Jump to content


Photo

spammers ip?


  • Please log in to reply
4 replies to this topic

#1 jacquibaby

jacquibaby

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 01 September 2004 - 09:37 AM

I received spam/malicious emails from an ip address 127.0.0.1 smtpin01l.livemail.co.uk
It is impossible to trace this?


I did a search and got this info....
127.0.0.0/8 - This block is assigned for use as the Internet host
loopback address. A datagram sent by a higher level protocol to an
address anywhere within this block should loop back inside the host.
This is ordinarily implemented using only 127.0.0.1/32 for loopback,
but no addresses within this block should ever appear on any network
anywhere [RFC1700, page 5].
I would love to find out and revenge this spammer!

jacqui

#2 Bobbi Flekman

Bobbi Flekman

    The computer whisperer.

  • Retired Staff
  • PipPipPipPipPip
  • 1,357 posts

Posted 01 September 2004 - 09:54 AM

Spam message headers are usually forged. The best thing to do is ignore them. Never, ever answer one of them. This notifies the spammer that they have a "live address" (an address that goes to someone), in effect multiplying the amount you get.

For future reference, never leave your emailaddress behind. If you follow newsgroups use a mangled address. Instead of me@somewhere.com, use me_AT_somwhere_DOT_com. The human reader knows what to do, but the piece of software that harvests addresses doesn't and leaves it alone.

[edit]as an afterthought, if you reply to a spam message, you could also "spam" someone else. The reply will not go to the spammer, but to another victim like yourslef[/edit]

Edited by Bobbi Flekman, 01 September 2004 - 09:57 AM.


#3 Misereor

Misereor

    Member

  • Full Member
  • Pip
  • 84 posts

Posted 02 September 2004 - 12:32 AM

127.0.0.1 is your own computer.
The header is either forged, or you have a hostile mailing agent on your PC.

#4 jacquibaby

jacquibaby

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 02 September 2004 - 02:01 AM

I believe that it's forged, though I have run a hijack this log.

#5 leichim

leichim

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 16 September 2004 - 03:40 AM

127.0.0.1 is your own computer.
The header is either forged, or you have a hostile mailing agent on your PC.

indeed, its loopback and the trusted area of your own computer (you can see it at (kerio) firewall, if u dont have one, but i dont expect that, download one (for example Kerio Firewall)

Edited by leichim, 16 September 2004 - 03:41 AM.





Member of UNITE
Support SpywareInfo Forum - click the button