[Techtalk] Apache, abuse and nonexistent domains.
daniel.richter at wimba.com
Tue Feb 25 11:47:25 EST 2003
Two months ago, someone wrote to LinuxChix because she saw this in her HTTP
> 220.127.116.11 - - [17/Dec/2002:04:34:42 +0100] "CONNECT
> 18.104.22.168:25 HTTP/1.1" 400 379 "-" "-"
This is an attempt to send spam. Many people, notably Mandi, explained how
to do a whois lookup on the IP address. That was quite helpful.
Now I notice this in my logs:
> 22.214.171.124 - - [25/Feb/2003:03:02:57 -0500] "CONNECT
> 126.96.36.199:80 HTTP/1.0" 405 301 "-" "-"
When I follow Mandi's advice, I find that the address is in Bell Canada's
address space, and a hostname lookup on the offending address shows that it
belongs to sympatico.ca, which I think is an ISP:
$ host 188.8.131.52
[blah, blah, blah] HSE-MTL-ppp3983.qc.sympatico.ca.
Should I send the complaint to them, or to Bell Canada? Also, what's the
difference between TechEmail and OrgTechEmail?
I would love to be able to write a Perl script to automatically find the
appropriate person to e-mail. Is that possible, or are there too many
different possible cases?
========== Dan Richter ============== mailto:Dan at wimba.com ===========
He [Bob Dole] fought in Italy, where he suffered
a serious head injury. Then he went into politics.
- a poorly worded radio announcement in 1961
More information about the Techtalk