I want to report a spammer, but I am having trouble figuring out where to direct my complaint.
May 3, 2004 4:46 AM Subscribe
I want to report a spammer, but I am having trouble figuring out where to direct my complaint. I have googled this and looked at a lot of anti-spam sites, but I still have questions. [more inside]
I know there are some sites/programs that semi-automate the reporting process, but I kinda want to figure this out.
1) In the email header, the last "Received:" line says:
Received: (from www@localhost) by host.foobar.com ... [I have changed the domain name]
Does this mean the spam is probably coming from foobar.com?
2) A lot of anti-spam sites say I should complain to foobar.com, but I have been to foobar.com, and it looks sketchy. Couldn't the spammer own the domain? Should I try it anyway?
3) Assuming I should try elsewhere, I have tracerouted foobar.com, but I can't find any information about the second-to-last ip address. What now? Keep going up the list?
4) This is one of those scams where the spammer wants me to click on a fake link to "verify" some personal information. Let's say that the link goes to barfoo.com. Should I also complain to barfoo.com or their service provider?
Would anyone like to take a look at the email?
I know there are some sites/programs that semi-automate the reporting process, but I kinda want to figure this out.
1) In the email header, the last "Received:" line says:
Received: (from www@localhost) by host.foobar.com ... [I have changed the domain name]
Does this mean the spam is probably coming from foobar.com?
2) A lot of anti-spam sites say I should complain to foobar.com, but I have been to foobar.com, and it looks sketchy. Couldn't the spammer own the domain? Should I try it anyway?
3) Assuming I should try elsewhere, I have tracerouted foobar.com, but I can't find any information about the second-to-last ip address. What now? Keep going up the list?
4) This is one of those scams where the spammer wants me to click on a fake link to "verify" some personal information. Let's say that the link goes to barfoo.com. Should I also complain to barfoo.com or their service provider?
Would anyone like to take a look at the email?
RavinDave is right, though sometimes the whole thing is spoofed. It should generally be an ISP that you end up with. Trying contacting abuse@<isp_here>.com. If they look sketchy, don't use your primary email address. You can forward the mail (with full headers) to trillion at mindless dot com if you want.
posted by trillion at 9:14 AM on May 3, 2004
posted by trillion at 9:14 AM on May 3, 2004
SpamCop used to have a service that would interpret the headers for you and give you an abuse contact, since it seems like you're not comfortable making the call as to which headers are bogus and which aren't. I'm not sure if they still offer this, it seems to have been rolled in to their "report spam" function. Try poking around on there and see if they're just hidden it.
Or perhaps take a look at a tutorial on reading and interpreting headers and their legitimacy.
posted by majick at 1:19 PM on May 3, 2004
Or perhaps take a look at a tutorial on reading and interpreting headers and their legitimacy.
posted by majick at 1:19 PM on May 3, 2004
This thread is closed to new comments.
Depends on if the IP quad [in brackets] points to foobar.com as well. iirc, the bracketed numerical address in the closest Received line is trustworthy, whereas the name version might not be.
posted by RavinDave at 5:10 AM on May 3, 2004