Re: OT - my domain must have become a spammer's source

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Tim <ignored_mailbox@xxxxxxxxxxxx> wrote:


On Sun, 2005-08-28 at 11:13 +0700, Fajar Priyanto wrote:
You can try view the source of the email. In Kmail > open the email > view source (press v). 

Such as:
Received: from listman.util.phx.redhat.com (listman.util.phx.redhat.com [10.8.4.110]) 
	by hormel.redhat.com (Postfix) with ESMTP
	id B5FC473241; Sun, 28 Aug 2005 00:00:28 -0400 (EDT)
Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com
	[172.16.52.254])
	by listman.util.phx.redhat.com (8.12.11/8.12.10) with ESMTP id
	j7S40HJm021177 for <fedora-list@xxxxxxxxxxxxxxxxxxxxxxxxxxx>;
	Sun, 28 Aug 2005 00:00:17 -0400
Received: from mx1.redhat.com (mx1.redhat.com [172.16.48.31])
	by int-mx1.corp.redhat.com (8.11.6/8.11.6) with ESMTP id j7S40GV03583
	for <fedora-list@xxxxxxxxxx>; Sun, 28 Aug 2005 00:00:16 -0400
Received: from fed1rmmtao11.cox.net (fed1rmmtao11.cox.net [68.230.241.28])
	by mx1.redhat.com (8.12.11/8.12.11) with ESMTP id j7S40EjP007604
	for <fedora-list@xxxxxxxxxx>; Sun, 28 Aug 2005 00:00:15 -0400
Received: from [68.101.182.212] by fed1rmmtao11.cox.net
	(InterMail vM.6.01.04.00 201-2131-118-20041027) with ESMTP
	id <20050828040009.LAMF12158.fed1rmmtao11.cox.net@[68.101.182.212]>
	for <fedora-list@xxxxxxxxxx>; Sun, 28 Aug 2005 00:00:09 -0400
The last paragraph is the first person who sent it. Then you can contact the ISP/or the person. 

You do have to be careful with your analysis.  Sometimes the *last* one
is the spammer, preloading the headers by routing their mail through
their own, or other systems.  You don't want to complain to the spammer
about their spam.
-- Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
At one time, SpamCop provided a service to parse spam e-mail headers and anonymously contact the ultimate sender's ISP. Not sure if SpamCop still provides this service or even still exists. Their service was more useful back in the days when spammers didn't use zombies since SpamCop also provided a RBL for those who wouldn't stop spamming. These days SpamCop can't blacklist someone like AOL so the best thing that happens is the ISP blocks outbound port 25 traffic from the zombie which just means the spammer moves to their next zombie.
I see a handful of these from time to time. Nothing as severe as what you're seeing. Just bounces in my inbox of e-mails I didn't send. 

Cheers,
Dave
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux