>...
>
>List Mail User wrote:
>> Did either of you try listing himlove. com (invalid telephone/fax),
>> or notice that the contacts' email is from a non-existant domain,
>> heroutside. com. Or that the name servers in carr821. com also have
>> an invalid address. Or that the contact domain from the DNS servers,
>> narod. ru have an invalid registration. Or that the name server domain
>> for narod. ru of yandex. ru also has an invalid registration ...
>>
>> I gave up after about 8.
>>
>> You have to realize when some idiot has just invited you to get rid
>> of a half dozen or so spam and spam support domains.
>
>a short howto to the list would be good ;-)
>
>--
>Robert Brooks, Network Manager, Cable & Wireless UK
><[EMAIL PROTECTED]> http://hyperlink-interactive.co.uk/
>Tel: +44 (0)20 7339 8600 Fax: +44 (0)20 7339 8601
>- Help Microsoft stamp out piracy. Give Linux to a friend today! -
>
Start with your favorite version of "whois" (I like jwhois, because
you seldom need to enter the registry). Then learn the rules about what is
required. Lookup all the contacts' email domains - if you *really* want to
get them check the email validity with telnet to the server. Check all the
domains with either nslookup or dig, paying particular attention to any 'MX'
records - look them up separately checking for invalid addresses (i.e.
127.0.0.1 or MX's of address literals). Keep going until things run in a
circle (i.e. you stop finding new domains). Check all the addresses with
your favorite set of online maps (usually Yahoo! for North America, Mapquest
for the rest of the world, but some place require more work). Check the postal
codes at the countries own postal authority if you can (usually the first or
second line from Google with "Country_Name postal code") or from a few other
sites (escapeartist is good as is statoids). File everything you find wrong
with rfc-ignorant and for international TLDs (e.g. ".com", ".net", ".org",
".biz", ".info", etc) file at wdprs.internic.net. For other TLDs, you have
to do whatever the specific grantor requires (but for ".us" - send email to
the registrar and a "Cc:" [EMAIL PROTECTED]); For Canada, use cira.ca, etc.
With a little practice, it takes 1-3 minutes for most bogus domains.
(Count on 15 minutes to an hour, until you get the hang of it).
Ad nausem (automated checking of the contacts' emails and the abuse@,
postmaster@ and DSN addresses are good too).
And also, if any of the emails you find is a MSN, Hotmail or in other
MS domain or of a Outblaze customer (together, thats about 15% of all email
accounts in the world) - send off an email with the copy of the spam - the
account will be canceled - then tommorrow, the domain has become invalid.
Start by reading the documents at www.arin.net, www.internic.net, and
rfc-ignorant.org.
Also, remember, many spam friendly registrars won't do anything until
fored to by the overriding authority - good cases take 15-20 days for the
domain to die, bad ones can take 3-4 months; But you can blacklist them in
almost no time.
Good luck and have fun hunting (nobody spams my domains and gets off
clean!),
Paul Shupak
[EMAIL PROTECTED]
P.S. The "real" finds are the rare invalid netblock or ASN, but that can wait
until you learn to check domains.
