<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

About the Unsolicited Use of Our Legal IP Addresses


Title: About the Unsolicited Use of Our Legal IP Addresses

Hi,

We have been getting lots of compliant emails for months. Neither our email servers are
open to relay nor those spam traffic passes through our network.

Unfortunately, we have been the victim of a spammer who has been using a nearly
standard spoofed email header. The headers are not only spoofed but inconsistent as
well. If you pay attention (please see  a sample mail with header info in the attachment),
you will see that the sequential header entries do not even constitute a regular address chain.
It is understood that the attacker constitutes a fixed header text, writes this text to the header
of the packets, and sends the emails regularly. The headers are all the time nearly same except from the
last "Received from..." step.

If you check, you will see that "da001d2020.lax-ca.osd.concentric.net" is resolved to
208.36.182.233, and the trace to this IP goes into a loop between other 2 IP addresses
of concentric.net. It is obvious that this address is (should be some kind of DNS spoofing)
spoofed to one of our legal addresses (194.29.209.49). There is no way that this email traffic
has passed through our network.

We deny relaying & perform some sort of checks in order to avoid spamming activities.

************************************************************************************************************
We don't want to be put in the blacklists or shitlists of organizations. We would like to get help
from you to do this. Also, we would be glad if you can tell us what exactly is being happening,
and what can we be done to get rid.
************************************************************************************************************

Thanks & best regards.


__________________________________________
Muharrem AY
Garanti Technology
IT Security Department
Phone   : +90.212.4783422
Fax     : +90.212.6570473
Mailto  : muharremay@localhost
Address : Evren Mah. Kocman Cd. No: 22
          34550 Gunesli Istanbul/TURKEY
www.garantitechnology.com
__________________________________________


<<RE School Girl Teens Caught Fuck'n In Showers !!!!! dmlwt.rtf>>

Attachment: RE School Girl Teens Caught Fuck'n In Showers !!!!! dmlwt.rtf
Description: RE School Girl Teens Caught Fuck'n In Showers !!!!! dmlwt.rtf


<<< Chronological >>> Author    Subject <<< Threads >>>