Junk Mail

In the last hour or so I’ve received a TON of bounced emails to various fake addresses at averyjparker.com Just in case anyone has come here thinking I’m sending them out, I’m not. Some junk mailer has decided to forge the return address with averyjparker.com as the domain. Unfortunately this is rather trivial to do. (It would be equally simple to have email that appears to be from gwbush@whitehouse.gov) The mailserver at averyjparker.com has not been used for these junkmails and if you take a look at the header information you can find the source (s). (Usually the source is the earliest received: header address – each received: header down you’re going back towards the source.) The mails I’ve received are coming from a couple sources and all will be reported to the appropriate ISP’s as I have time.

For instance…. here’s the most recent with the relevant portion of the original portion of the email headers.

Content-Type: message/rfc822
Received: from bhk.com ([]) by simmts6-srv.bellnexxia.net (InterMail vM. 201-253-122-130-105-20030824) with ESMTP id <20031113002959.JGOL1511.simmts6-srv.bellnexxia.net@bhk.com>; Wed, 12 Nov 2003 19:29:59 -0500Message-ID: <756901c3a97d$e5df7db7$ee71ddf4@nxcddsb>From: “Manon Nss”

m.nss_sh at averyjparker.com is a bogus address – bhk.com also doesn’t exist, but is a legitimate network address (this part is much harder to forge or fake than a domain name.) Also the message was received by a mailserver at bellnexxia.net which may also be a forged name…. Anyway, I’ve tracked the ips of several of these spammers as well as the site that all are redirecting to. Emails to abuse@ the appropriate ISP’s will be coming.

   Send article as PDF   

Similar Posts