Stewart Lone on 29 Apr 2004 17:41:02 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Hi

Hey look guys, everybody knows the story by now. It`s just Gabes turn in the barrel.


Kevin Brosius wrote:

Looks like the best you could do in this case is check the last received
header:

http://kevb.net:3000/lurker/mbox/20040429.131040.8d52903d.txt

Received: from unknown (HELO default.in.icenetworld.com)
(203.195.203.130)
 by mail.netisland.net with SMTP; 29 Apr 2004 14:13:16 -0000

I've never seen mail from 'icenetworld.com' that I would consider valid
from gr.  Or maybe he's got a new domain.  A quick lookup on it ought to
tell you though.

Kevin




This brings me this same problem I have on one of the lists I maintain
with mailman. When they spoof the e-mail address, how would you block
the IP address ranges being used by the spammers/compromised boxes?

Thanks,
-john

gr@eclipsed.net said:
> The access is open !!!
> > 27562 -- archive password


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug









___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

  • Follow-Ups:
  • References: