On Tuesday, April 12, 2005, 8:31:53 AM, List User wrote: >>... >> >>List Mail User wrote: >>> Did either of you try listing himlove. com (invalid telephone/fax), >>> or notice that the contacts' email is from a non-existant domain, >>> heroutside. com. Or that the name servers in carr821. com also have >>> an invalid address. Or that the contact domain from the DNS servers, >>> narod. ru have an invalid registration. Or that the name server domain >>> for narod. ru of yandex. ru also has an invalid registration ... >>> >>> I gave up after about 8. >>> >>> You have to realize when some idiot has just invited you to get rid >>> of a half dozen or so spam and spam support domains. >> >>a short howto to the list would be good ;-) >> >>-- >>Robert Brooks, Network Manager, Cable & Wireless UK >><[EMAIL PROTECTED]> http://hyperlink-interactive.co.uk/ >>Tel: +44 (0)20 7339 8600 Fax: +44 (0)20 7339 8601 >>- Help Microsoft stamp out piracy. Give Linux to a friend today! - >>
> Start with your favorite version of "whois" (I like jwhois, because > you seldom need to enter the registry). Then learn the rules about what is > required. Lookup all the contacts' email domains - if you *really* want to > get them check the email validity with telnet to the server. Check all the > domains with either nslookup or dig, paying particular attention to any 'MX' > records - look them up separately checking for invalid addresses (i.e. > 127.0.0.1 or MX's of address literals). Keep going until things run in a > circle (i.e. you stop finding new domains). Check all the addresses with > your favorite set of online maps (usually Yahoo! for North America, Mapquest > for the rest of the world, but some place require more work). Check the > postal > codes at the countries own postal authority if you can (usually the first or > second line from Google with "Country_Name postal code") or from a few other > sites (escapeartist is good as is statoids). File everything you find wrong > with rfc-ignorant and for international TLDs (e.g. ".com", ".net", ".org", > ".biz", ".info", etc) file at wdprs.internic.net. For other TLDs, you have > to do whatever the specific grantor requires (but for ".us" - send email to > the registrar and a "Cc:" [EMAIL PROTECTED]); For Canada, use cira.ca, etc. > With a little practice, it takes 1-3 minutes for most bogus domains. > (Count on 15 minutes to an hour, until you get the hang of it). > Ad nausem (automated checking of the contacts' emails and the abuse@, > postmaster@ and DSN addresses are good too). > And also, if any of the emails you find is a MSN, Hotmail or in other > MS domain or of a Outblaze customer (together, thats about 15% of all email > accounts in the world) - send off an email with the copy of the spam - the > account will be canceled - then tommorrow, the domain has become invalid. > Start by reading the documents at www.arin.net, www.internic.net, and > rfc-ignorant.org. > Also, remember, many spam friendly registrars won't do anything until > fored to by the overriding authority - good cases take 15-20 days for the > domain to die, bad ones can take 3-4 months; But you can blacklist them in > almost no time. > Good luck and have fun hunting (nobody spams my domains and gets off > clean!), > Paul Shupak > [EMAIL PROTECTED] > P.S. The "real" finds are the rare invalid netblock or ASN, but that can wait > until you learn to check domains. This really belongs in some kind of spam-fighting FAQ or howto somewhere..... Jeff C. -- Jeff Chan mailto:[EMAIL PROTECTED] http://www.surbl.org/
