[geeks] spammer culling addresses from sunhelp?
R. Lonstein
ross-sunhelp at lonsteins.com
Wed Jan 14 12:09:54 CST 2004
On Wed, Jan 14, 2004 at 10:19:35AM -0700, Gary Nichols wrote:
[snip]
> Aye, me too. It's frustrating as hell. Are they from "Allied Direct
> Marketing"? I just banned their whole fscking network.
>
> Bastards. Fsck 'em.
[snip]
Avtech direct? They're spamming secondary MX (in my case) from
somewhere in .br, probably just an open proxy.
It looks like they're playing games with dns, too...
$host -v -C techadvice.org
Finding nameservers for techadvice.org ...
Query done, 2 answers, status: no error
Found 2 addresses for ns.z-dnssecure.net by extra query
Found 1 address for ns.x-dnssecure.net by extra query
Checking SOA for techadvice.org at ns.z-dnssecure.net ...
Query done, 1 answer, authoritative status: no error
bebblastbox1 admin (6 900 600 86400 3600)
!!! techadvice.org SOA primary bebblastbox1 is not advertised via NS
!!! techadvice.org SOA hostmaster admin has illegal mailbox
!!! techadvice.org SOA expire is less than 1 week (1 day)
Checking SOA for techadvice.org at ns.x-dnssecure.net ...
Query done, 1 answer, authoritative status: no error
expedite-vud7wg admin (6 900 600 86400 3600)
*** ns.x-dnssecure.net and ns.z-dnssecure.net have different primary for techadvice.org
And there is no whois record. Nice.
- Ross
More information about the geeks
mailing list