oh, seems the BCCed message didnt make it. Dont worry, Ill make it
available here:
Here it goes. Read it, its fun.
To: abuse@gmail.com, abuse@att.com, abuse@sbcglobal.net spam@uce.gov
Subject: Abuse report of spam coming from
adsl-76-226-66-120.dsl.sfldmi.sbcglobal.net
Hi, abuse response teams
Im having a problem with an account of your domain
adsl-76-226-66-120.dsl.sfldmi.sbcglobal.net [76.226.66.120]
From what I can tell he is using a Linux OS, and has set a cron job to
send 12 email messages every 30 minutes to my email account using his
nail program attaching a 1MB of binary data, which seem its clearly an
automated spam incident.
I received today from in my account 150 messages of 1MB each from
this ip, with a fake name:
Return-Path:
adsl-76-226-66-120.dsl.sfldmi.sbcglobal.net [76.226.66.120]
Subject: This shit will continue until you correct your behavior
At the end of the email there is a complete header from stmp server
identifying the IP, times and dates of the incident. From the best I
can tell the IP hasnt changed today so you can pin point precisely
where this came from, despite being an adsl range. Funny enough the
guy left his name in the email (Aaron Kulkis), apparently because this
data was set in his linux account
This is clearly an abuse of conduct, and at the same time spam. The
intent, it seems was to flood my account.
Since this is a violation of internet good manners (and a violation of
the ISP's TOS too), Im asking for you to take some action against it,
as this may end in some blacklisting your ISP in smtp blacklists and
etc.
By now a simple rule to reject mail from that network will do anyway.
Despite the use of SPF filtering, I believe google should be checking
reverse dns settings and blocking dsl ranges, to avoid this kind of
childish behavior.
Also I will have to ask google to put you DSL range blacklisted in
SPF, to avoid further problems.
Im copying the raw headers of one of the emails from google SMTP.
Please, let me know if I can give you anymore information. I deleted
the messages but I have saved all the headers, in case you want to
cross those data with your own logs.
Thanks a lot
Marcio Ferreira
---
System Administrator
/* HEADERS */
Delivered-To: marcio.ferreira@gmail.com
Received: by 10.143.32.19 with SMTP id k19cs142480wfj;
Sat, 8 Sep 2007 11:56:52 -0700 (PDT)
Received: by 10.35.62.19 with SMTP id p19mr3720737pyk.1189277810643;
Sat, 08 Sep 2007 11:56:50 -0700 (PDT)
Return-Path:
Received: from kulkix.kulkinet
(adsl-76-226-66-120.dsl.sfldmi.sbcglobal.net [76.226.66.120])
by mx.google.com with ESMTP id f45si3426818pyh.2007.09.08.11.47.20;
Sat, 08 Sep 2007 11:56:50 -0700 (PDT)
Received-SPF: neutral (google.com: 76.226.66.120 is neither permitted
nor denied by best guess record for domain of akulkis@kulkix.kulkinet)
client-ip=76.226.66.120;
Authentication-Results: mx.google.com; spf=neutral (google.com:
76.226.66.120 is neither permitted nor denied by best guess record for
domain of akulkis@kulkix.kulkinet) smtp.mail=akulkis@kulkix.kulkinet
Received: by kulkix.kulkinet (Postfix, from userid 1000)
id ABAF010C34; Sat, 8 Sep 2007 14:40:51 -0400 (EDT)
Date: Sat, 08 Sep 2007 14:40:51 -0400
To: marcio.ferreira@gmail.com
Subject: This shit will continue until you correct your behavior
User-Agent: nail 11.25 7/29/05
MIME-Version: 1.0
Content-Type: application/octet-stream
Content-Transfer-Encoding: base64
Message-Id: <20070908184051.ABAF010C34@kulkix.kulkinet>
From: akulkis@kulkix.kulkinet (Aaron Kulkis)
<attachment deleted>
Delivered-To: marcio.ferreira@gmail.com
Received: by 10.143.32.19 with SMTP id k19cs151821wfj;
Sat, 8 Sep 2007 14:40:16 -0700 (PDT)
Received: by 10.65.183.7 with SMTP id k7mr6205238qbp.1189287614547;
Sat, 08 Sep 2007 14:40:14 -0700 (PDT)
Return-Path:
Received: from kulkix.kulkinet
(adsl-76-226-66-120.dsl.sfldmi.sbcglobal.net [76.226.66.120])
by mx.google.com with ESMTP id 12si8749097nzn.2007.09.08.14.39.16;
Sat, 08 Sep 2007 14:40:13 -0700 (PDT)
Received-SPF: neutral (google.com: 76.226.66.120 is neither permitted
nor denied by best guess record for domain of akulkis@kulkix.kulkinet)
client-ip=76.226.66.120;
Authentication-Results: mx.google.com; spf=neutral (google.com:
76.226.66.120 is neither permitted nor denied by best guess record for
domain of akulkis@kulkix.kulkinet) smtp.mail=akulkis@kulkix.kulkinet
Received: by kulkix.kulkinet (Postfix, from userid 1000)
id 7D61210CA2; Sat, 8 Sep 2007 17:39:16 -0400 (EDT)
Date: Sat, 08 Sep 2007 17:39:16 -0400
To: marcio.ferreira@gmail.com
Subject: This shit will continue until you correct your behavior
User-Agent: nail 11.25 7/29/05
MIME-Version: 1.0
Content-Type: application/octet-stream
Content-Transfer-Encoding: base64
Message-Id: <20070908213916.7D61210CA2@kulkix.kulkinet>
From: akulkis@kulkix.kulkinet (Aaron Kulkis)
<attachment deleted>
/* END OF HEADERS */
On 9/8/07, Druid wrote:
Hi Aaron,
Your isp and your mom will finally hear from you. Time for you at
adsl-76-226-66-120.dsl.sfldmi.sbcglobal.net [76.226.66.120] to finally
get busy.
Have a good time
Fun you know how to use cron, but next time set a fake account. You
spam like a little kiddy girl.
Marcio
---
Druid
On 9/8/07, Aaron Kulkis wrote:
Mike wrote:
On Saturday 08 September 2007 15:27, Billie Walsh wrote:
The fall back position when running out of intelligence is usually
insults and profanity.
I just think it's hilarious that these two are going at each other
instead of the rest of us. Isn't it amazing how they were attracted to
each other. Both are showing their maturity and intelligence. It just
appears to the rest of the world that they are lacking in both.
It takes someone with a spine to stand up to arrogant assholes and
bullies such as Druid/Marcio.
Don't worry, he won't be bothering this or any list quite shortly.
Mike
--
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse+help@opensuse.org
--
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse+help@opensuse.org