[Top] [All Lists]

Re: spam

To: "D. Stimits" <stimits@xxxxxxxxxx>
Subject: Re: spam
From: Juha Saarinen <juha@xxxxxxxxxxxx>
Date: Mon, 9 Jul 2001 10:38:42 +1200 (NZST)
Cc: "XFS: linux-xfs@xxxxxxxxxxx" <linux-xfs@xxxxxxxxxxx>
In-reply-to: <3B48DEB5.CAE7BE98@xxxxxxxxxx>
Sender: owner-linux-xfs@xxxxxxxxxxx
On Sun, 8 Jul 2001, D. Stimits wrote:

> Looking closer, I see that it was a "TO" address of Japan. More
> confusing is:
> Sender:
>     owner-linux-xfs@xxxxxxxxxxx
> Does that mean there was an attempt to forge the header? Or maybe sgi is
> being used as a relay?

No, the spammer sent the crap to the linux-xfs list, which then
redistributed it to all the subscribers.

You need to work your way down the Received from: chain to find the
originating MTA or sending MUA. Some MTAs don't record the sender's IP of

> I see now the actual sender (and the ISP is about
> to get an email):
> "West Quinn" <ptm31p@xxxxxxxxxxxxxxx>

Probably a forgery. I've deleted the spam, but IIRC it originated from a
Popsite dial-up.

> Spam is kind of ridiculous these days. :(

Kind of huge... some spammers are getting into the ISP business. :-(



PGP fingerprint:
B7E1 CC52 5FCA 9756 B502  10C8 4CD8 B066 12F3 9544

<Prev in Thread] Current Thread [Next in Thread>