|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Christmas spam from RESERVED IANA adressblock ?
If you want to file a spam complaint I suggest you do a whois for 76.74.250.247. This is the external facing mail server that sent you the email. Most applications these days are built in layers so a web layer forwards the email to an email server, if the application is not designed to suppress the HELO from the web layer then you will see internal email routing information. As for the network side most networks filter out BOGONS so you would not get RFC1918 into your network. Zaid -----Original Message----- From: macbroadcast [mailto:[email protected]] Sent: Wednesday, December 24, 2008 6:48 AM To: NANOG list Subject: Christmas spam from RESERVED IANA adressblock ? hello ladys and getlepersons just out of curiosity i looked a bit closer into this spammail header, because this company is really annoying and abusing a lot of internet citizens. Anfang der weitergeleiteten E-Mail: > Von: [email protected] > Datum: 24. Dezember 2008 12:30:18 MEZ > An: [email protected] > Betreff: E-Mail For You @ ualadys.com > Return-Path: <[email protected]> > Received: from mx2.mail.vrmd.de ([10.0.1.21]) by vm42.mail.vrmd.de > (Cyrus v2.2.12-Invoca-RPM-2.2.12-9.RHEL4) with LMTPA; Wed, 24 Dec > 2008 12:30:25 +0100 > Received: from mx2.iispp.com ([76.74.250.247]) by mx2.mail.vrmd.de > with esmtp (Exim 4.69) (envelope-from <[email protected]>) id > 1LFRwW-00011o-DY for [email protected]; Wed, 24 Dec 2008 12:30:25 +0100 > Received: from web1.iispp.com (w1 [172.16.21.244]) by mx2.iispp.com > (Postfix) with ESMTP id B71CF3504DB for <[email protected]>; Wed, 24 Dec > 2008 11:30:18 +0000 (UTC) > Received: by web1.iispp.com (Postfix, from userid 33) id A5C7917A405C; > Wed, 24 Dec 2008 06:30:18 -0500 (EST) "Whois" wurde gestartet . OrgName: Internet Assigned Numbers Authority OrgID: IANA Address: 4676 Admiralty Way, Suite 330 City: Marina del Rey StateProv: CA PostalCode: 90292-6695 Country: US NetRange: 172.16.0.0 - 172.31.255.255 CIDR: 172.16.0.0/12 NetName: IANA-BBLK-RESERVED NetHandle: NET-172-16-0-0-1 Parent: NET-172-0-0-0-0 NetType: IANA Special Use NameServer: BLACKHOLE-1.IANA.ORG NameServer: BLACKHOLE-2.IANA.ORG Comment: This block is reserved for special purposes. Comment: Please see RFC 1918 for additional information. Comment: http://www.arin.net/reference/rfc/rfc1918.txt RegDate: 1994-03-15 Updated: 2007-11-27 OrgAbuseHandle: IANA-IP-ARIN OrgAbuseName: Internet Corporation for Assigned Names and Number OrgAbusePhone: +1-310-301-5820 OrgAbuseEmail: [email protected] OrgTechHandle: IANA-IP-ARIN OrgTechName: Internet Corporation for Assigned Names and Number OrgTechPhone: +1-310-301-5820 OrgTechEmail: [email protected] # ARIN WHOIS database, last updated 2008-12-23 19:10 # Enter ? for additional hints on searching ARIN's WHOIS database. so how is this possible ? merry christmas anyway Marc > X-Sieve: CMU Sieve 2.2 > Envelope-To: [email protected] > Delivery-Date: Wed, 24 Dec 2008 12:30:25 +0100 > X-Id-From: 1000 > X-Id-To: 238141 > X-Mail-Id: 203714382 > Mime-Version: 1.0 > Content-Type: text/html > Message-Id: <[email protected]> > X-Spam-Suspicion: No > X-Purgate: Clean X-purgate-ID: > 150741::081224123024-0FFB86C0-283E8BDE/0-0/0-1 X-purgate-Ad: For more > information about eXpurgate please visit http://www.expurgate.net/ > > > > > marc, You have new mail > This is to notify you that you have received an E-Mail from > > View Photos > DetailsIrina O #1000 > Subject: Destiny has linked us... > > Date: 24 December 2008 > > To read the message go here: > > PLEASE, DO NOT REPLY TO THIS E-MAIL - FOLLOW THE LINK > > http://www.ualadys.com/view_mail.rpx?hash=a71d2600f032ece232a391296f5f > 071e&mid=203714382&uid=238141 > > Thank you, > ualadys.com Support Team > > Favorites ualadys.com > > 24x7 Call center > > United States > +1 (315) 849-5814 > > United Kigdom > +44 (315) 849-5814 > > Skype support : ualadys > > > > For any question in english > about this site please call: > +1 (212) 226-8900 > Mon-Fri 9:00-16:00 (EST) |