tracing spam

Dirk dirk.dil at
Fri Nov 19 02:08:36 PST 2004

Jason Gurtz (jason at wrote:
> On 11/16/2004 02:41, Dirk wrote:
> > Received: from ( [])
> >         by  with ESMTP id iAEIn1qM032103
> >         for <mejerdil at>; Sun, 14 Nov 2004 19:49:02 +0100
> [...]
> > I recieved this from "".  This means my ISP is
> > spamming me!?!?
> I would hope not!  More likely, it's one of their customers.  Why not
> forward the spam to their abuse desk?
> ~Jason

OK, them I think I know who it is.

Does this scenareo make sense? ( It is what I think what is happening.)

Some one's PC (running on M$) gets infected with a virus/worm.  This
takes advantage of a dial up connection and a local list of e-mail to
disseminate itself.  Adresses to and from randomly selected from local
adress list.  And who knows what else this virus/worm is doing.

If that makes sense, what should the infected PC's owner do about it?
Reinstalling M$ would cure it ( temporarily ).  Any way to avoid losing
the whole setup?

I advised them to use a firewall, a virus doctor and spamassasin which
is also available for M$ I think.

Thanks for your patience so far.


More information about the lfs-chat mailing list