Advice (slightly off topic)

Galen Johnson gjohnson at
Wed Feb 6 13:43:14 UTC 2002


   I need a little advice and I figured this group would probably know 
as well as any (if not better) of a possible solution.

Here's my problem.  I own a domain ( which it would appear 
that someone in Argentina is trying to use.  This seems the case because 
I've started getting losts of bounces on my postmaster account and doing 
reverse lookups and a little other digging I was able to track it down 
to a cablevision provider there.  They are using's mail 
servers (best I can tell they have 4; so I can't be 
sure.  However, I've tried doing a whois and had no luck (just got a 
referal to use which really was less than helpful).

While I don't mind just deleting the email (although it is annoying) 
I've started getting mail to root at that is output from some 
sort of cron job that gives me quite a bit of information that they most 
likely would need for themselves (such as LIDS output).  I've also 
noticed that they are starting to get a few more users (since I also get 
the scripts the run give the contents of /etc/passwd).  I can only 
forsee this problem growing larger.

My question for you guys is: What can I do about this without any really 
apparent way of getting in touch with these folks (short of trying to 
send a snailmail, maybe)? (I'm not that familiar with all the aspects of 
dig as I've primarily used nslookup, but I'm learning)

On a positive note, they appear to have fixed their reverse lookups 
which I can only assume has to do with all the bounces the ISP's 
postmaster was getting from me (since I use postfix and it tends to 
disallow any mail that it can't reverse lookup).

Sorry for the length of this.


-=* I'm sorry if doing things correctly offends you. *=-

More information about the bind-users mailing list