Re: 10.0.1.* alias blackhole-1.iana.org alias 192.175.48.6 ???

From: jx (jx_at_noplace.com)
Date: 05/24/03 

Date: 24 May 2003 10:59:49 GMT

>>It's not clear (to me, anyway) whether the original poster was trying
>>to trace to an address on network 10.0.0.0, or to this 192.175.48.6
>>address that he mentioned. Certainly from any network that I'm
>>familiar with, trying to trace to a 10.0.0.0 address would not get
>>very far at all

actually, what I was trying to do was identify the origional
common source so I could filter it out. This would also, I
hope, provide a starting point to report to my ISP. It appears to me
that the 10.0.* ip's are the origional senders, but I
could be wrong. I'm no expert in header interpretation. I'm
trying to pick this stuff up as I go along.

All the 10.0.* ip's traced to blackhole which traced to
192.175.48.6

A full set of headers follows. lifesaversdirect.com is frequently
replaced by:
bstnt.com (10.0.1.12)
amazdir.com (10.0.0.11)

Should the 10.0.* ip be filtered? or the lifesavers/bstnt/amazdir?

***********************************************************
Return-Path:
                 <OFHPNMZV@lifesaversdirect.com>
        Received:
                 from mtiwgwc20.worldnet.att.net ([127.0.0.1]) by
mtiwgwc20.worldnet.att.net (InterMail
                 vM.5.01.05.12 201-253-122-126-112-20020820) with ESMTP id
                 
<20030523093650.PTZF15181.mtiwgwc20.worldnet.att.net@mtiwgwc20.worldnet.att.net
> for
                 <xxxxxx@worldnet.att.net>; Fri, 23 May 2003 09:36:50 +0000
        Received:
                 from l185.lifesaversdirect.com (unknown[63.215.88.185]) by
mtiwgwc20.worldnet.att.net
                 (mtiwgwc20) with SMTP id <2003052309363802000g22r8e>; Fri, 23
May 2003 09:36:48
                 +0000
        Received:
                 from lifesaversdirect.com (10.0.1.161) by
l185.lifesaversdirect.com with QMQP; 23 May 2003
                 02:15:46 -0800
***********************************************************

Loading