To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.off-topic.geekOpen lugnet.off-topic.geek in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Off-Topic / Geek / 1916
1915  |  1917
Subject: 
 Re: "EarthLink.Net" = spam ?...
Newsgroups: 
 lugnet.off-topic.geek
Date: 
 Tue, 8 Aug 2000 04:41:39 GMT
Reply-To: 
 MATTDM@MATTDMantispam.ORG
Viewed: 
 105 times
  
Franklin W. Cain <fwcain@yahoo.com> wrote:
Over the past several months, I have noticed that an increasing percentage
of the spam I receive is from addresses in the "earthlink.net" domain.

Earthlink is a very popular isp -- second after AOL. (Or perhaps third after
Juno; depends how you count.) So it's very likely that people pick
Earthlink as a target for forged addresses. It's also common to see things
purporting to come from AOL or Hotmail.

When I forward said messages to EarthLink's postmaster, they invariably say
"The headers were forged, dude, not my problem" or words to that effect.
Just how can these spammers be forging EarthLink's domain so easily

It's *incredibly* easy to forge headers. Go to your e-mail program. Set
your address to something other than your real one. Send a message. Presto,
you're a forger. Spammers often use slightly more sophisticated techniques,
but that's the principle. So the Earthlink people were very likely telling
the truth.


It has gotten to the point that I have just installed a filter (removing
one of my other anti-spam filters) redirecting all email -- *ALL* email --
from the "earthlink.net" domain *immediately* to my Trash folder.
(...Serves the sunzabiches right!...)

This is exactly why they pick such popular ISPs. You're very likely to be
missing out on legitimate mail with this scheme.

However, it *is* usually possible to determine the actual origin of an
e-mail message by reading the full headers. Check out the "Tracing an e-mail
message" section of the alt.spam FAQ (which you can find at
<ftp://rtfm.mit.edu/pub/usenet-by-hierarchy/alt/spam/>) for some info on how
to do this. Feel free to post any questions here.

--
Matthew Miller                     --->                 mattdm@mattdm.org
Quotes 'R' Us                    --->              http://quotes-r-us.org/
Boston University Linux            --->               http://linux.bu.edu/



Message has 2 Replies:
  Re: "EarthLink.Net" = spam ?...
 
You're right in that the "real" sender's identity (or at least, sending location) can be traced via the headers, etc., and I know how to change my options to see all the headers/trailers/etc. I can see now how they could fake a return address and (...) (24 years ago, 8-Aug-00, to lugnet.off-topic.geek)
  Re: "EarthLink.Net" = spam ?...
 
(...) Also, you might take a look at spamcop - (from memory, www.spamcop.net?). it'll analyze the headers for you, and even send mail to the right addresses to complain... I've found it quite effective. :) Dan (24 years ago, 8-Aug-00, to lugnet.off-topic.geek)

Message is in Reply To:
  "EarthLink.Net" = spam ?...
 
Over the past several months, I have noticed that an increasing percentage of the spam I receive is from addresses in the "earthlink.net" domain. Has anyone else noticed this? When I forward said messages to EarthLink's postmaster, they invariably (...) (24 years ago, 8-Aug-00, to lugnet.off-topic.geek)

5 Messages in This Thread:


Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact

This Message and its Replies on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    
Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR