Results 1 to 4 of 4
  1. #1
    pph Expert! Gordon's Avatar
    Join Date
    January 18th, 2005
    Location
    Edmonton Canada
    Posts
    5,781
    If this is in the wrong thread will a mod please put it in the correct one?
    Thanks

    These are some ISP's that have been to my sites trying to get at my mailing programs/software I assume so they can spam the world with it.
    does anybody recognise any of them?
    what if anything is it best to do with them?

    24.31.253.194
    64.109.242.65
    66.216.85.154
    67.128.27.136
    68.158.36.81
    81.118.4.16
    200.42.212.42
    200.67.165.180
    200.162.72.131
    201.0.78.34
    202.102.188.180
    204.108.80.10
    213.69.149.153
    216.31.40.2
    216.145.236.34
    217.37.168.133
    217.222.94.51
    One day parasites and their ilk will be made illegal, I bet a few Lawyers will be pissed off when the day comes.
    Mr. Spitzer is fetching it nearer

    YouTrek

  2. #2
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    I get this type of thing in my logs too - however, what you'll notice is odd is that you might get three or so different attempts at different scripts, from different IP address all at more or less the same time.

    I'm pretty sure that the transmitting IP address is fake because of the unusual timings. Of course, this means that the person probing your scripts never gets a direct response, but I think they're just trying to generate a message which they can pick up through email.
    Innovative advertising with Slimeware Corporation and Telephore. Mail-order fuel with Petrol Direct.

  3. #3
    Full Member
    Join Date
    January 18th, 2005
    Posts
    230
    I have a number of sites with live stats - so I can watch people go through the site (and hopefully learn something?) and I've seen the same thing - a number (usually 2 or 3) hits on non-existant mail scripts coming through within a few seconds of each other, but all from different IP addresses (and countries). The referral address is always my own site, so the actual request must be faked - perhaps sent through open proxies or trojans running on unsuspecting PCs.

    I don't think there's anything much you can do - because the IP addresses seem to come from so many ranges, blocking isn't really an option. It seems the best thing is to make sure that if you have any mail scripts, check them for security, and perhaps rename them to something reasonably obscure.

  4. #4
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    I don't think it's even being done through a proxy or hijacked PC.

    All you need to do is feed the script the right data - you don't need to get any feedback directly (so it doesn't matter that you've faked your own IP address). If you attempt to instruct the script to mail to (for example) evilguy@somefreewebmail.com you can scoop up the replies later (and untraceably).
    Innovative advertising with Slimeware Corporation and Telephore. Mail-order fuel with Petrol Direct.

  5. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Join the Checks in the Mail program on buy.at!
    By Kim Salvino in forum Affiliate Window Program Announcements
    Replies: 2
    Last Post: July 19th, 2010, 03:05 PM
  2. Crisis with Thunderbird POP3 e-mail program
    By Rhia7 in forum Virtual Family and Off-Topic
    Replies: 9
    Last Post: November 5th, 2009, 07:52 PM
  3. Replies: 0
    Last Post: November 6th, 2002, 05:35 AM
  4. Update your Outlook Express e-mail program
    By ecomcity in forum Spam
    Replies: 4
    Last Post: October 13th, 2002, 01:02 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •