Welcome to WebmasterWorld Guest from

Forum Moderators: phranque

Message Too Old, No Replies

SPAM problem

I need advice how to deal with it



9:21 am on Jul 27, 2001 (gmt 0)

Inactive Member
Account Expired


I got today one of the most impertinent spams I had ever the misfortune to receive. Usually I just delete spam, but this gave the impression that I sent it and apparently I wasn't the only receiver.

From: ***-owner@yahoogroups.com ()
To: <snip>, ***@yahoogroups.com, ***-owner@yahoogroups.com

Below is the result of your feedback form. It was submitted by (***-owner@yahoogroups.com) on Thursday, July 26, 2001 at 17:06:06

: Join for free Today.

I took some receiver addresses out and changed the addys.

You have to know that ***-owner@yahoogroups.com is one of *my* email addresses because I am the list mom.

Please note the parenthesis behind the sender email address. So it does give the impression that the thing came from me. If you hit replay it will even give my addy as email address, but without parenthesis. And btw, I'm not aware of any feedback form.

Obviously this someone tried to send it to the list, but couldn't probably deceive the yahoo mail server.

If you take a look at the source code of the email you get the following email header:

X-eGroups-Return: httpsd@www-1.ahnet.net
Received: from [] by b05.egroups.com with NNFMP; 27 Jul 2001 00:00:04 -0000
Received: (qmail 227 invoked from network); 27 Jul 2001 00:00:03 -0000
Received: from unknown ( by l10.egroups.com with QMQP; 27 Jul 2001 00:00:03 -0000
Received: from unknown (HELO lmg02.affinity.com) ( by mta1 with SMTP; 27 Jul 2001 00:00:02 -0000
Received: from www-1.ahnet.net ([]) by lmg.ahnet.net with ESMTP id <289354-15460>; Thu, 26 Jul 2001 16:59:32 -0700
Received: (from httpsd@localhost) by www-1.ahnet.net (8.9.3/8.9.3) id RAA29302; Thu, 26 Jul 2001 17:06:06 -0700 (PDT) (envelope-from httpsd)
Date: Thu, 26 Jul 2001 17:06:06 -0700 (PDT)
Message-Id: <200107270006.RAA29302@www-1.ahnet.net>
To: <snip>
From: ***-owner@yahoogroups.com ()

Same changes as before.

There are any possibilities to get back to the originator of the spam?

For now I have informed the mailinglist that they should contact me asap if they got such a message.
It is almost common to get spam. But this deception raises my blood pressure. Especially as it could hurt my reputation with my subcribers.

2:14 pm on July 27, 2001 (gmt 0)

Administrator from US 

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 21, 1999
votes: 90

Forward it to: abuse@ahnet.net


4:21 pm on July 27, 2001 (gmt 0)

Inactive Member
Account Expired


Thank you, I will do so.


9:21 am on July 29, 2001 (gmt 0)

Inactive Member
Account Expired


I just wanted to add. ahnet.net hasn't answered yeat. But I got the first irate spamming victim calling me names. I can understand her. This spam directed you to a sex site. I sent her a placating reply and pointed out the email header to her. Hope that helps. I'm afraid it could become worse. :(

To make this morning perfect, I got 30 virus infected emails. :(

5:48 pm on July 29, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:July 4, 2001
votes: 0

There is no retaliation through virtually any means. ISPs and large websites barely care. If you can suggest something that would reduce the amount of overall spam, they might implement it. It you point out an individual they can track down, nothing will happen. It is a waste of their resources for no gain of their own. Check this article our on grc.com:

A thirteen year old took down (DOS attacks) grc.com(major website) multiple times. The owner got no help from the ISPs this kid was using, or even the FBI. However, he did get the provider who he was paying money to to implement a filter to stop further attacks.

2:03 am on July 30, 2001 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lawman is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 28, 2001
votes: 75


That was just about the most fascinating article I've ever read. I am amazed that Steve Gibson was able to spy on the hackers for a week before he revealed himself.