[Am-info] Microsoft Hotmail spam
james.buck@milliman.com
james.buck@milliman.com
Mon, 29 Apr 2002 7:38:03 -0700
Using tracert shows the domain=2E
C:\>tracert 210=2E155=2E134=2E91
Tracing the route to srv=2Edeltaintegral=2Eco=2Ejp [210=2E155=2E134=2E91]
over a maximum of 30 hops:
Using a whois to access JPNIC shows the owner=2E
http://whois=2Enic=2Ead=2Ejp/cgi-bin/whois_gw
[ JPNIC & JPRS database provides information on network administration=2E Its=20=
=20=
]
[ use is restricted to network administration purposes=2E For further infor- =20=
=20=
]
[ mation, use 'whois -h whois=2Enic=2Ead=2Ejp help'=2E To suppress Japanese ou=
tput, =20=
]
[ add'/e' at the end of command, e=2Eg=2E 'whois -h whois=2Enic=2Ead=2Ejp xxx/=
e'=2E =20=
]
Domain Information:
a=2E [Domain Name] DELTAINTEGRAL=2ECO=2EJP
g=2E [Organization] Deltaintegral Co=2E,Ltd=2E
l=2E [Organization Type] Company
m=2E [Administrative Contact] TT7138JP
n=2E [Technical Contact] TT7138JP
p=2E [Name Server] ns=2Edeltaintegral=2Eco=2Ejp
y=2E [Reply Mail] support@deltaintegral=2Eco=2Ejp
[State] Connected (2002/05/31)
[Registered Date] 1998/05/15
[Connected Date] 1998/06/01
[Last Update] 2001/10/17 13:05:59 (JST)
tamura@deltaintegral=2Eco=2Ejp
It's a place to start=2E
James Buck
On Sat, Apr 27, 2002 at 07:51:47AM -0500, Eric M=2E Hopper wrote:
> On Sat, 2002-04-27 at 05:38, John Poltorak wrote:
> > > > > > Does anyone else get spam from Hotmail addresses?
> > > > IMV Microsoft is responsible for sending out such unsolicited junk=20=
email > > because they are owners of the system where it originates=2E
> > > > > > Has anyone every tried to complain about it? Who would you complain=20=
to > > anyway?
> > > > It would be nice to see some class action taken against them=2E
> > > > Wasn't there some legislation recently to try and curb this abuse?
> > Are you sure the spam is actually from Hotmail? If you look at the
> headers, I bet it came from someplace completely different=2E If Hotmail
> actually sent out spam, they'd be on the RBL in 2 seconds flat, and
> their users wouldn't be able to reach 10-30% of the world=2E
> > The From: header was probably forged to look like it came from hotmail=2E
I don't actually trust the From: line anyway, I'm more inclined to check my=20=
Sendmail transaction logs=2E Here's something which I got earlier today which=20=
appeared to come from AOL rather than Hotmail:-
64801 S> 220-mail=2Eeyup=2Eorg Sendmail IBM OS/2 SENDMAIL VERSION 2=2E03/2=2E0 re=
ady at=20=
Sat, 27 Apr 2002 11:06:23 +0100
220 ESMTP spoken here
64801 S< EHLO srv1
64801 S> 250-mail=2Eeyup=2Eorg Hello [210=2E155=2E134=2E91], pleased to meet you
64801 S> 250-EXPN
64801 S> 250-SIZE
64801 S> 250 HELP
64801 S< MAIL From:<Mickey4u876678900@aol=2Ecom> SIZE=3D1574
64801 S> 250 <Mickey4u876678900@aol=2Ecom>=2E=2E=2E Sender ok
64801 S< RCPT To:<jpolt@bradnet=2Elegend=2Eco=2Euk>
64801 S> 250 <jpolt@bradnet=2Elegend=2Eco=2Euk>=2E=2E=2E Recipient ok
64801 S< DATA
64801 S> 354 Enter mail, end with "=2E" on a line by itself
64801 S> 250 LAA648=2E01 Message accepted for delivery
64801 S< QUIT
64801 S> 221 mail=2Eeyup=2Eorg closing connection
Here, the From: will contain an AOL subscriber, but my mail server is taking=20=
delivery from 210=2E155=2E134=2E91=2E
How do I tell who owns that system? > -- Eric Hopper (hopper@omnifarious=2Eorg --=
=20=
John
_______________________________________________
Am-info mailing list
Am-info@lists=2Eessential=2Eorg
http://lists=2Eessential=2Eorg/mailman/listinfo/am-info
**********************************************************************
This communication is intended solely for the addressee and is
confidential=2E If you are not the intended recipient, any disclosure,
copying, distribution or any action taken or omitted to be taken in
reliance on it, is prohibited and may be unlawful=2E