I would like to use software to analyze spam regarding header information
Sending MTA/ IP, maybe transferring MTA (could be spoofed) and make an automatic Whois request to get the names behind (if not send from a bot net). Any suggestions? Open Source software would be nice.
Greetings,
Unfortunately, I am not aware of anything that does this, but hopefully others are more familiar with this category of tools.
This sounds like something you could write in a scripting language pretty easily and is a small enough project to be a good one for learning how to write simple tools.
-David
You might try to reach someone here for help
http//
@miket065
That's specialy US related. I think we've a similar gov site over here where you can tell and place data. It will find it's way to this place.
I did some investigations yesterday
Both spams are related to very bad .tk domains, registered as "free" domains at dot.tk a Netherlands/europe company. In their acceptable use policy they grant privacy to free accounts. So suspicious are hidden in the first look.
Initiating clients (bot clients?) for the Spam are in the lacnic area.
Distribution/ people in behind first border .cz and then it shows in second step .ua.
One Mnt link goes to switzerland/europe offering data center power close to zurich/Switzerland, but their own web server is hosted in the Uk
Web server/ virtual IP? hosting the data in both cases the same
Post box on the virgin islands for the contact.
i2 Notebook Analyzer will love this.
IP subnets with known infiltration of bot clients should be disconnected from the Internet. This would prevent so much problems.
BitStorm do you happen to know any good sites that spurt out spam?
Im doing a project on analyzing general information from spam but Im having problems receiving spam so any recommendations would be great.
Thanks
No idea. I hate such sites.
I can give you the .ua mail address i found while digging and following the Whois links of the matter above. If you ask politely they will send you some spam twisted
Or register at a forum regarding server colocation/ hosting/ robots support and put your Mail address in the footer. 😯
But use a Mail address you can drop after your work is done. Don't use a Mail address from one of the big Mail providers - they've good filters implemented. You must run a cheap Website with Mail included.
I've heard from a company that they use tools to test spam software. Drop me a PN and describe what you would like to do and i can ask one of my business contacts. Maybe i can get you what you like.
Otherwise ask companies like Google Postini, eleven.de, Sendmail.com, cloudmark.com and so on if they can give you access to honeypod accounts.
