Re: Spam question

On 27.08.2012, Aaron Konstam wrote: Somebody claiming to be "pos81n-nds-36.positionstrends.com" with the IP adress 184.172.130.36 posted this mail to one of the Yahoo mailservers. [root@wildsau ~]# whois 184.172.130.36 [Querying whois.arin.net] [Redirected to rwhois.theplanet.com:4321] [Querying rwhois.theplanet.com] [rwhois.theplanet.com] %rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5) network:Class-Name:network network:ID:NETBLK-SOFTLAYER.184.172.128.0/18 network:Auth-Area:184.172.128.0/18 network:Network-Name:SOFTLAYER-184.172.128.0 network:IP-Network:184.172.130.32/29 network:IP-Network-Block:184.172.130.32-184.172.130.39 network:Organization;I:Brick Run Media network:Street-Address:209 West 20th 3A network:City:New York network:State:NY network:Postal-Code:10011 network:Country-Code:US network:Tech-Contact;I:sysadmins@softlayer.com network:Abuse-Contact;I:abuse@fulltimedo.com network:Admin-Contact;I:IPADM258-ARIN network:Created:20120125 network:Updated:20120125 network:Updated-By:ipadmin@softlayer.com So the spammer is in the netblock of "softlayer.com", most probably a customer of them. Write a complaint to "abuse(a)fulltimedo.com" with a copy to "sysadmins(a)softlayer.com", including one of the spam emails incl. the full header.