Morning all... I have this morning been tracking down (or attempting to) the source of some SPAM that came from an Australian source... I do this using the trusty NeoTrace program, which has the built in ability to do whois lookups whis is very handy when looking for source information. I was doing this when I noticed the following in the whois entry window: Copyright 2001 auDA. Terms of Use at http://www.aunic.net/copyright.html The object shown below is NOT in the AUNIC database. It has been obtained by forwarding your query to a remote server: (whois.ausregistry.net.au) at port 43. If whois.ausregistry.net.au says that AUNIC's IP address has been blacklisted, then please send your query directly to whois.ausregistry.net.au instead. BLACKLISTED: You have exceeded the query limit for your IP address and have been blacklisted. This restriction will be removed in 24 hours. End of referred query result How many queries does one have to do to get blacklisted? It seems (FWIW) that at the moment that the limit may be set too low as it is blacklisting legitimate use - to try and find SPAMMERS... Roll on April 10... Andrew For those who care - the spam was the current Equity Spotlight SPAM from "Stock-Market Spotlight" that has been going around... Headers and other info below... Return-Path: <duldrsol§asianhome.net> Received: from 203.17.238.134 ([210.8.211.138]) by penguin.bluetongue.com (8.11.3/8.11.3/check_local4.2) with SMTP id i2NGcFB16326 for <jobs§bluetongue.com>; Wed, 24 Mar 2004 03:38:16 +1100 X-Spam-Filter: check_local§penguin.bluetongue.com by digitalanswers.org X-Spam-Envelope: resolve_fail Received: from 224.184.70.159 by 210.8.211.138; Tue, 23 Mar 2004 11:38:06 -0500 Message-ID: <ARGZFJDPTNBEKQBUTRBLWJZ§yahoo.com> From: "Son Burger" <duldrsol§asianhome.net> Reply-To: "Son Burger" <duldrsol§asianhome.net> To: jobs§bluetongue.com Subject: Investors: OSSI, the Next Ditech, LendingTree, or Countrywide? Tue, 23 Mar 2004 11:38:06 -0500 Date: Tue, 23 Mar 2004 11:38:06 -0500 X-Mailer: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="--3691480753697955333" X-Spam-Checker-Version: SpamAssassin 2.61 (1.212.2.1-2003-12-09-exp) on penguin.bluetongue.com X-Spam-Status: No, hits=1.9 required=5.0 tests=BAYES_30,RFA autolearn=no version=2.61 X-Spam-Level: * X-UIDL: :a0!!([1"!67e!!E:I!! Status: RO inetnum: 210.8.211.128 - 210.8.211.191 netname: UNIVERSAL2-CC-AU descr: Universal Network Technologies Pty Limited descr: Suite G08 / Bay 16 descr: Australian Technology Park descr: Eveleigh, NSW 1430 country: AU admin-c: JS32-CC-AU tech-c: JS32-CC-AU status: ASSIGNED PA remarks: This information has been partially mirrored by APNIC from remarks: Connect.Com.Au. To obtain more specific information, please remarks: use the CCAIR whois server at whois.connect.com.au. notify: dbmon§connect.com.au mnt-by: CONNECT-AU changed: sstokes§connect.com.au 20031208 source: CCAIRReceived on Fri Oct 03 2003 - 00:00:00 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:07 UTC