It's easy to write a script that fills up one's mailbox using sendmail on Unix/Linux boxes..

If someone have a dedicate box, and spam me, what should I do, who should i report to?

ML

You could lookup the IP's and report it to the abuse contact. Or you could just use spamcop.net. It is a free service the automates the process.

Received: from xxx.xxxx.rr.com ([xx.xx.xx.xx]) by mail.houston.rr.com with Microsoft SMTPSVC(5.5.1877.537.53);
Thu, 16 May 2002 12:04:29 -0500
Received: from mail2.hostcompany.net ([66.192.44.143])
by xxx.xxxx.rr.com (8.12.2/8.12.2) with ESMTP id g4GH9L0C012199
for <myemail@xxx.rr.com>; Thu, 16 May 2002 13:02:21 -0400 (EDT)
Received: from [sender's IP] (helo=serverxx.hostingcompany.net)
by mail2.hostingcompany.net with esmtp (Exim 4.04)
id 653Odo-0003bt-00
for myemail@xxxx.rr.com; Thu, 16 May 2002 13:02:12 -0400
Received: from nobody by serverxx.hostingcompany.net with local (Exim 3.35 #1)
id 653Odo-0003bt-00
for myemail@xxxx.rr.com; Thu, 16 May 2002 13:02:20 -0400
To: myemail@xxxx.rr.com
Subject: some subjec
From: "I am the spammer" <webteam@thespammer.com>
Message-Id: <653Odo-0003bt-00@ serverxx.hostingcompany.net >
Date: Thu, 16 May 2002 13:02:20 -0400
Return-Path: nobody@serverxx.hostingcompany.net

--------------------

Above is the cencored header of a spam... now where should I direct the spamming to? I can direct it to "hostingcompany.net"..
but what if the spammer has his own box and he happens to have his own Mail server and DNS server too..?

ML

He is still being serviced on a backbone. He could be running his own box, but does "he" have a way to connect to the rest of the net?

HIs mail server is run by someone
HIs server is run by someone

And please provider full headers. The received lines are the most important in the headers. not the "report for abuse" line or "return-path"


Received: from xxx.xxxx.rr.com ([xx.xx.xx.xx]) by mail.houston.rr.com with Microsoft SMTPSVC(5.5.1877.537.53);
Thu, 16 May 2002 12:04:29 -0500
Received: from mail2.hostcompany.net ([66.192.44.143])
by xxx.xxxx.rr.com (8.12.2/8.12.2) with ESMTP id g4GH9L0C012199
for <myemail@xxx.rr.com>; Thu, 16 May 2002 13:02:21 -0400 (EDT)
Received: from [sender's IP] (helo=serverxx.hostingcompany.net)
by mail2.hostingcompany.net with esmtp (Exim 4.04)
id 653Odo-0003bt-00
for myemail@xxxx.rr.com; Thu, 16 May 2002 13:02:12 -0400
Received: from nobody by serverxx.hostingcompany.net with local (Exim 3.35 #1)
id 653Odo-0003bt-00
for myemail@xxxx.rr.com; Thu, 16 May 2002 13:02:20 -0400


Since you munged the heck out of this, we can't determine where it came from. But the bottom received line is where the spam originated (if the SMTP server there is configured correctly)

http://SpamBattle.com makes me feel a bit better!! :D

I've given up on realtime spam blocking lists (when they do work, they block important email as well. I can't take the risk!)

But what I'm actually doing against spam? I get almost 100 spam messages a day, so I've written a few simple filters which first of all only sort mail addressed directly to user@email.com -- all other mail is either filtered into specific mailboxes (say for mailing lists I subscribe to), or just left in the inbox). So of the 100 or so spam messages I have left, only about 2 clog up my sorted mailboxes. The others just stay in the inbox waiting to be skimmed through and deleted.

Spam is a verry big problem for hosting providers because it creates unwanted traffic but for end users its even worst. I hate spam with a passion.

When I get spam I will go right away and get my little utility called sam spade (http://samspade.org/t/) I will go there analyze the ip where its coming from and fire off an e-mail to the abuse contact that owns the spammers IP alot of times if you look at the smtp server in the headers that is your best bet because that address is hard to fake since they can fake just about everything else. I have sucessfully managed to get 10 road runner accounts, 4 verizon accounts and 1 ATT account closed. Alot of ISP's don't like to be famous because of they support or don't care about spammers.

Plesk offers me alot of help because they have a feature that will not deliver mail unless a mailbox or alias exist on the server which is great alot of spammers will take up to 100 names and send them to @domain.com so if your mailbox is a catchall mailbox you will get 100 e-mails of junk. Plesk helps alot with this. I think that Cpanel is coming out with something called spamassasin but its not ready yet.

Now the best alternative is to use procmail if you hosting provider allows you to use it I manage about 40 domains on this particular server which I have shell access with procmail and I block about 200 junk e-mails per day. You can setup procmail to consult all of the spammers databases spamcop, spews, SBL etc..etc.... and if that particular ip exist on any of those databases it will send the e-mail to dev > null :D and create a txt file with all of the e-mails just in case any e-mail slides thru.

great sites to find out about a spammer:

http://combat.uxn.com/
http://www.spamhaus.org/sbl/
http://samspade.org/t/
http://spamcop.net/
http://www.cauce.org/

Also senate is starting to pickup on it to punish all spammers :)

If you want to report it I normally report it like this.

goto domainwhitepages.com.

Enter the spammers domain name.

Scroll down to the ARIN search.

Look to see who owns that IP Block, usually the datacenter.

Goto their website and find their abuse email address. Email that and that persons site will generally be offline in no time.


Regards

EDIT: Well, if I would have read the previous persons post they basically said to do the same thing through a different path... ;)

Regards.

Here's an idea on how to handle SPAM...

Forward ALL your SPAM to your local congressman or legislator with a note attached saying:

"We need legislation to help stop spam... until we get it you'll get all the SPAM we do."

If everyond did this... I guarantee we'd have federal legislation against SPAM in less than a year. :D

Originally posted by beley
Here's an idea on how to handle SPAM...

Forward ALL your SPAM to your local congressman or legislator with a note attached saying:

"We need legislation to help stop spam... until we get it you'll get all the SPAM we do."

If everyond did this... I guarantee we'd have federal legislation against SPAM in less than a year. :D
:laugh: :D

Originally posted by beley
Here's an idea on how to handle SPAM...

Forward ALL your SPAM to your local congressman or legislator with a note attached saying:

"We need legislation to help stop spam... until we get it you'll get all the SPAM we do."

If everyond did this... I guarantee we'd have federal legislation against SPAM in less than a year. :D

:D That would do the trick. Or maybe they would try to get you for harashment.

Originally posted by WCSWEB

Plesk offers me alot of help because they have a feature that will not deliver mail unless a mailbox or alias exist on the server which is great alot of spammers will take up to 100 names and send them to @domain.com so if your mailbox is a catchall mailbox you will get 100 e-mails of junk. Plesk helps alot with this. I think that Cpanel is coming out with something called spamassasin but its not ready yet.



Do any of these (Plesk and Cpanel) have option for whitelists, i.e. to allow
emails ONLY from, for example *.edu and/or specific email addresses say
user1@domain1.com (but not from any other email @domain1.com) and/or
domains, say anything from domain2.com?

(yes, I know that this can be done with a script)

Originally posted by aux


Do any of these (Plesk and Cpanel) have option for whitelists, i.e. to allow
emails ONLY from, for example *.edu and/or specific email addresses say
user1@domain1.com (but not from any other email @domain1.com) and/or
domains, say anything from domain2.com?

(yes, I know that this can be done with a script)

Cpanel can run black lists but not white lists. I do not use plesk.

thank you all, you guys have been very helpful! :)

I am not spammed yet.. but i see the possibility of being spammed soon.. :( so just want to get ahead of time :D

again, thank you.

ML