![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SC-Help]
Re: Loads of spam showing "Delviery Status Notification", "Failure
Notice" etc.
Mike Easter
MikeE at ster.invalid
Sun May 7 11:43:29 EDT 2006
Herbert Eppel wrote:
> Here is a tracking URL for one of the messages I received recently:
www.spamcop.net/sc?id=z937307358ze15961079deba7261d7636c948c79feez
I see a stock spam in the form of a b64/d .gif whose To & From are
munged, sourced from a dynamic and spamsource listed 84.163.142.229
rDNS p54A38EE5.dip0.t-ipconnect.de and carrying a Received bogus line.
That stockspam was received by the server at 200.49.96.73 rDNS
antispam7.netizen.com.ar which server emailed it as an attachment to
cyberstrider.net/gmx.net presumably as a belated DSN-failed which was
abusively new emailed to the bogus From or Return-Path.
That abusive .ar server IP is spews listed -- the basis of which I can't
tell just now because spews isn't currently accessible. Spews resolves,
but the webserver must be down, I can't see a port 80 at its
216.168.31.31
> In order to avoid potential confusion, perhaps I should say that I am
> not particularly concerned about those message delivery notifications
> themselves - what I am worried about is that my domain name appears to
> be used by something/someone to sending out spam (and virus?)
> messages.
This is not a virus, this is a b64 gif spam.
If and presumably you received this because your addy was forged as a
bogus From, you can't do anything about that other than spamcop report
the abusive server which isn't currently SC blocklisted. You don't have
a mechanism to make the spammer stop spamming or stop forging your addy
as a From.
Altho' it is annoying, it is not meaningful in terms of your 'good
name'. The normal situation is that almost all spam has forged Froms,
it is to be expected, and those forged Froms are most often derived from
the same lists as the lists of those which are spammed.
No one creates any blocklists on the basis of forged From, with the
exception of some end user ninnies who use 'block sender' as a response
to spams received. You can't do anything about ninnies doing that
either.
> Do you have any advise on how I should proceed in order to 'clear my
> name'?
No name clearing is possible or necessary. It is not necessary because
nothing in that spam process 'besmirches' your name or addy except
possibly in your own mind. So clear that besmirched idea out of your
head.
--
Mike Easter
kibitzer, not SC admin
More information about the SpamCop-Help
mailing list