From owner-freebsd-isp@FreeBSD.ORG Mon May 19 11:10:08 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9C30137B401 for ; Mon, 19 May 2003 11:10:07 -0700 (PDT) Received: from p3.saignon.net (66-146-166-52.skyriver.net [66.146.166.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id 33A6A43FD7 for ; Mon, 19 May 2003 11:10:07 -0700 (PDT) (envelope-from tony@saign.com) Received: (qmail 83657 invoked by uid 89); 19 May 2003 18:09:52 -0000 Received: from unknown (HELO frankenmobl) (tony@saign.com@127.0.0.1) by localhost with SMTP; 19 May 2003 18:09:52 -0000 From: "Tony Saign" To: Date: Mon, 19 May 2003 11:09:51 -0700 Message-ID: <000201c31e31$dc54c680$6ad2f10a@frankenmobl> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <20030515145731.D13729-100000@opium.co.za> Importance: Normal Subject: Illegal use of my server?? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2003 18:10:08 -0000 Any legal gurus out there?? Long story, but I'll summarize; On Friday 05/16 my T1 went down. In troubleshooting attempts it was discovered that a machine, on my network was being used maliciously. Not hacked, but Squid was being used to relay mail (i.e. SPAM). The machine was immediately brought down, and Squid was disabled. I received a call from my ISP, and they are NOT happy. Looking @ the logs, it appears that several thousand SPAM emails may have been sent. What should I do? Can I pursue each ISP in attempts to track down the guilty parties? Can I take any legal action against them? This is the last straw! I'm so frickin' sick of SPAM, and now people potentially got some w/ my IP address! Grrr!!! Any suggestions, advice would be greatly appreciated.