[NTLUG:Discuss] spam / email setup help
kbrannen@gte.net
kbrannen at gte.net
Fri Nov 22 15:53:18 CST 2002
Alton R. Pouncey, II wrote:
> On Fri, 2002-11-22 at 13:41, kbrannen at gte.net wrote:
>
>>I need some help with email! I have a 2-fold problem:
>>
>>Problem 1:
>>Someone who is infected with Klez has my email address in their address book;
>>and it's picked my address to spoof with. (See the Symantec site for a
>>description of its capabilities.) Anyway, this is becoming very annoying!
>>The biggest part of the annoyance is that I get a lot of mail with these headers:
...
>>I can't find anything useful about it:
>>---
>>$ dig 204.50.7.195
...
>>I see nothing useful here, am I missing something?
>>
>
>
> Use fwhois. The syntax for the command is:
>
> fwhois ip_address at whois.arin.net
>
> OR
>
> fwhois ip_address at whois.apnic.net
>
> I use the whois server at arin.net and if that doesn't work, I use
> apnic.
>
> Anyway, I can tell you that the IP address in question belongs to Sprint
> Canada. fwhois will give you some good information. It's up to you to
> decide what you want to do with it.
A strong but polite message to clean up their system is what I'd like to do,
but I don't personally know anyone in Canada, which confirms my guess that
that IP belongs to some router along the way and is not otherwise useful.
My system doesn't have fwhois, hmm...
...
>>Problem 2:
>>Since I can't find out who has the real problem so I can notify them to clean
>>it up, I'm left with trying to block/filter all this. I've read several
>>articles on email filtering and believe I can write a Perl script that can
>>detect most spam I receive, but I don't understand the email architecture well
>>enough to know where to put this script.
...
>
> Can't help you here. I don't know how to setup a filter to parse the
> stream as it comes down from an ISP. Can't you setup a filter in
> Messenger to just delete the email based on some criteria in the email?
Filtering it to my Trash is easy, I would like to just not download it at all.
Thanks for the info!
Kevin
More information about the Discuss
mailing list