I locate and call the after hours support number. The guy that answers the phone suggests Norton. I sweetly explain that this is not the point, that this ip has sent 165 copies of MyDoom to me alone on Saturday alone, so it is probably sending this virus out in vast numbers. It is also claiming at times to be my dawnrock domain. I give him the ip. He does not know whether it is one of theirs but does promise to investigate. Fine. It occurs to me that whoever he is gonna call might like to check the headers themselves so I call him back to ask about this. He says oh, no, the abuse desk is monitoring the situation and it is in one of the student dorms. Monitoring, huh... he decides what the hey, I should send a few copies to [EMAIL PROTECTED], and gives me a name to send it attention of. I do that and contemplate turning off catch all on my account, but decide that this will just bounce the emails to the domains they are allegedly from, not to the offending ip, and so just contribute to the problem. I go do other things.
Six hours later I check my email and find another 25 emails with the worm attached, almost all of them from the same IP. I call Fayetteville again. They have a ticket, closed resolved. I tell them it ain't and suggest that if they have sent that many to me at a domain that has only been registered for two months, they are probably sending out enough to make their mail server kinda tired :) The guy at the desk sounds a little swifter than his overnight colleague and says he will call the guy who allegedly fixed the problem back and "admonish" him, his words.
Now, I am not a mail admin, thank goodness, and chances are this ip is dynamically allocated, I guess, but it's been on long enough to send out all these emails... how hard can it be to locate it and pull the plug?
Thinking too much again,
Dana
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
