> > This seems to be a very good spammer. No way of tracing back...
> > ;o(
>
> <snip>
>
> > Received: by vger.rutgers.edu id <971524-14379>; Fri, 12 Jun 1998 08:26:35 -0400
> > Received: from bbs.aubbs.com ([204.181.190.211]:1186 "HELO verycool.net" ident: "NO-IDENT-SERVICE[2]") by vger.rutgers.edu with SMTP id <971481-14379>; Fri, 12 Jun 1998 08:26:25 -0400
>
> Looks to me like it came from 204.181.190.211, who identified
> itself as verycool.net (which, incidently, has its names served
> by freeyellowpages.com). Obviously lying as usual for a spammer.
>
> 204.181.190 is assigned to Wongs Advance Technology, and the
> entire 204.18[123].x.x space is owned by Sprint.
>
> The real host name in from reverse lookup for 204.181.190.211 is
> bbs.aubbs.com, but a forward lookup of bbs.aubbs.com comes up
> empty. (Misconfigured DNS).
>
> The reverse lookup is provided by ns.accesscom.net, which also
> serves names for aubbs.com. So bbs.aubbs.com is probably right.
>
> I don't think this spammer is very good at all. And if it was
> really from a bbs, I'd bet the sysop can identify the sender.
>
> Kudos, however, to the vger ops who have a mailer that provides
> all the info in the headers needed to track this stuff down.
> They *are* good.
Sorry, I misread the headers I guess. I'm glad to see that there
is a way to glean so much info from a header! I usually look at
the bottommost Received line, and then nslookup on what is found
there and post a message to the postmaster/abuse accounts at the
main site. I guess I skimmed the headers too fast, or just don't
have a clue what I'm doing... ;o)
Can you (in private email, so as not to clog the list even more)
show me what commands you used to get all this info?
Escape from the confines of Microsoft's operating systems and push your
PC to it's limits with LINUX - a real OS. http://www.redhat.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu