Re: Mail DoS from Bellsouth

From: LR (
Date: 08/22/02

From: "LR" <>
Date: Thu, 22 Aug 2002 15:14:19 -0400

"/dev/null" <dev'0x2e'> wrote in message
> I know you've said you've tried contacting them in many different forms,
> just to check, have you tried the two contact addresses and phone numbers
> their whois: (?)
> Technical Contact:
> Hostmaster (HOS260-ORG) hostmaster@BELLSOUTH.NET
> 28 Perimeter Center East BLDG 30
> Atlanta, GA 30346
> US
> (770) 522-6300
> Fax- - (770) 522-4002

Heh, go figure...this worked. The 770# listed is their NOC. The person at
the other end was 10x more compentant than anyone I've spoken to yet.
Thanks for helping me see past the angry fog that was rising.

> I have a question for you. If you decide to "go to the authorities"
> of Bellsouth's lack of response, who would you call? (I'd like to know in
> case I need to call them some day).

Trust me, this is a tough question that comes up often. The only
authorities right now are the FTC and the FBI, and they're so overwhelmed
re: SPAM that they really can't do anything. I've established a contact in
the local FBI field office for particularly nasty cases.

> I know when you're in the middle of the battle it's hard to keep your cool
> and be stratigic, so I offer this viewpoint to help. Ultimately I see two
> routes to take if you can't get any response.
> 1. Open up to Bellsouth and let them "get this off their chest". If you
> route the email to internal servers your servers may generate "No such
> emails back to Bellsouth, intensifying the war. So it may be good to set
> a dummy MTA (as suggested by others) to just suck in this junk and dump

That's not a bad idea and one I was considering exploring...Ultimately
though I've decided to fight this battle because a very large-scale provider
like Bell South should have a better handle on their network.

> Of course if this is an on-going problem, i.e. whoever spoofed your domain
> as the "from" address on these bogus emails continues to generate these
> emails, eventually you'll have to get hold of someone who can make it
> I'd say a written letter from an attorney seeking damages would be a good
> show-stopper to send them.

That's really the only other step to get the traffic to stop. But hopefully
the people at the NOC will be more responsive and help out. Again, yes,
it's easier to block it and wait or suck it in and > /dev/null it but I'm a
big advocate of taking responsiblity for what goes on in your network...

Thanks again...


Relevant Pages

  • Re: Outlook 2000 Inbox appears empty but isnt!
    ... Many Thanks for your advice/prompt response. ... He suggested that the "Outlook Today" ... >the (insert latest virus name here) virus, ... No summary of emails listed!). ...
  • back to access after a long time
    ... we are in danger of losing our Sent database from Lotus ... take those emails (this is going to be so time consuming.. ... notes field will pop up the text response we would then copy and paste ... I want to click on that text and in the notes field pops up: ...
  • eBay threat of legal action. (Here we go, again)
    ... My latest email to eBay in response to their fifth or sixth threat to set ... You do not sign your emails. ... Some considerable time later you deducted a commission fee. ...
  • Re: [Full-disclosure] University of Central Florida Multiple LFI
    ... "Hack Talk" would rather fire off 5 emails than pick up a phone, ... I typically follow the Rain Forest Puppy Responsible Disclosure Policy ... response back. ... vulnerabilities they would be forced to patch their code. ...
  • Re: Cyberterrorism [was: Re: NSA wiretap, Friday night]
    ... Otherwise the ISP is just ... My most recent contacts were in response to appeals here by "imhotep" ... got an abuse complaint for email coming from our network, ... system on a server that saw all traffic coming from the customer side ...