Hi folks. I was very disturbed to have forwarded to my abuse address a spam message which appears to have been sent by a random 3rd party claiming to be from and advertising the domain of one of my customers. I'm wondering if anyone has seen anything like this before, and if so what to do about it.
The relevant parts of the message: >Received: from info.lifename.com ([151.203.48.240]) by mc12-f16.hotmail.com >with Microsoft SMTPSVC(5.0.2195.6824); Thu, 13 Jan 2005 08:15:15 -0800 >Received: from lifename.com (info.lifename.com [192.168.2.7])by >info.lifename.com (8.11.6/8.11.6) with SMTP id j0DGEvv11122for ><[EMAIL PROTECTED]>; Thu, 13 Jan 2005 11:15:05 -0500 > >...advertises http://www.lifename.com/ > >invasion of your privacy, we sincerely apologize. To be permanently >removed from our mailing list, please send mailto:[EMAIL PROTECTED] >or go to http://www.lifename.com/unsubscribe . lifename.com is a customer in my data center. Their IP address is 38.113.6.53. However the mail came from 151.203.48.240, a random Verizon IP address. So it looks like someone set up a reverse DNS record for 151.203.48.240 that claimed it pointed to info.lifename.com (a name which did not have a forward lookup at all until I set one up 10 minutes ago) and then sent the mail out from there spamvertizing the lifename.com URL and email address. I can only assume they did this in order to get my customer and me in trouble with the spam authorities. I'm not a spammer, nor am I a spammer haven. I'm just a guy living in a townhouse in Cambridge with a data center in my basement. I depend on a good reputation to gain and retain customers. You folks know that, since I show up to BBLISA meetings once in a while and many of you know me personally. But spam authorities don't know that. The only evidence I can think of that this spam was not initiated by me/my customer is that it came from a different IP address with the reverse lookup pointing at me, while the forward lookup for that IP does not point to that name. Presumably if I was a spammer I would control the forward zone as well and have the appropriate link. Thoughts? Advice? I am a bit worried about this. - Alex _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
