On Sun, 28 Jun 1998, Mark Milhollan wrote:
"David R. Conrad" writes:
b) someone has dummied up a prefix in a mail header or something (typical) c) there is a bug in the database software (happens)
I doubt B since the IP address queried was that of the TCP peer. Granted it could have been a spoofed session, but that would have required a level of expertise that I've never seen used merely to attempt delivery of a few thousand pieces of e-mail.
What about d). Perhaps someone temporarily announced routes for unallocated space, setup a mail/spam server in that IP space, sent out their mail, and stopped exporting the route. Is there a place one can search to see a history of BGP announcements for a given route? ------------------------------------------------------------------ Jon Lewis <jlewis@fdt.net> | Spammers will be winnuked or Network Administrator | drawn and quartered...whichever Florida Digital Turnpike | is more convenient. ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____