appears on a number of blacklists.
go to http://www.dnsstuff.com and enter that IP number in the top center block
and it will return a list.
For the uninitiated, an open relay is a mail server that is either carelessly
set up or is compromised by a worm infection. The effect is that it does not
report where it received the email message in the headers, making it appear that
it originated the message. Spammers constantly scan the entire internet space
to locate these open relays, and when they are found they pump the spam through
them, thus effectively concealing the real source of the mail. as spam runs are
detected and reported to web sites such as spamcop.net, they are immediately
tested and if indeed are relaying mail they are automatically added to a number
of blacklists. Mail providers that use blacklists then refuse mail from that IP
number from then on.
About the most you can do is to set up a free reporting account at spamcop and
paste in the complete spam, including header information and report them as you
receive them. spamcop does the tracing and ISP reporting for you, and will, in
most cases, obfuscate your email address to protect your identity.
Some of the open relay block lists report that there are over 250K open relays
worldwide being used to pump out spam. The spammers use one until it is blocked
then move to another.
Since it does appear on a number of blacklists, including a couple that I use,
spam from that IP number would be rejected at my email server boundary and my
users would never see it.
======================================
Stop spam on your domain, Anti-spam solutions
http://www.clickdoug.com/mailfilter.cfm
For hosting solutions http://www.clickdoug.com
======================================
Aspire to Inspire before you Retire or Expire!
----- Original Message -----
From: "dana tierney" <[EMAIL PROTECTED]>
To: "CF-Community" <[EMAIL PROTECTED]>
Sent: Sunday, January 25, 2004 6:29 AM
Subject: libero.it
: Anyone had any experience with this domain or know anything about italian laws
on spam? Jochem? This seems to be where the prunebelly-spoofing spam is coming
from.
:
: Maybe you can give me a second opinion. Here's the headers, reading these was
never my best thing. The prunebelly address that received it forwards to a
comcast address, is where comcast comes into it.
:
: Received: from miranda.zianet.com ([216.234.192.169])
: by sccrmxc13.comcast.net (sccrmxc13) with SMTP
: id <20040118190533s1300ed4e7e>; Sun, 18 Jan 2004 19:05:33 +0000
: X-Originating-IP: [216.234.192.169]
: Received: (qmail 65059 invoked by uid 1009); 18 Jan 2004 19:05:31 -0000
: Delivered-To: (taking this out for my user's privacy - dana)
: Received: (qmail 65026 invoked by uid 0); 18 Jan 2004 19:05:31 -0000
: Received: from unknown (HELO libero.it) (211.108.90.4)
: by zianet.com with SMTP; 18 Jan 2004 19:05:31 -0000
: To: (a different prunebelly address, not the one that received it)
: From: "alton" <[EMAIL PROTECTED]>
: Date: Sun, 18 Jan 2004 12:04:43 GMT
: Message-Id: <[EMAIL PROTECTED]>
: Sender: [EMAIL PROTECTED]
:
: I am not including the subject line as it is pretty vile, something about what
little girls will do for cigarettes. Which was the other thing I was wondering.
Since this isn't just spam, but is also an advertisement for child
pornography... aren't some laws getting broken here?
:
: Somebody tell me how to get the guy mailing this stuff out :) I'll spend the
time doing it <g>
:
: Dana
:
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
