Have Yahoo! gone pink?

• Previous message (by thread): Rack Hardware to demise sections of existing cabinets
• Next message (by thread): Have Yahoo! gone pink?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[I'm wearing my personal hat here.]

I'm getting a *flood* of spam coming in from Yahoo! mailservers, both to my
personal and work addresses. It seems that Yahoo! don't care. Here's the
response to me piping a sample one through Spamcop:

  http://abuse.mooli.org.uk/yahoospam

Yahoo claim "After investigation, we have determined that this email message
did not originate from the Yahoo! Mail system. It appears that the sender of
this message forged the header information to give the impression that it
came from the Yahoo! Mail system."

The spam headers claim otherwise:

Received: from mrout3.yahoo.com ([216.145.54.173])
	  by relay-1.mail.uksolutions.net with esmtp (Exim 4.50)
	  id 1FJbCW-0002Ag-IV
	  for sales at uksolutions.co.uk; Wed, 15 Mar 2006 18:58:29 +0000

As does DNS and whois:

abuse at mooli:~$ host 216.145.54.173
173.54.145.216.in-addr.arpa domain name pointer mrout3.yahoo.com.
abuse at mooli:~$ host mrout3.yahoo.com
mrout3.yahoo.com has address 216.145.54.173
abuse at mooli:~$ whois 216.145.54.173

OrgName:    Yahoo! Inc. 
OrgID:      YAHOOI-2
Address:    701 First Avenue
City:       Sunnyvale
StateProv:  CA
PostalCode: 94089
Country:    US
[etc]

Doing double-DNS lookups of the IP addresses on other spams also give
yahoo.com hostnames, and they're typically in DNSBLs for being sources of
spam and a useless abuse address.

So, which IP blocks shall I null-route then? Or is there anybody here from
Yahoo! with a clue? (OK, you can all stop laughing now.)

-- 
PGP key ID E85DC776 - finger abuse at mooli.org.uk for full key

• Previous message (by thread): Rack Hardware to demise sections of existing cabinets
• Next message (by thread): Have Yahoo! gone pink?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]