Hey, all, it turns out there is a concerted effort by the proper
"authorities" already going on, and they already know enough that
information from any of the mailing lists isn't needed anymore.
Thanks to everyone who forwarded information--this is the first time
I've ever tried to track down anything out of message headers, it's
quite messy. All information I received--some of which I passed on
to the postmaster of the poor site that apparantly originated the
spam to our groups--was forged, no new information was derived from
our efforts.
If anyone wants to know anything more about the Olga spam, read on,
otherwise sign off here!
Tom Stockman
I'm not a pro at the real inner working of the internet, so this
should only be regarded as "approximately" accurate. It's based
on my incomplete understanding of the situation.
According to what I've heard from others, it seems the spammer is
taking advantage of a hole in some mainframe IBM TCP/IP software.
This software accepts messages as valid without checking to see if
the given originating address matches where the message came from,
so the spammer can diddle with that information, and once it's
passed on through this software, it's untraceable.
This is how the messages are sent to mailing lists, with forged
headers, and the actual originating site isn't detectable from
within that message.
Lots of people are in pursuit, there are rumors "they" even know the
guy's name, but there are conflicting counter-rumors flying around, too.
The net result is, postmasters at many sites are being deluged with
complaints because their site was apparantly originating the Olga spam.
Unfortunately, this includes a quick flurry of e-mail between me & the
site that was forged as the originator to the auto lists I'm on, as I
tried to pass on relevant information. Live & learn.
Guess I'll stick to tracking down car problems, rather than internet
problems!
Tom Stockman
Morrison, Co
|