[Mimedefang] [OT] Nasty situation

[Paul]

>Hi,
>
>A spammer has recently sent out lots of really nasty XXX messages with
>the From: address set to some_random_user at roaringpenguin.com.  I know
>this because I'm seeing the bounces.

Join the club. It's happened to me as well.


>The original messages appear to have been relayed from all over the place --
>Philipines, the US, China, etc.  Obviously, someone got a list of open
>relays or open proxies. :-(

Yup. It seems there is a list floating around with 'anti-spam' people. Like you who makes antispam software and people who's beeen tracking down spammers. And those are used for From: addresses as a sort of revenge. 

>Anyone have practical tips on tracking the culprit down?  Does anyone
>have any idea what my legal options are?

It's going to be hard. I tracked my &^#%# down to Taiwan. End of story as he was using a 'bulletproof' ISP. Nothing going there apart from sending some 300lbs mutha's over there to beat the crap out of them. Not worth the money... Probably doing the job for someone in the US who did not want to get their hands dirty. Same with the hosting server. It was in China and palms appeared to have been liberally greased. The main result was a whole flood of XXX spam to the addy I used to complain with. Which was something I figured on and said addy was of course a throwaway one. :-)