what to do about joe-jobs?

• Previous message (by thread): what to do about joe-jobs?
• Next message (by thread): what to do about joe-jobs?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 24 Sep 2003, Stephen J. Wilcox wrote:

> The one that they're doing on my own domain which I mentioned on list some 
> months ago is still going strong with many Mbs of bounces per day.. I think its 
> fair to say there is very little you can do as tracking the source is almost 
> impossible..

That depends on how detailed the bounce is, to an extent.  Many of the
bounces actually contain a complete copy of the message that generated the
bounce.  Ie, the full spam and nothing but the spam.  From that you can
find the original source IP.  Of course that source IP may very well be an
open proxy.  You're screwed if that's the case.  However since you have a
complete copy of the spam you can still follow the money trail.  Spammers 
have to get their money somehow.  The actual spam will give you many 
places to start.  Of course once you have that you still have to convince 
a provider to take action against their customer.

Justin

• Previous message (by thread): what to do about joe-jobs?
• Next message (by thread): what to do about joe-jobs?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]