[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] How can we trace and stop this email abuse?

Subject: [cobalt-users] How can we trace and stop this email abuse?
From: "Ali & Charlie" <dynamicduo@xxxxxxxxxxxxxxxx>
Date: Thu Dec 23 13:14:39 1999

Hi,

Are we correct in assuming that someone has figured out a way to use one of
our servers to send spam messages? Or are we misinterpreting the header? How
can we find out who this is and prevent this?

We are getting a ton of these everyday and they all come complete with a
virus. They are all directed only at us as far as we can tell and any help
in dealing with this would be greatly appreciated. They are being directed
to graphicsnews@xxxxxxxxxxxxxxxx, which is a majordomo address and we should
be receiving a 'Non Member Submission Notice' but we are not. We are the
only ones receiving this note on the mail list, thank goodness.

mail.designheaven.com is our mail server on a RAQ2, however we are the only
ones who can send email with this server. They keep logging in with a
different IP Address
Below is the header of 2 different mail messages:

EXAMPLE 1
+++++++++
Return-Path: <graphicsnews@xxxxxxxxxxxxxxxx>
Received: from mail.designheaven.com (tnt3-6.mtco.com [208.155.39.6])
	by casey.designheaven.com (8.9.3/8.9.3) with SMTP id HAA09219
	for grfxring@xxxxxxxxxxxxxxxx; Thu, 23 Dec 1999 07:25:46 -0700
Date: Thu, 23 Dec 1999 07:25:46 -0700
From: graphicsnews@xxxxxxxxxxxxxxxx
Message-Id: <199912231425.HAA09219@xxxxxxxxxxxxxxxxxxxxxx>
To: grfxring@xxxxxxxxxxxxxxxx
Subject: Graphics Ring Newsletter - Edition 20
MIME-Version: 1.0
Content-Type: multipart/mixed;
	boundary="----=_NextPart_000_0007_01AF0E92.A4E9CDO0"
X-UIDL: fac29f34f39d43fd115c234e13ff0d5b


EXAMPLE 2
+++++++++
Return-Path: <graphicsnews@xxxxxxxxxxxxxxxx>
Received: from mail.designheaven.com (host171_161.inter.edu [164.42.171.161]
(may be forged))
	by casey.designheaven.com (8.9.3/8.9.3) with SMTP id GAA13468
	for grfxring@xxxxxxxxxxxxxxxx; Wed, 22 Dec 1999 06:51:13 -0700
Date: Wed, 22 Dec 1999 06:51:13 -0700
From: graphicsnews@xxxxxxxxxxxxxxxx
Message-Id: <199912221351.GAA13468@xxxxxxxxxxxxxxxxxxxxxx>
To: grfxring@xxxxxxxxxxxxxxxx
Subject: Graphics Ring Newsletter - Edition 19
MIME-Version: 1.0
Content-Type: multipart/mixed;
	boundary="----=_NextPart_000_0007_01AF0E92.A4E9CDO0"
X-UIDL: 3e65ba143bd27c00071e7a454fcc69ac

Thanks,
Ali & Charlie

Follow-Ups:
- RE: [cobalt-users] How can we trace and stop this email abuse?
  - From: Steve B
- RE: [cobalt-users] How can we trace and stop this email abuse?
  - From: Dan
- Re: [cobalt-users] How can we trace and stop this email abuse?
  - From: Dom Latter

Prev by Date: Re: [cobalt-users] E-Commerce Solution
Next by Date: [cobalt-users] RAQ2 help w/ backup
Previous by thread: [cobalt-users] re: cgiwrap error *i got it*
Next by thread: RE: [cobalt-users] How can we trace and stop this email abuse?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index