Author Topic: Trace where your spam came from!  (Read 8435 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Trace where your spam came from!
« on: June 19, 2007, 07:24:59 PM »
Hi malware fighters,

Do you want to know where the spam you received came from, you can do that online here:
http://www.mitm.nl/
Just cut and paste the e-mail header, and there we go!
Alas you only see the zombie computer the spam was sent from.

That you can do something with the info is a serious misconception: received headers in spam almost alwas are being falsified.

There are a dozen or so exemptions, together good for a small portion of all spam volume:
hacked servers
hacked user accounts (web mail, 419)
free mail providers (o.a. 419)
ISP mail servers (through hacked pc's)
open mail servers

Only the last two categories could deliver workable received headers' infolleen
headers op. But you must have the knowledge where to look for these special cases.

Enjoy the geo-location of the zombie you were spammed from,

polonus
« Last Edit: June 19, 2007, 07:36:13 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

drhayden1

  • Guest
Re: Trace where your spam came from!
« Reply #1 on: June 19, 2007, 07:26:41 PM »
thanks-will give it a try damian 8)
« Last Edit: June 19, 2007, 07:29:08 PM by drhayden1 »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Trace where your spam came from!
« Reply #2 on: June 19, 2007, 08:05:24 PM »
Personally I couldn't care less where the spam comes from, so long as mailwasher detects it and I delete it. I used to track down where spam came from long before these tools came out and reported many, but this really is time wasted IMHO. Life is to short, time to do something more enjoyable.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

drhayden1

  • Guest
Re: Trace where your spam came from!
« Reply #3 on: June 19, 2007, 09:32:20 PM »
Quote
Personally I couldn't care less where the spam comes from, so long as mailwasher detects it and I delete it
you are right davidr my friend...just as long as my mailwasher pro filters out all the spam-crap i'm happy-and better things then to do guessing where or whom sent it-if i knew i wouldn't wanna know ??? ::)
thanks anyways damian-at least you care :o
« Last Edit: June 19, 2007, 09:35:03 PM by drhayden1 »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Trace where your spam came from!
« Reply #4 on: June 19, 2007, 10:10:10 PM »
It isn't that I don't care for Damian's post, nothing could be further from the truth. It is simply time spent tracking down spam is seldom worth it.

An old Army saying is that 'time spent in reconnaissance is seldom wasted' true for tracking down vulnerabilities and weakness, etc., but unfortunately this isn't true for tracking spam origins.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

drhayden1

  • Guest
Re: Trace where your spam came from!
« Reply #5 on: June 19, 2007, 10:49:56 PM »
Quote
It isn't that I don't care for Damian's post, nothing could be further from the truth
feel the same..i valve his help and posts and everyone's else's :)
Marine saying "The MARINES have landed and have the situation well in hand!" put in mailwasher pro in the marines place and it has the spam situation well in hand 8)
« Last Edit: June 19, 2007, 10:53:16 PM by drhayden1 »

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Trace where your spam came from!
« Reply #6 on: June 20, 2007, 03:41:22 AM »
It isn't that I don't care for Damian's post, nothing could be further from the truth. It is simply time spent tracking down spam is seldom worth it. An old Army saying is that 'time spent in reconnaissance is seldom wasted' true for tracking down vulnerabilities and weakness, etc., but unfortunately this isn't true for tracking spam origins.
Fully agree. I'll use my time blocking spam and not to discover the origin as I can't do anything.
By the way, Gmail has a powerful spam trap and we receive almost nothing of spam.
The best things in life are free.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Trace where your spam came from!
« Reply #7 on: June 20, 2007, 08:46:12 AM »
Hi Tech,

There could be a solution for the spam-problem using the mailkey protocol:
http://www.xs4all.nl/~rmeijer/mailkeys.pdf
The way the problem is tackled now with blacklists/ greylists/ whitelists is not doing anything, the mailkey protocol would make:
    *  Possesion of an e-mail address plus sub-adsress enables the holder to address the mailbox of the one that poseses the mailbox.

    * A sub-address can be revoked.

    * A sub-adres is non forgeable.

W We can only guess why the problem is not tackled by the roots?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

drhayden1

  • Guest
Re: Trace where your spam came from!
« Reply #8 on: June 20, 2007, 12:24:47 PM »
Email is a wonderful thing. Messages get to their destination as fast as a phone call, without interupting the recipient. You can choose whether or not to read an email message, at a time that's convenient. You can reply immediately or not. You can think about your reply, edit and check spelling, just like a snail mail letter. And email messages don't cost extra for long distance, frequency, or high volume. You can transmit long passages, links, and photos. And you can send the same message to many people at once.... now THERE'S where the problem starts. Advertisers took advantage of this feature, and email became SPAM.
I get a couple hundred junk email messages every day. Good thing i have mailwasher pro!!!! I don't bother even looking a them, but maybe I should take a look every now and then. Since spammers started using random word generators to get around filters, there are some pretty weird messages in circulation :P  Thought for today: If it weren't for spam, I'd have no mail at all! ::)
click on to enlarge....
« Last Edit: June 20, 2007, 12:31:01 PM by drhayden1 »

avatar2005

  • Guest
Re: Trace where your spam came from!
« Reply #9 on: June 20, 2007, 12:52:11 PM »
Hi malware fighters,

Do you want to know where the spam you received came from, you can do that online here:
http://www.mitm.nl/
Just cut and paste the e-mail header, and there we go!
Alas you only see the zombie computer the spam was sent from.

That you can do something with the info is a serious misconception: received headers in spam almost alwas are being falsified.

There are a dozen or so exemptions, together good for a small portion of all spam volume:
hacked servers
hacked user accounts (web mail, 419)
free mail providers (o.a. 419)
ISP mail servers (through hacked pc's)
open mail servers

Only the last two categories could deliver workable received headers' infolleen
headers op. But you must have the knowledge where to look for these special cases.

Enjoy the geo-location of the zombie you were spammed from,

polonus

Hi Damian! Thanks for the link, but for tracing my spam messages, and other fraud web pages I like to use IPMetInfo

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Trace where your spam came from!
« Reply #10 on: June 20, 2007, 01:40:38 PM »
Halio avatar2005,

Can you give a link for that service. Thanks for your reaction,

pozdrawiam,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Trace where your spam came from!
« Reply #11 on: June 20, 2007, 04:17:29 PM »
Halio avatar2005,

Can you give a link for that service. Thanks for your reaction,

pozdrawiam,

polonus
Hi Damien,
I think this is the program avatar2005 was referring to:
http://www.nirsoft.net/utils/ipnetinfo.html
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

avatar2005

  • Guest
Re: Trace where your spam came from!
« Reply #12 on: June 20, 2007, 04:19:42 PM »
Yes Bob  :) You were quicker then me 8), it's the one I mentioned

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Trace where your spam came from!
« Reply #13 on: June 20, 2007, 04:26:21 PM »
Yes Bob  :) You were quicker then me 8), it's the one I mentioned
Not by much..... ;D :) ;D
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Trace where your spam came from!
« Reply #14 on: June 20, 2007, 04:52:53 PM »
Hi bob3160,

As always, bob3160, for reliable information. Bob, thanx a bunch.
And of course you too avatar2005 for giving the name of the program.

Damian
« Last Edit: June 20, 2007, 04:55:16 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!