SPAM, RE: Internic and there lame response
Dean Robb
pceasy at norfolk.infi.net
Sun Jul 12 18:29:04 UTC 1998
At 21:22 7/10/98 -0400, Andrea Di Lecce wrote:
>
>At 20:21 7/8/98 -0400, you wrote:
>>Incredibly two-faced response. How do you determine the user's ISP? Check
>>WhoIs. But...OOOPPSS!...the information in WhoIs is phoney, and we don't
>>do anything about that. Sorry, guess you're just screwed.
>
>There are many other ways to track a spammer.
>
>- Do nslookup on the IP that originated the spam (sometimes this takes a
>bit of detective work to find what IP actually originated the spam).
>- Traceroute to the originating IP. Email the ISP that is directly upstream.
*I* know these techniques. Joe User who's irritated at his spam likely
does not.
>- Look in the Whois information for contact emails and nameservers - if
>these are for the upstream ISP, or some ISP other than the spammer, report
>it to them.
But there's the rub. A great deal of the information (including
delegations) in domain registrations by net.abusers is complete
fabrication. InterNIC refuses to deal with it, even when it's pointed out
to them.
>- If they are advertising a web page, track the web page host, and their
>upstream, and report it to them.
All the time :>
>
>>What do spammers and nails have in common? They're both intended for
>>hammering.
>
>Amen.
Witnesses available at www.witness.com...:)
What do spammers and nails have in common? They're both intended for
hammering.
Dean Robb
PC-Easy
On-site computer services
(757) 495-EASY [3279]
More information about the NANOG
mailing list