Web Hosting Talk






PDA

View Full Version : how to deal with SPAM

merconline
09-23-2002, 04:33 AM
Hi,

how to deal with this SPAM which my client gets. Previously these SPAMs used to come through cwasia.com.sg or reach.com.sg or reach.com network. Spamcop.net sends spam report to postmaster@cwasia.com.sg. After no solution, my client complained to SGNIC about cwasia.com.sg

Recently, my client still gets SPAMs and SPAMCOP sends spam report to postmaster@cwasia.com.sg but my client checked that SGNIC have cancelled the domain cwasia.com.sg and Whois shows its available!!

So can the Anti SPAM techies explain how its going on? and how it can be reported to correct people.

thanks
----------- START SPAM HEADER -------------
Subject: The New Leaders Legacy: Mentoring The Mentoring Leader Creating a New Future
Sender: admin@www.peakconquering.com
To: sp16@yahoo.com
From: "RCI Pte. Ltd." <sales@researchcommunication.com>
Received: from www.peakconquering.com (unknown [202.126.159.204])
by imta09.mta.everyone.net (Postfix) with ESMTP id 44B8819128C
for <sp16@patra.net>; Mon, 23 Sep 2002 01:03:50 -0700 (PDT)
Received: (from admin@localhost)
by www.peakconquering.com (8.10.2/8.10.2) id g8N82Nw17324;
Mon, 23 Sep 2002 16:02:23 +0800
Content-Type: multipart/alternative;
boundary=boundary42
Mime-Version: 1.0
Reply-To: "RCI Pte. Ltd." <sales@researchcommunication.com>
Date: Mon, 23 Sep 2002 16:02:23 +0800
Message-Id: <200209230802.g8N82Nw17324@www.peakconquering.com>
------------ END SPAM HEADER ---------------
Richard Ward
09-24-2002, 03:09 PM
Blocking whole countries often helps. Korea, China, Japan, Indonesia, etc. Also, enabling popular blacklists help. Spamcop is not a feasible solution for anything.
priyadi
09-24-2002, 03:38 PM
Originally posted by merconline
Hi,

how to deal with this SPAM which my client gets. Previously these SPAMs used to come through cwasia.com.sg or reach.com.sg or reach.com network. Spamcop.net sends spam report to postmaster@cwasia.com.sg. After no solution, my client complained to SGNIC about cwasia.com.sg

Recently, my client still gets SPAMs and SPAMCOP sends spam report to postmaster@cwasia.com.sg but my client checked that SGNIC have cancelled the domain cwasia.com.sg and Whois shows its available!!

So can the Anti SPAM techies explain how its going on? and how it can be reported to correct people.



According to whois for ip address 202.126.159.204, you need to contact hostmaster@reach.net.sg. There is nothing in the header or whois about cwasia.com.sg, where is this address coming from?

You should not report spam to NIC, it is not their responsibility, report to IP address owner instead. And you should not trust any address/domain in the header except when it is generated by the receiving mail server, generally you should ONLY trust the first received header from the top. The others can be easily forged by the spammer.
priyadi
09-24-2002, 03:40 PM
Originally posted by Richard Ward
Blocking whole countries often helps. Korea, China, Japan, Indonesia, etc. Also, enabling popular blacklists help. Spamcop is not a feasible solution for anything.

Also, block any incoming traffic to port 25, this will reduce amount of spam down to zero. Guaranteed!
TMX
09-25-2002, 03:42 AM
Originally posted by priyadi


Also, block any incoming traffic to port 25, this will reduce amount of spam down to zero. Guaranteed!

What Richard Ward said about blocking China, Korea, Japan, etc.. would be funny if there weren't at least some truth to it. I have yet to receive anything from any of the above-mentioned countries that isn't either spam, fraud, or a hack attempt..

-Bob
Deb Suran
09-25-2002, 08:35 AM
Blocking whole countries often helps. Korea, China, Japan, Indonesia, etc
How would you do that?
Furton
09-25-2002, 11:57 AM
Also, block any incoming traffic to port 25, this will reduce amount of spam down to zero. Guaranteed!


How do I do this on a dedicated server?
Techark
09-25-2002, 12:21 PM
Originally posted by Furton


How do I do this on a dedicated server?

:rolleyes: :rolleyes: :rolleyes: :rolleyes:
zRedDice
09-25-2002, 07:18 PM
You can restrict e-mail from the APNIC Class-A's. I'm not sure what they are, but you can look them up.

James
priyadi
09-26-2002, 12:38 AM
Originally posted by zRedDice
You can restrict e-mail from the APNIC Class-A's. I'm not sure what they are, but you can look them up.

James

That would block the whole Asia-Pacific!!!
Furton
09-27-2002, 12:25 PM
Monte, what was that for?
bjseiler
09-27-2002, 01:25 PM
I think because if you block port 25, you receive no email :-)

Anywho, I looked around for a reasonable list of ip ranges to block everything outside of the US and Europe and there was no easy answer out there. I would do this in a second if I could.
XTStrike
09-27-2002, 02:29 PM
hmm, anything to block spam would be great, you cant even begin to imagine how much spam moderators@webhostingtalk.com actually gets

my last estimate was, ooh about 400 a day !!
TMX
09-27-2002, 06:51 PM
Originally posted by bjseiler
I think because if you block port 25, you receive no email :-)

Anywho, I looked around for a reasonable list of ip ranges to block everything outside of the US and Europe and there was no easy answer out there. I would do this in a second if I could.

Here's a start:

http://www.okean.com/asianspamblocks.html

-Bob