Date: Wed, 24 Mar 1999 16:42:50 -0600 From: "Sal" <sal@intellex.com> To: <freebsd-questions@freebsd.org> Subject: IP forging in Emails? Message-ID: <004e01be7647$a9f342c0$ddcdd6ce@salazar>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_004B_01BE7615.5B38EA40 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Help! I work for an ISP that uses BSD (although this probably has = nothing to do with the OS). We have made the appropriate settings to = sendmail to prevent relaying from anyone outside of our network and our = policies scream "no spamming!", yet someone is. The spamming has been going on and on for the past three or four days. = No need to say our support Email box has a few hundred angry emails in = it. We'd normally approach the abuser and take the appropriate actions, = but the problem is, we don't know who it is. The actual mailing process covers a couple of hours and when we match up = our Portmaster detail files with the IP addresses on the samples of spam = we've received, it's a different user every time! The Email's the same, = but the user is different. I don't believe we have a coalition of a few = dozen users doing this. I think someone is bouncing the spam from these = innocent users' connections to make it appear as if the spam is coming = from them. I'm not just looking for a fix, but a way to catch this guy. If it's = any help, our service covers five main towns and all the IP addresses on = these Email's come from the same city. I'd love to get any suggestions you have because the sysadmin is pulling = his hair out over this thing. My address is sal@intellex.com and feel = free to ask me for samples of the emails or whatever is needed to get = this problem solved. Thanks for your time and brain-power. Sal ------=_NextPart_000_004B_01BE7615.5B38EA40 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN"> <HTML> <HEAD> <META content=3Dtext/html;charset=3Diso-8859-1 = http-equiv=3DContent-Type> <META content=3D'"MSHTML 4.72.3110.7"' name=3DGENERATOR> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT color=3D#000000 size=3D2>Help! I work for an ISP that = uses BSD=20 (although this probably has nothing to do with the OS). We have = made the=20 appropriate settings to sendmail to prevent relaying from anyone outside = of our=20 network and our policies scream "no spamming!", yet someone=20 is.</FONT></DIV> <DIV><FONT color=3D#000000 size=3D2></FONT> </DIV> <DIV><FONT color=3D#000000 size=3D2>The spamming has been going on and = on for the=20 past three or four days. No need to say our support Email box has = a few=20 hundred angry emails in it. We'd normally approach the abuser and = take the=20 appropriate actions, but the problem is, we don't know who it = is.</FONT></DIV> <DIV><FONT color=3D#000000 size=3D2></FONT> </DIV> <DIV><FONT color=3D#000000 size=3D2>The actual mailing process covers a = couple of=20 hours and when we match up our Portmaster detail files with the IP = addresses on=20 the samples of spam we've received, it's a different user every = time! The=20 Email's the same, but the user is different. I don't believe we = have a=20 coalition of a few dozen users doing this. I think someone is = bouncing the=20 spam from these innocent users' connections to make it appear as if the = spam is=20 coming from them.</FONT></DIV> <DIV><FONT color=3D#000000 size=3D2></FONT> </DIV> <DIV><FONT color=3D#000000 size=3D2>I'm not just looking for a fix, but = a way to=20 catch this guy. If it's any help, our service covers five main = towns and=20 all the IP addresses on these Email's come from the same = city.</FONT></DIV> <DIV><FONT color=3D#000000 size=3D2></FONT> </DIV> <DIV><FONT color=3D#000000 size=3D2>I'd love to get any suggestions you = have because=20 the sysadmin is pulling his hair out over this thing. My address = is <A=20 href=3D"mailto:sal@intellex.com">sal@intellex.com</A> and feel free to = ask me for=20 samples of the emails or whatever is needed to get this problem = solved. =20 Thanks for your time and brain-power.</FONT></DIV> <DIV><FONT color=3D#000000 size=3D2></FONT> </DIV> <DIV><FONT color=3D#000000 size=3D2>Sal</FONT></DIV></BODY></HTML> ------=_NextPart_000_004B_01BE7615.5B38EA40-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004e01be7647$a9f342c0$ddcdd6ce>