spam bashing

Discussion in 'Computer Support' started by Marvelous, Jan 3, 2004.

  1. Marvelous

    Marvelous Guest

    Happy new year people!

    Finally sick to death of 80 odd spams every day I thought I would figure
    out how to read headers to complain (New years resolution). Any help
    would be appreciated. One email headers are below, for example...

    From: - Sat Jan 03 12:01:16 2004
    X-UIDL: <>
    X-Mozilla-Status: 0000
    X-Mozilla-Status2: 00000000
    Return-Path: <>
    Received: from iname.com ([61.11.31.242]) by mta06-svc.ntlworld.com
    (InterMail vM.4.01.03.37 201-229-121-137-20020806) with SMTP
    id <>
    for <******.********@ntlworld.com>; Sat, 3 Jan 2004
    11:59:09 +0000
    Date: Mon, 29 Dec 2003 19:15:38 -0500
    Content-Type: text/plain; charset="US-ASCII"
    Subject: Daughter with Mother
    From: Lena Rhyolite <>
    To: <******.*********@ntlworld.com>
    Message-ID: <>


    I figure that this email is sent from melbourneit.com (iname.com being
    spoofed). Would I be correct or am I way off mark?
    The traceroute to the porn site being advertised shows....

    1 192.168.2.1 14ms 6ms 6ms TTL: 0 (No rDNS)
    2 10.153.183.254 25ms 13ms 15ms TTL: 0 (No rDNS)
    3 80.7.30.169 15ms 15ms 28ms TTL: 0
    (leic-t2cam1-b-ge95.inet.ntl.com ok)
    4 80.1.79.197 23ms 16ms 25ms TTL: 0
    (not-t2core-b-ge-wan63.inet.ntl.com ok)
    5 62.253.188.37 23ms 25ms 25ms TTL: 0
    (nth-bb-b-so-300-0.inet.ntl.com ok)
    6 62.253.185.117 19ms 26ms 21ms TTL: 0
    (nth-bb-a-ae0-0.inet.ntl.com ok)
    7 193.251.254.141 18ms 26ms 31ms TTL: 0
    (So5-0-0.LONCR2.London.opentransit.net ok)
    8 193.251.128.205 24ms 96ms 96ms TTL: 0
    (So3-0-0.LONCR1.London.opentransit.net ok)
    9 193.251.243.21 89ms 93ms 91ms TTL: 0
    (P3-0.NYKCR3.New-york.opentransit.net ok)
    10 193.251.248.109 108ms 101ms 107ms TTL: 0
    (So4-0-0.ASHBB1.Ashburn.opentransit.net ok)
    11 193.251.248.109 101ms 101ms 108ms TTL: 0
    (So4-0-0.ASHBB1.Ashburn.opentransit.net ok)
    12 152.63.41.26 109ms 109ms 108ms TTL: 0
    (0.so-1-1-0.CL2.IAD8.ALTER.NET ok)
    13 152.63.144.29 105ms 109ms 121ms TTL: 0
    (0.so-3-0-0.TL2.DCA8.ALTER.NET ok)
    14 152.63.144.29 111ms 103ms 110ms TTL: 0
    (0.so-3-0-0.TL2.DCA8.ALTER.NET ok)
    15 152.63.0.166 175ms 180ms 174ms TTL: 0
    (0.so-3-0-0.TL2.LAX9.ALTER.NET ok)
    16 152.63.115.37 184ms 186ms 185ms TTL: 0
    (213.ATM6-0.GW2.VEG2.ALTER.NET probable bogus rDNS: No DNS)
    17 65.203.151.1 387ms 186ms 185ms TTL: 0 (host1.sun-net.com
    probable bogus rDNS: No DNS)
    18 65.203.151.1 316ms 196ms 228ms TTL: 0 (host1.sun-net.com
    probable bogus rDNS: No DNS)
    19 65.203.151.218 297ms 193ms TTL: 40 (host218.sun-net.com
    probable bogus rDNS: No DNS)

    Would I be correct in assuming that the ISP hosting is alter.net or
    mci.com (the nameservers listed show dnshub.biz, who I dont think would
    be worth complaining to, or would they?)

    Am I on the right track???

    Thanks in advance
     
    Marvelous, Jan 3, 2004
    #1
    1. Advertisements

  2. Marvelous

    °Mike° Guest

    Originator is 61.11.31.242

    whois -h whois.apnic.net 61.11.31.242

    inetnum: 61.11.0.0 - 61.11.31.255
    netname: DISHNET
    descr: DISHNETDSL LTD
    descr: 19, Cathedral Garden Road
    descr: Nungambakkam
    descr: CHENNAI
    country: IN
    admin-c: DIH1-AP
    tech-c: DIH1-AP
    mnt-by: APNIC-HM
    mnt-lower: MAINT-IN-DISHNET
    changed: 20000321
    changed: 20000927
    changed: 20020612
    status: ALLOCATED PORTABLE
    source: APNIC

    role: DISHNET IP Hostmaster
    address: DishnetDSL Limited
    address: 19, Cathedral Garden Road
    address: Chennai, 600 034
    phone: +91-44-825 6201
    phone: +91-44-825 6149
    phone: +91-44-826 9801
    fax-no: +91-44-825 7477
    e-mail:
    trouble: Network abuse issues and SPAM complaints
    trouble: should be sent to
    admin-c: BR31-AP
    tech-c: BR31-AP
    nic-hdl: DIH1-AP
    remarks: role object for Dishnet IP Administrators
    notify:
    mnt-by: MAINT-IN-DISHNET
    changed: 20020530
    source: APNIC


     
    °Mike°, Jan 3, 2004
    #2
    1. Advertisements

  3. It's probably not worth going down that route - you'll spend ages every
    day sorting through that lot. You may as well get something like
    http://www.mailwasher.net/ or http://popfile.sourceforge.net/ and just
    delete the junk.
     
    Hywel Jenkins, Jan 3, 2004
    #3
  4. Marvelous

    Marvelous Guest

    Yeah I know, and like all new years resolutions I am sure I will get fed
    up with it quite soon, but for now it gives me something fun to do till
    I can get rid of this bloody virus (real human one) and get back to work.

    Gary
     
    Marvelous, Jan 3, 2004
    #4
  5. Marvelous

    Spider Guest


    My two cents (spendable anywhere you want) is to get yourself a decent spam
    filter, train it to filter your junk out of your inbox, and forget about it.
    The spam problem has blown to such proportion that the abuse departments of
    the ISP's can not possibly handle all of the reports they get. If you
    insist on trying to report spam, get ready for a lesson in frustration.
     
    Spider, Jan 3, 2004
    #5
  6. Marvelous

    Marvelous Guest

    <snip>

    Thanks for that Mike. Don't know how I ended up with melbourneit, it
    seems kinda obvious now.

    Gary
     
    Marvelous, Jan 3, 2004
    #6
  7. Marvelous

    °Mike° Guest

    Here's some references on decoding headers:

    SpamCop FAQ Parsing and reporting spam
    http://spamcop.net/fom-serve/cache/16.html

    Tracking SPAM
    http://www.claws-and-paws.com/spam-l/tracking.html

    A Quick Guide to E-Mail Headers
    http://real.fissure.org/articles/headers.shtml

    Reading Email Headers
    http://www.stopspam.org/email/headers/headers.html

    Dealing With Junk Email
    http://www.jcrdesign.com/junkemaildeal.html

    The SPAM-L FAQ
    http://www.claws-and-paws.com/spam-l/index.html
     
    °Mike°, Jan 3, 2004
    #7
  8. Marvelous

    anthonyberet Guest

    If you really want to be free of spam try http://www.bluebottle.com/faq.html
     
    anthonyberet, Jan 3, 2004
    #8
  9. Marvelous

    Ionizer Guest

    If you register for a free account with SpamCop http://www.spamcop.net/sc
    you can forward all those spams as an attachment. SpamCop will
    automatically determine the sources and compose letters of complaint for
    you. You just need to click on the "send spam reports" button and the job
    will be done for you.

    Regards,
    Ian.
     
    Ionizer, Jan 3, 2004
    #9
  10. Marvelous

    ragz Guest

    Try downloadingSpam Inspector and add a phrase into the Friendly Quotations
    then tell people that you want to have access to your email address to
    always send the quotation you chose at the end of the email they are
    sending you ,Then only set spam inspector to only except mail containing
    your friendly quatation.
     
    ragz, Jan 3, 2004
    #10
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.