What to do about websites that spam

**twinscythe12332** · 23-Feb-08, 01:48 PM

it is pretty easy to use an SMTP, put in your credentials, and then give a completely different "from" field. considering Vodacom has a blank user name and password login for internet., I'm wondering if it isn't similar for the smtp. I remember trying to set my mail up, and got given a password and user name. either someone is using an emailing system, or as Dave suggests, it could be a possibly enslaved machine generating emails and someone has no clue about it.

by localhost (mx1.vodamail.co.za [127.0.0.1]) (amavisd-new, port 10024)

either that is as Chatmaster suggests the localhost of the machines ending, or perhaps it is the emailing program vodacom is using?

**Dave A** · 23-Feb-08, 03:23 PM

Nowadays most ISPs SMTP servers are set to prevent leaching. Vodacom is one of these. You won't be able to use their SMTP server unless you're on a Vodacom connection. If you go the webmail route into your Vodamail account, this is still linked to a connection profile which is governed by all that ID verification detail that goes with it. And in the webmail system, you wouldn't be able to forge the "sent from" email address.

SMTP servers on domains are slightly different, of course. They can't control where the request is coming from quite the same way - but there you'll have to validate your identity before the SMTP will respond (as long as the server admin hasn't been a total idiot).

**Chatmaster** · 23-Feb-08, 03:33 PM

Yah, my servers all require authentication. Most hosting services also do not make use of CDONTS because of this exact reason. CDONTS don't require any authentication.

**bullfrog** · 23-Feb-08, 11:16 PM

From what I can tell is that is came from a vodacom smtp server. I believe they have a public one set up for all their subscribers: smtp.vodacom.co.za or something like that. So all the users can basically use that mail server and send from anything@anything.co.za etc.

That 10.***** ip is making me unsure of where exactly the mail came from though. If you can actually get hold of someone at vodacom I would just forward the whole email with all the header information. You can usually contact someone at the abuse email addresses when you do a whois on the ips. Threatening to get ip's black listed also gives them some motive to do something about it.

**Dave A** · 24-Feb-08, 08:48 AM

The 10. IP is possibly a LAN router. Anything after that is a stuffed red herring

**bullfrog** · 24-Feb-08, 03:08 PM

O yea right. Bit of a dull moment for me there. :/

**twinscythe12332** · 25-Feb-08, 07:29 PM

Originally posted by bullfrog

From what I can tell is that is came from a vodacom smtp server. I believe they have a public one set up for all their subscribers: smtp.vodacom.co.za or something like that. So all the users can basically use that mail server and send from anything@anything.co.za etc.

I've done it for my Company, but obviously use my Co SMTP and credentials, not to mention a believable email address. (which reminds me, I must see if it still exists =/)

What to do about websites that spam

Comment

Comment

Comment

Comment

Comment

Comment

Comment