haven for spammers?

Michael Dillon michael at memra.com
Mon Dec 2 20:06:32 UTC 1996

On Sat, 30 Nov 1996, Jared Mauch wrote:

> BTW, I've had in excess of 100 items from earthstar.com and isp-inter.net
> in the last week. The latest is from earthstar's management, advertising
> themselves as a spam haven. Complaints to Sprint so far have been
> ignored. (Sprint provide their connectivity.)

Keep sending all copies of SPAM received to abuse at sprintlink.net making
sure to note which ones are mail fraud and/or wire fraud. So far Sprint's
management has agreed to cut these sites off if they do not honor remove
requests from their mailing lists but if it starts to cost Sprint too much
money to process legitimate SPAM reports they may reconsider especially
when they realize the large quantity of fraud schemes out there.

A legitimate SPAM report is a copy of the email with full headers and a
brief polite note. Here's how I do this. I use the PINE email program with
the Full Header command (H) enabled. So I press H to display full headers,
F to forward the mail, N to say no to the attachment question.  Then I
address it to abuse at example.com where example.com is any domain found in
the full headers. I also do whois on all netblocks shown and I read the
SPAM looking for other domains in email addresses or URL's. I may also do
whois on those domains or traceroutes.  Then I change the subject to "SPAM
from your customer" and either add a brief note if it is fraud or if it is
not I just delete my .sig lines.

I never pass judgement on the domain name owners, unless I am absolutely
sure that they are in cahoots with the spammers since SPAM often
originates from one-time use dialup accounts or it is bounced off innocent
servers. If I have a long Cc: list I often explicitly note which domains
are likely to be innocent victims of the spammer.

Here is how to enable the H command in PINE


More info on SPAM is available at http://www.vix.com/spam

I would like to see a set of email addresses for the FBI, RCMP and the UK
equivalent (Scotland Yard?) where fraudulent SPAM schemes can be reported.
And since many of these schemes are mail fraud it would be nice to have a
set of email addresses for the US Postal Inspector, Canada Post and the
Royal Mail. I mention these three countries because 99% of SPAM originates

So far the only network contact I know of for the RCMP is a web page
form at http://www.rcmp-grc.gc.ca/html/mail.htm and for the FBI there is
an email address for the New York office newyork at fbi.gov

Michael Dillon                   -               ISP & Internet Consulting
Memra Software Inc.              -                  Fax: +1-604-546-3049
http://www.memra.com             -               E-mail: michael at memra.com

More information about the NANOG mailing list