| 
Hey, all, it turns out there is a concerted effort by the proper 
"authorities" already going on, and they already know enough that 
information from any of the mailing lists isn't needed anymore.
Thanks to everyone who forwarded information--this is the first time 
I've ever tried to track down anything out of message headers, it's 
quite messy. All information I received--some of which I passed on 
to the postmaster of the poor site that apparantly originated the  
spam to our groups--was forged, no new information was derived from 
our efforts.
If anyone wants to know anything more about the Olga spam, read on, 
otherwise sign off here!
Tom Stockman
I'm not a pro at the real inner working of the internet, so this 
should only be regarded as "approximately" accurate. It's based 
on my incomplete understanding of the situation.
According to what I've heard from others, it seems the spammer is 
taking advantage of a hole in some mainframe IBM TCP/IP software.
This software accepts messages as valid without checking to see if 
the given originating address matches where the message came from,  
so the spammer can diddle with that information, and once it's 
passed on through this software, it's untraceable.
This is how the messages are sent to mailing lists, with forged 
headers, and the actual originating site isn't detectable from 
within that message.
Lots of people are in pursuit, there are rumors "they" even know the 
guy's name, but there are conflicting counter-rumors flying around, too.
The net result is, postmasters at many sites are being deluged with 
complaints because their site was apparantly originating the Olga spam.
Unfortunately, this includes a quick flurry of e-mail between me & the  
site that was forged as the originator to the auto lists I'm on, as I 
tried to pass on relevant information.  Live & learn.
Guess I'll stick to tracking down car problems, rather than internet 
problems!
Tom Stockman
Morrison, Co
 |