01:35:59 1 SMTP-012([68.15.153.169]) SPAM? Recipient '<[EMAIL PROTECTED]>' rejected: sending host is blacklisted, "You are running a dictionary attack go away"
01:37:28 3 SYSTEM The current date is Saturday, February 7, 2004
I'm getting 200-300 of these hits a day. I can handle it but I'd like to complain to the ISP. What Mac tools are best for finding the responsible party?
I find the page at http://www.dnsstuff.com useful. A reverse dns query reports:
How I am searching:
Asking f.root-servers.net for 169.153.15.68.in-addr.arpa PTR record:
f.root-servers.net says to go to dill.arin.net. (zone: 68.in-addr.arpa.)
Asking dill.arin.net. for 169.153.15.68.in-addr.arpa PTR record:
dill.arin.net says to go to NS.EAST.COX.net. (zone: 15.68.in-addr.arpa.)
Asking NS.EAST.COX.net. for 169.153.15.68.in-addr.arpa PTR record:
ns.east.cox.net says to go to ns2.coxmail.com. (zone: 153.15.68.in-addr.arpa.)
Asking ns2.coxmail.com. for 169.153.15.68.in-addr.arpa PTR record: Reports wsip-68-15-153-169.hr.hr.cox.net.
Answer:
68.15.153.169 PTR record: wsip-68-15-153-169.hr.hr.cox.net. [TTL 86400s] [A=68.15.153.169]
You can also WHOIS the IP to find the contact addresses:
Country: UNITED STATES
NOTE: More information appears to be available at NET-68-15-128-0-1.
Cox Communications Inc. COX-ATLANTA (NET-68-0-0-0-1)
68.0.0.0 - 68.15.255.255
Cox Communications Inc. NETBLK-HR-CBS-68-15-128-0 (NET-68-15-128-0-1)
68.15.128.0 - 68.15.159.255The "NET-68-15-128-0-1" will show as a link that will give you Cox Communication's whois record. There is an abuse address listed there that you can send the relevant mail logs to support your complaint.
HTH; Jeff
############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
