[clue-tech] HELP!! Someone has hijacked my mailserver for
spam
Charles Oriez
coriez at oriez.org
Thu Feb 24 10:02:12 MST 2005
At 08:15 AM 2/24/2005, Mike wrote:
> >
> > There are no reports on .sightings or elsewhere showing any spam coming
> > from your IPA, nothing in spamcop, and you didn't post any of the bounces.
> >
>
>That's good, I suppose. What I'm worried about is my domain being
>blacklisted because my email in the From: header. Or is blacklisting
>smarter than that and the actual originating IP address is looked at and
>not the From: header? Also, would I have any success reporting this
>abuse to the originating IP address?
I hang out on the anti spam news groups.
virtually no one blocks on domain name, because spammers forging domain
names is well known to the point that it's assumed. the fact that it is a
criminal offense has no effect on the spammers. everyone blocks on the
IPA, not by domain.
reporting success will depend on what ISPs the spam went through. Some are
good and some aren't. Besides China and Korea in general, the worst ISPs
for blowing off complaints are MCI, SBC, Comcast, XO, Level3, Above, and
Verizon. It's almost not worth reporting it to them. then there's Europe
... I helped a company in NY once identify the spammer who was forging
their domain name and who was benefiting from the spam. The CEO was
getting the bounces and was pissed, but personally I think he wasted $1200
hiring me. We turned all the evidence over to the NYS Attorney General
because the spammer used fake addresses in NYC for his domain
registrations, and Spitzer was making a name for himself chasing spammers,
but I never heard whether he bothered with this set of small potatoes. He
might have, since this guy's law firm was a big contributor to Spitzer's
campaigns.
More information about the clue-tech
mailing list