| 6:42 am on Apr 21, 2003 (gmt 0)|
Its a Chinese spam bot. Please be more selective with the category you choose for your posts. This is the Google section.
| 8:15 am on Apr 21, 2003 (gmt 0)|
>Its a Chinese spam bot.
It is a "compromised" spam bot.
The IP address says its canadian.
Even the spammers have their day for having an unpatch windows machine.
[edited by: kwngian at 10:26 am (utc) on April 21, 2003]
| 8:51 am on Apr 21, 2003 (gmt 0)|
Thanks for your reply.
Also, sorry to post this at Google section... by mistake I did that.
| 9:12 am on Apr 21, 2003 (gmt 0)|
don't know where the chinese spam bot idea came from - it's a machine infected with the Code red / Nimda worm.
You can't block it. The best thing to do is look up the ip address to find out which company hosts the machine and then write to them.
| 9:57 am on Apr 21, 2003 (gmt 0)|
220.127.116.11 is not chinese:
Cogeco Cable Inc. COGECOWAVE-1 (NET-24-226-0-0-1)
18.104.22.168 - 22.214.171.124
Apart from this, Indy Library is a candidate blocked by many here: [webmasterworld.com...]
| 10:13 am on Apr 21, 2003 (gmt 0)|
|The Chinese bot thing came from a site and I quote:|
[quote]Originally, the Indy Library is a programming library which is available at http://www.nevrona.com/Indy or http://indy.torry.net under an Open Source license. This library is included with Borland Delphi 6, 7, C++Builder 6, plus all of the Kylix versions. Unfortunately, this library is hi-jacked and abused by some Chinese spam bots. All recent user-agents with the unmodified "Indy Library" string were of Chinese origin.[/quote]
| 12:03 pm on Apr 21, 2003 (gmt 0)|
righty - missed the "Indy Library" part - I was just going on the addresses its trying to hit.
I would say contact the host is still the best advice though.