-02-14 14:12:40
  Where is the spam coming from really? by Kickstart2002-02-14 14:24:07
    more details by dcnblues 2002-02-14 14:50:45
If the originating IP address is in the same netblock as the first mail server that accepted the mail, then the spammer is using his own SMTP server. You can safely "black hole" this domain by telling your inbound SMTP server to round-file the mail coming from that domain, or do more detective work to track down the "guilty parties" and sue them under California law.

If the originating IP address matches the netblock of any SMTP's further along in the chain, then the headers preceding it were probably spoofed to throw you off the trail. Look at the originating IP on that particular header and go from there.

If the originating IP does not match the netblock on ANY of the SMTP servers that accepted the mail, then it's most likely an open relay situation. This means some inexperienced mail admin (or one with a really bad mean streak) has allowed his mail server to accept mail from clients (not servers) outside his netblock. You might be able to convince the mail admin at this domain that this setting needs to be changed. If they don't know how, refer them to a pro, or do the work yourself for a hefty consulting fee (you DO want to recoup your losses due to the spam domain mix-up, right?) :)

Oh. If your mail client does not show you all of the mail headers, log into your POP mail server using Telnet (port 110). After your mail server show you its login "banner" text and gives you a cursor, type "User {your userID} [ENTER]" on the first line and "Pass {your password} [ENTER]" on the second line. Leave out the brackets. This will log you into the mail server account.

Then, type "List [ENTER]" to fetch a numeric list of the spooled messages. After this, type "Top {message #} 1" for each message on the list to display the header information, subject line, and first line of text.

(oh yes, you might wish to turn Telnet's loggng feature on before you start... else you won't be able to capture all this to a file easily.)

Once you've seen a header and logged it, type "DELE {message #} [ENTER]" to mark it for deletion if you wish. When you log out, messages so marked will be erased from the server.

Once you've finished scanning all of the mail headers, type "QUIT [ENTER]" to exit the mail server and log out.

(yes, I've worked tech support where people asked what they could do about spam they've gotten in their mail. :)
[ Reply ]

 

[Todays Cartoon Discussion] [News Index]

Come get yer ARS (Account Registration System) Source Code here!
All images, characters, content and text are copyrighted and trademarks of J.D. Frazer except where other ownership applies. Don't do bad things, we have lawyers.
UserFriendly.Org and its operators are not liable for comments or content posted by its visitors, and will cheerfully assist the lawful authorities in hunting down script-kiddies, spammers and other net scum. And if you're really bad, we'll call your mom. (We're not kidding, we've done it before.)