[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OT: Announcing The Western Web (fwd)




Sean /The RIMBoy/ said:
> Quick question, did others get this and why is this happening?  This lug
> list generates the least traffic of the 4 that I am subscribed to, yet
> seems to get spammed the most (which is not that often).  Just curious,
> that's all.  

It probably has something to do with the fact that the list has been
around for many years now, so the email harvesters probably have it on
ever list...

> BTW, I am going to drop @home a line since that 24.x.x.x addy in the
> headers I attached is probably on their net.   Shame shame.
[snip]
> Received: from [209.189.73.20] ([209.189.73.20])
> 	by web1.lanscape.net (8.9.3/8.9.3) with ESMTP id VAA23300
> 	for <silug-discuss@silug.org>; Wed, 14 Jun 2000 21:08:44 -0500
> From: sales@thewesternweb.com
> Received: from classifieds@thewesternweb.com (unverified [24.31.38.35]) by 
>  (Vircom SMTPRS 4.2.181) with SMTP id <B0000019362@>;
>  Wed, 14 Jun 2000 19:04:25 -0700
[snip]

I wouldn't bother.  That last header is almost certainly forged.  The
209.189.73.20 address is almost certainly the originator of the spam
(note the lack of reverse DNS).  I'd complain to the owner of that
netblock, as well as their upstream provider (which appears to be
Verio).  (Feel free, BTW.  If you do, let me know if you get a
response.)

BTW, here's who owns that netblock:

[whois.arin.net]
ATMNET (NETBLK-ATMNET-BLK-5)
   5440 Morehouse Dr, #4500
   San Diego, CA 92121

   Netname: ATMNET-BLK-5
   Netblock: 209.189.0.0 - 209.189.127.255
   Maintainer: ATM

   Coordinator:
      Van Baalen, James  (BJV-ARIN)  vansax@ATMNET.NET
      619 643 1812

   Domain System inverse mapping provided by:

   NS1.ATMNET.NET               207.67.247.4
   NS2.ATMNET.NET               207.67.247.6

   ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE

   Record last updated on 22-May-2000.
   Database last updated on 15-Jun-2000 06:13:25 EDT.

The ARIN Registration Services Host contains ONLY Internet
Network Information: Networks, ASN's, and related POC's.
Please use the whois server at rs.internic.net for DOMAIN related
Information and whois.nic.mil for NIPRNET Information.

Steve
-- 
steve@silug.org           | Linux Users of Central Illinois
(618)398-7320             | Meetings the 4th Tuesday of every month
Steven Pritchard          | http://www.luci.org/ for more info

--
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.