Hello all, For many years my domain, IFD.COM, has been hijacked by Swiss Bank (now known as ubswarburg). Beyond the few emails containing confidential financial information and some interesting love letters the traffic was fairly small, and since Swiss Bank refused to even talk to me about it I basically put up with it, and once I started using SIMS I no longer got the email into my inbox so it was pretty much invisible.
Until a few weeks ago when my Centris 610 (which ran DNS and email for me) started crashing often. This weekend it crashed and wouldn't start back up, kept crashing as soon as a network connection was established. I finally startup up w/o networking and noticed that the SIMS logs were several MB each (I am used to 22K sized logs, and I log very little normally). Examination of the logs revealed that I was getting 100 to 200 emails per minute from Swiss Bank! So, I took down my development machine (an 8500 w/a 400Mhz G3 and SCSI RAID array) and made it my email server. Complete overkill, but it's handling the load now. My question is how to I get Swiss Bank to stop using my domain? Here are the relavent details: 1. Internic and Dotster both say there is nothing they can do because Swiss Bank has not actually "stolen" the domain, it's still registered to me. 2. Swiss Bank seems to be using my domain internally, and for years only a few emails leaked out. Now, it seems they are using it for mailing lists, including UCE with invalid return addresses (within usbwarburg.com). 3. Here are some log entries, there are thousands in my logs: - normal logging - 06:16:10 1 SMTP-564(gate.chi.ubswarburg.com) SPAM? Recipient '<SH-OCADM- [EMAIL PROTECTED]>' rejected: user unknown 02:03:13 1 SMTP-225(gate.ldn.swissbank.com) SPAM? Recipient '<SH-GGL- [EMAIL PROTECTED]>' rejected: user unknown 02:18:27 1 SMTP-268(gate.ldn.swissbank.com) SPAM? Recipient '<SH-GGL- [EMAIL PROTECTED]>' rejected: sending host is blacklisted, "The host is suspected in address harvesting" - extended logging - 02:37:26 4 SMTP-334(gate.ldn.swissbank.com) Sending 250 SMTP state reset\r\n 02:37:26 5 SMTP-334(gate.ldn.swissbank.com) OT 22 of 22 bytes sent, Flags=0 02:37:26 5 SMTP-334(gate.ldn.swissbank.com) *Status=22 02:37:26 5 SMTP-334(gate.ldn.swissbank.com) Received 30 bytes 02:37:26 4 SMTP-334(gate.ldn.swissbank.com) Input Line: MAIL From:<[EMAIL PROTECTED]>\r 02:37:26 5 SMTP-334(gate.ldn.swissbank.com) *Status=25 02:37:26 5 SMTP-334(gate.ldn.swissbank.com) *Status=26 02:37:27 4 SMTP-334(gate.ldn.swissbank.com) Sending 250 <[EMAIL PROTECTED]> sender accepted\r\n 02:37:27 5 SMTP-334(gate.ldn.swissbank.com) OT 40 of 40 bytes sent, Flags=0 02:37:27 5 SMTP-334(gate.ldn.swissbank.com) *Status=23 02:37:27 5 SMTP-334(gate.ldn.swissbank.com) Received 44 bytes 02:37:27 4 SMTP-334(gate.ldn.swissbank.com) Input Line: RCPT To:<SH-GGL- [EMAIL PROTECTED]>\r 02:37:27 1 SMTP-334(gate.ldn.swissbank.com) SPAM? Recipient '<SH-GGL- [EMAIL PROTECTED]>' rejected: sending host is blacklisted, "The host is suspected in address harvesting" 02:37:27 4 SMTP-334(gate.ldn.swissbank.com) Sending 591 No mail will be accepted. Your host is in a Black List. The host is suspected in address harvesting\r\n 02:37:27 5 SMTP-334(gate.ldn.swissbank.com) OT 105 of 105 bytes sent, Flags=0 02:37:27 5 SMTP-334(gate.ldn.swissbank.com) Received 6 bytes 02:37:27 4 SMTP-334(gate.ldn.swissbank.com) Input Line: RSET\r NOTE: the "blacklist" seems to be a SIMS thing, I do not have a blacklist setup (ie, not using ORBS, etc.) All emails to support/abuse/postmaster/webmaster @ ubsw/swissbank/ ubswarburg have been ignored, or at least not a single response. Any help appriciated, like to get my bandwidth back! =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Lane Roathe, President Ideas From the Deep <mailto:[EMAIL PROTECTED]> <http://www.ifd.com> _______________________________________________________________________ We are Micro$oft. Resistance is futile. You will be assimilated. ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
