Index: [Article Count Order] [Thread]

Date:  Tue, 30 Dec 2008 19:10:26 -0800
From:  "Doug Harvey" <dwh1958 (at mark) gmail.com>
Subject:  [coba-e:14587] Re: spam sent using my email address
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <495ae2a5.16078e0a.1d91.7c07 (at mark) mx.google.com>
In-Reply-To:  <010801c96ab8$6df884e0$6401a8c0@systemax>
X-Mail-Count: 14587

 

-----Original Message-----
From: Gerald Waugh [mailto:gwaugh (at mark) frontstreetnetworks.com] 
Sent: Tuesday, December 30, 2008 11:54 AM
To: coba-e (at mark) bluequartz.org
Subject: [coba-e:14575] spam sent using my email address

Hi Blues, and a happy New Year

I am getting hundreds of spam using my return address.
We have three servers running, and one (fsn2) is only backup email/dns
server
and the spams seem to be coming from all three.

Subject varies, but most are for the sex drugs
I put a few hundred in the access file, but it's getting to be
overwelming.

How can i stop this?

Typical header looks like this;

Return-Path: <gwaugh (at mark) frontstreetnetworks.com>
Received: from fsn2.frontstreetnetworks.net
(fsn2.frontstreetnetworks.net [208.67.252.136])
	by fsn3.frontstreetnetwork.net (8.13.1/8.13.1) with ESMTP id
mBPM4eUD019535
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256
verify=NO)
	for <gwaugh (at mark) frontstreetnetworks.com>; Thu, 25 Dec 2008 16:04:46
-0600
From: Gerald Waugh <gwaugh (at mark) frontstreetnetworks.com>
Received: from pool-71-160-32-23.lsanca.dsl-w.verizon.net
(pool-71-160-32-23.lsanca.dsl-w.verizon.net [71.160.32.23])
	by fsn2.frontstreetnetworks.net (8.13.4/8.13.4/Debian-3) with
SMTP id mBPL3KUj012937
	for <gwaugh (at mark) frontstreetnetworks.com>; Thu, 25 Dec 2008 15:03:23
-0600
Date: Thu, 25 Dec 2008 15:03:21 -0600
Message-Id: <200812252103.mBPL3KUj012937 (at mark) fsn2.frontstreetnetworks.net>
To: <gwaugh (at mark) frontstreetnetworks.com>
Subject: **Message you sent blocked by our bulk email filter**
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-Spam-Status: No, score=-81.9 required=5.0 tests=ANY_BOUNCE_MESSAGE,
	
CRBOUNCE_MESSAGE,DCC_CHECK,DIGEST_MULTIPLE,HTML_IMAGE_ONLY_04,HTML_MESSA
GE,
	
HTML_SHORT_LINK_IMG_1,MIME_HTML_ONLY,PYZOR_CHECK,URIBL_AB_SURBL,URIBL_BL
ACK,
	URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_RHS_DOB,USER_IN_WHITELIST
autolearn=no
	version=3.2.4, No
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on
	fsn3.frontstreetnetwork.net
X-fsn3.frontstreetnetwork.net-MailScanner-Information: Please contact
the ISP for more information
X-MailScanner-ID: mBPM4eUD019535
X-fsn3.frontstreetnetwork.net-MailScanner: Found to be clean
X-fsn3.frontstreetnetwork.net-MailScanner-From:
gwaugh (at mark) frontstreetnetworks.com

-
Gerald Waugh
http://frontstreetnetworks.com
Front Street Networks - RaQware
4604 Fern Ave
Shreveport, LA 71105-3118
United States of America
Phone: +1 318-670-8312


Gerald. I too was getting lots of ftp and spam attacks from the 71.x.x.x
(Verizon) ip's. I finally had to put them into the firewall to get it to
stop.

I know that spam can still be sent, no matter what is in the firewall, but
it did stop all the other attacks.

Some of the attacks actually came from an overseas address, routed through a
Candian address and then down to Verizon East.

Doug

Cell: +1 318-401-0428