I recently received some spam from the Soloway fellow in Oregon. The
specific entry in my exim4 mainlog looks like this;
2005-09-17 03:20:37 1EGRNd-0002Co-BX <= jeremiah@???
H=194-16-251-213.customer.telia.com [194.16.251.213] P=smtp S=2359
id=200309010816.06350.rwanda@???
From what I have gleaned from the specification file it points to a
host, 194-16-251-213.customer.telia.com, which delivered the email to
me. They are running some pretty old MS software, according to the curl
header request I ran. Does the id in the above log snippet show that
the host received the email from a mypersonalemail.com account? If so,
could this mean that the host is a Zombie machine sending out forwarded
spam? Should one contact the abuse address of the Zombie, or is that
futile?
Thanks very much.
Jeremiah Foster
http://www.devmodul.com
jeremiah.foster@???
Tel/Mobil: +46 (0)730 930 506
