//flex table opened by JP
PDA

Click to See Complete Forum and Search --> : Can someone help me out with spammers

jaida
05-25-2000, 09:44 PM
my sister keeps getting emails from a person that sends her 3000 messages a time i tried to figure it out and got it narrowed down to a few but i think the person is pretty good

would someone be willing to help me find this guy its pissing my sister off please help if not ill just get her to change her account thanx here is the details:

Return-Path: <desarae@home.com>
Received: from h1.mail.home.com ([24.0.0.50]) by mail.rdc1.ab.home.com
(InterMail v4.01.01.07 201-229-111-110) with ESMTP
id <20000514202428.SMMU2627.mail.rdc1.ab.home.com@h1. mail.home.com>
for <desarae@mail.cgws1.ab.wave.home.com>;
Sun, 14 May 2000 13:24:28 -0700
Received: from mx1-w.mail.home.com (mx1-w.mail.home.com [24.0.0.51])
by h1.mail.home.com (8.9.3/8.9.0) with ESMTP id NAA08387
for <desarae@home.com>; Sun, 14 May 2000 13:24:28 -0700 (PDT)
Received: from ruthenium.btinternet.com ([194.73.73.138])
by mx1-w.mail.home.com (8.9.1/8.9.1) with ESMTP id NAA11008
for <desarae@home.com>; Sun, 14 May 2000 13:24:21 -0700 (PDT)
From: desarae@home.com
Received: from [62.6.79.214] (helo=hack.com)
by ruthenium.btinternet.com with smtp (Exim 2.05 #1)
id 12r4vt-00008q-00
for desarae@home.com; Sun, 14 May 2000 21:24:15 +0100
Subject: i hate you
To: desarae@home.com
Message-Id: <E12r4vt-00008q-00@ruthenium.btinternet.com>
Date: Sun, 14 May 2000 21:24:15 +0100




[This message has been edited by jaida (edited 05-25-2000).]
chipbgt
05-25-2000, 10:53 PM
try this site out, and try searching on the ip address given above:
http://network-tools.com/5/
jadison
05-26-2000, 12:36 AM
What email program does she use? Some allow the ability to block email from unwanted spammers.

-jd-
darren
05-26-2000, 01:42 AM
This message originated from host62-6-79-214.btinternet.com, send messages with full headers to abuse@btinternet.com .

http://www.samspade.org/t/ may be of use to you in the future.
psyklone
05-26-2000, 08:05 AM
whoever sent that is either pretty good, or is using a script to do it. either way, what he did is (it looks like it to me, anyway) telnet into the smtp port of ruthenium.btinternet.com and then try to make it look like it was coming from the hack.com domain by issuing the 'helo hack.com' command. depending on the mail client you use, it may have actually shown that it was 'apparently from hack.com' instead of the info you got. i recommend sending that mail header to the friendly(?) folks at btinternet.com and see if they can turn the mail relay function off on their mail servers because of this. of course, if this person really has it in for your sister he'll just find another open server, it's not difficult at all. hell, there are still government/military servers out there that will let you bounce mail off of them.

sorry to say it, but you may consider a new account.

best of luck!