I have the IP address of a scammer (I convinced them to hit my web server) whose mail made it through my filters and would like to do something meaningful about it. Can I? I thought about telling their ISP, but dig -x
shows the netblock owner as a giant telecoms company. Have any of you had success in the past with bringing some form of justice to these bottom feeders?
![](../../users/profiles/63899.webp)
- 175
- 7
-
1"convinced them to hit my web server" - sounds like you're asking for trouble... – Ben Pilbrow Dec 16 '10 at 20:46
-
@Ben: Just mail with embedded img tags...Curiosity is a powerful thing. – nmichaels Dec 16 '10 at 20:49
-
1If you go out fishing for such things you can hardly complain when you catch one. – John Gardeniers Dec 17 '10 at 00:25
-
@John: They sent me scammy mail (that made it through the filters) first. I just replied. I'm not complaining about having caught one; I just want to know what to do with it. – nmichaels Dec 17 '10 at 14:12
2 Answers
If the dig report has an abuse address, send a detailed account of what happened to it. Send the IP address, dates & times, what the scammer sent you, and any reasonable information. Leave your opinion out, stick to the facts. Don't expect a response, except the usual automated one.
Past that, not much. Black-hole that IP and hope they stay away. Many ISPs do take reports of abuse very seriously.
![](../../users/profiles/33417.webp)
- 77,337
- 11
- 120
- 212
-
1I was hoping for some secret international law enforcement agency known only to sysadmins, but this will have to do. – nmichaels Dec 16 '10 at 20:51
-
1Closest thing to that is [Spamhaus](http://spamhaus.org). My first round of filtering is just checking their zen and drop DBs, that catches 99% with minimal server load. – Chris S Dec 16 '10 at 20:56
-
-
1If ISPs have clients mass spamming and they don't respond to places like Spamhaus, they may find their IP netblocks in these RBL systems for mail servers to block. abuseat.org is a good RBL as well. – Imo Dec 16 '10 at 21:58
Like ChrisS said, you should definitely forward the message to the ISP. In addition, since phishing/spamming/whathaveyou is technically illegal, you can also file a complaint with the Internet Crime Complaint Center. I would not expect your single complaint to be acted upon. However, it files the information so it can be used as part of a larger investigation should one occur.
![](../../users/profiles/3356.webp)
- 14,717
- 10
- 51
- 83