Fri, 2 May 1997 21:51:20 -0400
|
Our listserv received something from a "rogue site"
that allows email addresses with any email address
you want. We phoned (voiced) the contacts for the
site and got nothing. We stried filtering the
site in the filter and it still got through. Look
at this:
Received: from ucsd.com (ucsd.com [207.87.178.65])
by techunix.technion.ac.il
(8.8.5/8.6.10) with ESMTP id XAA13590 for
Received: (from nobody@localhost) by ucsd.com <-----
(8.8.5/8.6.12) id QAA07946; Fri,
2 May 1997 16:47:36 -0400 (EDT)
Message-ID: <[log in to unmask]><-----------
Date: Fri, 2 May 1997 16:47:36 -0400
From: <********@MAIL.COIN.MISSOURI.EDU> <---- not the REAL poster
Subject: Re: *****************
Status: RO
X-Status: A
-------------
They allowed this person to use the name and email
address of 6 of the list users which sent some pretty
disgusting posts.
Whois produced this:
AJ Wilson (UCSD2-DOM)
PO Box 611
La Jolla, CA 92038
US
Domain Name: UCSD.COM
Administrative Contact:
Wilson, Anthony (AW628) [log in to unmask]
619.454.5444
Technical Contact, Zone Contact:
Administrator, Domain (DA550) [log in to unmask]
1 412 681 6932
Record last updated on 05-Jan-97.
Record created on 16-Jul-96.
Database last updated on 2-May-97 06:27:32 EDT.
Domain servers in listed order:
NS3.PAIR.COM 207.86.128.15
NS0.NS0.COM 207.87.178.7
They never answer emails and they do not have real
people at the site. However, they also have
return for mylaptop.com, iname.com etc.
Can anyone tell us how to take the message ID
line and filter THAT whole domian? It seems
the whole domain is just for fraud and spamming.
I would appreciate any ideas. We DID filter this
domain in FILTER but you see this abuser posted
as another domain that was not his.
Thanks for any ideas
|
|
|