- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Rose: "Re: NaturallySpeaking Ver. and Access"
- Previous message: Eric Fishman: "Spam - And how we'll stop it!"
- Maybe in reply to: Jim Green: "++BullsEye-* spam extended header"
The Bull's Eye spam is coming from Christopher Knight. The
"company" shares the same address as Knight Captital (I think
thats the name) which is also owned by Mr. Knight. This
"person" has been spamming for quite a long time, and I have
been sending reports of his activity to the appropriate
people (eg. abuse@@....).
As far as I can tell, he has been kicked off of a number of
ISP's networks, but he keeps coming back. I don't know if
we can be stopped permanently, but we can slow him down
provided we know where the mail originated from. The
following line was taken from the email header:
> Received: from resilier ([209.69.166.186]) by po.netq.or.jp
Resilier is the name of another of Mr. Knight's "companies".
The IP address maps back to tchpf-port-186.lsl.com. LSL is
Linux Systems Labs. They don't appear to be an ISP from their
web page, but they might provide some internet access. Just
send a short message to abuse@@lsl.com (I don't know if this
address exists) explaining what has happened and include the
full headers for the spam message. Also mention that the
user is Christopher Knight (aka Knight Capital aka Resilier)
or has a billing address identical to the one in the message.
Perhaps the list owner should send email to LSL on behalf of
the voice-users list just in case Mr. Knight has figured out
how to forge IP address also (this is very unlikely when you
consider how badly he forges the other header info).
Just had to throw in my $0.02 (or US $0.013)
Patrick
- Next message: Rose: "Re: NaturallySpeaking Ver. and Access"
- Previous message: Eric Fishman: "Spam - And how we'll stop it!"
- Maybe in reply to: Jim Green: "++BullsEye-* spam extended header"
 |  |