![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SpamCop-List] Re: What's going on here?
Glenn Daniels
nobody at devnull.spamcop.net
Wed Sep 8 16:49:35 EDT 2004
"indigo" wrote in message
>
> Mike B wrote:
> > I had a similar occurrence on my ISP (AT&T Global Services). It took
> > a while for them to identify and plug the leak, but it is spam being
> > inserted into the server. My suggestion is that you open a problem
> > ticket and make sure you pursue it until it is escalated beyond the
> > initial level of the help(less) desk.
> >
>
> Did you phone in the complaint or email it to abuse at comcast (aka dave
null)?
>
ummm.... It had nothing to do with comcast. A spammer had apparently
found a weakness in the mailserver software app that allowed direct
injection of hir spew by pretending to /be/ "localhost" although that is
not a valid internet IP. For a while, we were getting about five percent
of our spam by injection, headers much like yours.
I think Mike is saying to talk to your ISP at every possible level
until their people find and plug the "hole" allowing the injection
expect more untraceable spam. It took attglobal about four months
to recognize the problem, about three weeks to discover and patch
the hole letting spam leak in...
Glenn
More information about the SpamCop-List
mailing list