nanog mailing list archives
Re: what to do about joe-jobs?
From: Justin Shore <listuser () numbnuts net>
Date: Wed, 24 Sep 2003 14:07:23 -0500 (CDT)
On Wed, 24 Sep 2003, Stephen J. Wilcox wrote:
The one that they're doing on my own domain which I mentioned on list some months ago is still going strong with many Mbs of bounces per day.. I think its fair to say there is very little you can do as tracking the source is almost impossible..
That depends on how detailed the bounce is, to an extent. Many of the bounces actually contain a complete copy of the message that generated the bounce. Ie, the full spam and nothing but the spam. From that you can find the original source IP. Of course that source IP may very well be an open proxy. You're screwed if that's the case. However since you have a complete copy of the spam you can still follow the money trail. Spammers have to get their money somehow. The actual spam will give you many places to start. Of course once you have that you still have to convince a provider to take action against their customer. Justin
Current thread:
- RE: Another DNS blacklist is taken down, (continued)
- RE: Another DNS blacklist is taken down Patrick (Sep 24)
- RE: Another DNS blacklist is taken down Vadim Antonov (Sep 24)
- RE: Another DNS blacklist is taken down Christopher Bird (Sep 24)
- what to do about joe-jobs?, was: Re: Another DNS... David Raistrick (Sep 24)
- Re: what to do about joe-jobs?, was: Re: Another DNS... David Raistrick (Sep 24)
- Re: what to do about joe-jobs? Stephen L Johnson (Sep 24)
- Re: what to do about joe-jobs? Valdis . Kletnieks (Sep 24)
- Re: what to do about joe-jobs? Mike Leber (Sep 25)
- Re: what to do about joe-jobs? Justin Shore (Sep 24)
- Re: what to do about joe-jobs? Stephen J. Wilcox (Sep 24)
- Re: what to do about joe-jobs? Justin Shore (Sep 24)
- Re: what to do about joe-jobs? Kee Hinckley (Sep 24)
- Re: what to do about joe-jobs? Justin Shore (Sep 24)
- Re: what to do about joe-jobs? David Raistrick (Sep 24)
- Re: what to do about joe-jobs? Stephen L Johnson (Sep 24)
- Blacklisting: obvious P2P app neal rauhauser (Sep 24)
- RE: Blacklisting: obvious P2P app David Schwartz (Sep 24)
- RE: Blacklisting: obvious P2P app Vadim Antonov (Sep 24)
- Re: Blacklisting: obvious P2P app Damian Gerow (Sep 24)
- RE: Another DNS blacklist is taken down Justin Shore (Sep 24)