Dana
>The origin IP number of 211.108.90.4 is what is called an open relay, and
>appears on a number of blacklists.
>
>go to http://www.dnsstuff.com and enter that IP number in the top center block
>and it will return a list.
>
>For the uninitiated, an open relay is a mail server that is either carelessly
>set up or is compromised by a worm infection. The effect is that it does not
>report where it received the email message in the headers, making it appear that
>it originated the message. Spammers constantly scan the entire internet space
>to locate these open relays, and when they are found they pump the spam through
>them, thus effectively concealing the real source of the mail. as spam runs are
>detected and reported to web sites such as spamcop.net, they are immediately
>tested and if indeed are relaying mail they are automatically added to a number
>of blacklists. Mail providers that use blacklists then refuse mail from that IP
>number from then on.
>
>About the most you can do is to set up a free reporting account at spamcop and
>paste in the complete spam, including header information and report them as you
>receive them. spamcop does the tracing and ISP reporting for you, and will, in
>most cases, obfuscate your email address to protect your identity.
>
>Some of the open relay block lists report that there are over 250K open relays
>worldwide being used to pump out spam. The spammers use one until it is blocked
>then move to another.
>
>Since it does appear on a number of blacklists, including a couple that I use,
>spam from that IP number would be rejected at my email server boundary and my
>users would never see it.
>
>======================================
>Stop spam on your domain, Anti-spam solutions
>http://www.clickdoug.com/mailfilter.cfm
>For hosting solutions http://www.clickdoug.com
>======================================
>Aspire to Inspire before you Retire or Expire!
>
>
>----- Original Message -----
>From: "dana tierney" <[EMAIL PROTECTED]>
>To: "CF-Community" <[EMAIL PROTECTED]>
>Sent: Sunday, January 25, 2004 6:29 AM
>Subject: libero.it
>
>
>: Anyone had any experience with this domain or know anything about italian laws
>on spam? Jochem? This seems to be where the prunebelly-spoofing spam is coming
>from.
>:
>: Maybe you can give me a second opinion. Here's the headers, reading these was
>never my best thing. The prunebelly address that received it forwards to a
>comcast address, is where comcast comes into it.
>:
>: Received: from miranda.zianet.com ([216.234.192.169])
>: by sccrmxc13.comcast.net (sccrmxc13) with SMTP
>: id <20040118190533s1300ed4e7e>; Sun, 18 Jan 2004 19:05:33 +0000
>: X-Originating-IP: [216.234.192.169]
>: Received: (qmail 65059 invoked by uid 1009); 18 Jan 2004 19:05:31 -0000
>: Delivered-To: (taking this out for my user's privacy - dana)
>: Received: (qmail 65026 invoked by uid 0); 18 Jan 2004 19:05:31 -0000
>: Received: from unknown (HELO libero.it) (211.108.90.4)
>: by zianet.com with SMTP; 18 Jan 2004 19:05:31 -0000
>: To: (a different prunebelly address, not the one that received it)
>: From: "alton" <[EMAIL PROTECTED]>
>: Date: Sun, 18 Jan 2004 12:04:43 GMT
>: Message-Id: <[EMAIL PROTECTED]>
>: Sender: [EMAIL PROTECTED]
>:
>: I am not including the subject line as it is pretty vile, something about what
>little girls will do for cigarettes. Which was the other thing I was wondering.
>Since this isn't just spam, but is also an advertisement for child
>pornography... aren't some laws getting broken here?
>:
>: Somebody tell me how to get the guy mailing this stuff out :) I'll spend the
>time doing it <g>
>:
>: Dana
>:
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
