Tips on Tracking down Spammers!

Question

Tips on Tracking down Spammers!!!

Answer

This question was answered on January 12, 2001. Much of the information contained herein may have changed since posting.

The most likely source of junk e-mail is commercial advertisers Too many companies are falling for the "How to Make Lots of Money on the Internet" pitches and engaging in bad business practices While some of them are genuinely ignorant most are just plain inconsiderate and are counting on a small percentage of users to respond to their attempts.

Here are a couple of ways to track down and send messages to SPAMMERS or thier providers In all cases, it is best not to use your primary e-mail account when sending a complaint as an unscrupulous person or company will simply add it to their mailing list Instead use one of the many free web based e-mail programs (www.hotmail.com, mail.yahoo.com, etc.) to send the complaint...

Generally, the only way a reputable business will stop using these improper tactics is when they realize that it may be costing them to do so Porn vendors and fly-by-night operations don't care what you think, so the following tip is most likely pointless with them.

TIP#1 - If an e-mail message contains a web address, you can lookup the actual owners of the web address and e-mail them your disdane directly by using the WhoIs section of the Network Solutions website at:

<a href="http://www.networksolutions.com/cgi-bin/whois/whois" target="_blank"><font color="#003399">>http://www.networksolutions.com/cgi-bin/whois/whois</b></font></a> By entering just the domain (the part after the @ sign) you can look up the registration information for the domain, complete with the e-mail address and phone number of the party that registered the site ALWAYS be courteous and civil, but firm that you don't appreciate the unsolicted e-mail Since many companies don't realize that their "marketing" (ha ha) company is actually a world class SPAM house, they need to hear directly from the masses If the legitamite business owner gets enough negative e-mail about his marketing method, they will likely stop!

TIP#2 (ADVANCED USERS) - Many shady businesses will purposely try to hide any real information about the origins of the e-mail message, including the return e-mail address, but they can't hide where they sending it from! If you can track down the source of the message, you can complain to the provider of the "upstream" connection A SPAMMER can not operate without a working connection to the Internet, so you can attack them at their knees by complaining to their provider

In most e-mail programs, you can view the header information which will generally list a Received from: section with the domain/IP address of the sender In Outlook right-click on the message and select Options to view the header information In AOL 6.0 the header information appears after the message and look something like this:

----------------------- Headers --------------------------------

Return-Path: <[email protected]>

Received: from rly-xb01.mx.aol.com (rly-xb01.mail.aol.com [172.20.105.102]) by air-xb02.mail.aol.com (v77.31) with ESMTP; Thu, 04 Jan 2001 00:01:17 -0500

Received: from dns1.APPLAUD.CO.JP [210.238.186.202] by rly-xb01.mx.aol.com (v77.27) with ESMTP; Thu, 04 Jan 2001 00:01:02 -0500

Received: from g12-om210.rgc2.net ([10.30.10.58]) by neteng with Microsoft SMTPSVC(5.5.1877.297.29);

Wed, 3 Jan 2001 21:01:02 -0800

MIME-Version: 1.0

Content-Type: text/plain;

charset="ISO-8859-1"

Content-Transfer-Encoding: quoted-printable

Date: Wed, 3 Jan 2001 21:01:02 -0800

X-cid: bgs.57

From: "Fake Address" <[email protected]>

Reply-To: "[email protected]" <[email protected]>

Subject: Get something for nothing!

To: [email protected]

Message-ID: <[email protected]om>

In AOL, look for the first Received: from that does not end in aol.com (bold faced above).

Copy either the domain name or the IP address (in this case, 210.238.186.202) and use the Windows "tracert" utility or go to:

<a href="http://cities.lk.net/traceroute.htm" target="_blank"><font color="#003399">>http://cities.lk.net/traceroute.htm</b></font></a> to track them down! Tracert will follow the path from your computer to the senders system, like this tracert to Yahoo.com (NOT A SPAMMER!):

1 151 ms 161 ms 162 ms iah14.barrie.connex.net [209.212.39.193]

2 164 ms 159 ms 163 ms bcicor1-100bt-e1.barrie.connex.net [205.189.200.35]

3 270 ms 327 ms 234 ms spc-tor-7-Serial3-1.Sprint-Canada.Net [207.107.244.213]

4 261 ms 260 ms * core-spc-tor-2-POS2-0-0.sprint-canada.net [204.50.128.13]

5 * 180 ms 179 ms sl-gw21-pen-1-1-0-T3.sprintlink.net [144.228.178.5]

6 177 ms 189 ms 195 ms sl-bb10-pen-5-2.sprintlink.net [144.232.5.133]

7 231 ms 245 ms 233 ms sl-bb22-stk-6-0.sprintlink.net [144.232.8.178]

8 230 ms 232 ms 259 ms sl-bb21-stk-9-0.sprintlink.net [144.232.4.105]

9 258 ms 234 ms 244 ms sl-bb21-stk-0-3.sprintlink.net [144.232.4.82]

10 291 ms 287 ms 320 ms isi-border2-hssi4-0-0-T3.sprintlink.net [144.228.147.10]

11 325 ms 294 ms 326 ms fe4-0.cr1.SNV.globalcenter.net [206.251.7.42]

12 288 ms 266 ms 307 ms pos0-0.wr1.SNV.globalcenter.net [206.251.0.106]

13 305 ms 305 ms 262 ms pos1-0.wr1.NUQ.globalcenter.net[206.251.0.73]

14 310 ms 320 ms 306 ms pos5-0.NUQ.globalcenter.net[206.251.0.121]

15 310 ms 295 ms 311 ms yahoo.com [204.71.177.35]

Trace complete

The last entry will be the domain or IP address of the source of the spam you received, but the next to last hop will likely be the domain of the upstream provider of the SPAMMER! (bold faced above) You can send an e-mail message to [email protected](domain of provider) to complain Most upstream providers do not take SPAMMERS lightly, so this may at least get them cut off for a while...

TIP#3 - Use <a href="http://spamcop.net" target="_blank"><font color="#003399">SpamCop.net</font></a> to lodge a formal complaint SpamCop.net has various tools for tracking down info and lodging complaints with the hosts and providers of SPAMMERS If your search for a provider in TIP#2 results in a pile of IP addresses, you can use the HostTracker at SpamCop.net to track down the host information for the SPAMMER.

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on January 12, 2001