[Exim] New generation of spammers

Góra strony
Delete this message
Reply to this message
Autor: George Szekely
Data:  
Dla: exim-users
Temat: [Exim] New generation of spammers
Take "hotoptions.net" for example. It's impossible to lock them out.
Do a ping, tracerout, lookup, whatever... It all resolves to
"127.0.0.1". How? These spammers own their own registry.




; <<>> DiG 2.1 <<>> @ns1.earthlink.net hotoptions.net. ANY
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr rd ra; Ques: 1, Ans: 4, Auth: 2, Addit: 0
;; QUESTIONS:
;;    hotoptions.net, type = ANY, class = IN
;; ANSWERS:
hotoptions.net.    2533    SOA    ns1.directnic.com.
    hostmaster.hotoptions.net. (
1047487529        serial
16384        refresh (4 hours 33 mins 4 secs)
2048        retry (34 mins 8 secs)
1048576        expire (12 days 3 hours 16 mins 16 secs)
2560 )        minimum (42 mins 40 secs)
hotoptions.net.    61942    A    127.0.0.1
hotoptions.net.    86373    NS    ns0.directnic.com.
hotoptions.net.    86373    NS    ns1.directnic.com.
;; AUTHORITY RECORDS:
hotoptions.net.    86373    NS    ns0.directnic.com.
hotoptions.net.    86373    NS    ns1.directnic.com.
;; Total query time: 12 msec
;; FROM: us.mirror.menandmice.com to SERVER: ns1.earthlink.net 207.217.126.41
;; WHEN: Wed Mar 12 09:51:44 2003
;; MSG SIZE sent: 32 rcvd: 172