Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: I hate this spammer!
« previous next »
Pages: [1]   Go Down

I hate this spammer!

  • 3 Replies
  • 1244 Views

Offline steever

  • *
  • 185
  • +0/-0
    • Open-Sesame
I hate this spammer!
« on: October 30, 2005, 09:04:21 AM »
We get a lot of spam coming from this domain:  bras1-vr2-ip3-9.access.batelco.com.bh, but they pretend they are from my domain "mydomain.com" and they use email addresses like administrator@mydomain.com etc which don't exist.  How can I prevent any email from this domain getting through to our network?

Thanks in advance!
Logged
Saving the world ... one server at a time.

Offline raem

  • *
  • 3,972
  • +4/-0
Re: I hate this spammer!
« Reply #1 on: October 30, 2005, 11:34:03 AM »
Logged
...

Offline Reinhold

  • *
  • 517
  • +0/-0
    • http://127.0.0.1
I hate this spammer!
« Reply #2 on: October 30, 2005, 03:31:25 PM »
steever,

Your spam originates from a dial-up-line of Bahrain Telecommunications Company.
Check: http://www.batelco.com/

While the general rules/methods that Ray already gave you sure do apply,...

...if you are "really annoyed" (ira ira) you may want to mail
abuse@batelco.com
webmaster@batelco.com
webmaster@inet.com.bh
and "Wholesale Datacom & Internet Services" Mr. Ali Shakeeb  ali_shakeeb@btc.com.bh  ;-)

DO give them one or two "examples" !!!
... sometimes that DOES relieve stress ;-)
sometimes they even act and get rid of "bad business"      ;-)

After all, their Terms (http://www.batelco.com/preview.asp?ArticleId=366) say
5.3- The customer shall not:
5.3.1- Use the service:
5.3.8- Use the Internet in connection with surveys, contests, pyramids schemes, chain letters, junk e-mail, spamming or any duplicative or unsolicited messages (commercial or otherwise);

after all.
:hammer: :hammer: :hammer:

Regards
Reinhold :-D
Logged
............

Offline kruhm

  • *
  • 680
  • +0/-0
I hate this spammer!
« Reply #3 on: November 03, 2005, 01:52:26 PM »
I've never received an acknowledgement from an abuse department. Many ISP's obviously don't care what happens on their networks & drop the ball when it comes this kind of stuff. The ball is in your court to protect/block.

To get real serious about blocking from the IP or the IP range, make a customized template in tcprules to drop all traffic.


-mkdir /etc/e-smith/templates-custom/etc/tcprules/tcp.smtp/
-start a new file called 85customdeny with the following:


Code:
{
$OUT = "theipyouwanttoblock:deny";
$OUT .= "theiprangeyouwanttoblock:deny";
}


-rebuild the file with a: /sbin/e-smith/expand-template /etc/tcprules/tcp.smtp
-pickup the changes with a: /sbin/e-smith/signal-event email-update

NOTES:
-if you need to look up an ip address range visit: http://www.iana.org/faqs/abuse-faq.htm
-you can block a range with:: $OUT = "193.188.96.:deny"; blocks everything in the BATELCO assignable range.
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: I hate this spammer!