You may want to check out http://spamcop.net/fom-serve/cache/338.html , which shows a sample "real" report from SpamCop -- there was a spammer that was sending out lots of fake SpamCop notices a while back, he may have started up again.We have a problem, where SpamCop or someone, will contact us claiming they have received spam from our IP range. I investigate only to find out what I expected, there is no server, client, or anything on that subnet. Infact we haven't allocated that subnet yet, it sits unused.
My guess would be either that it was a spoofed report (not from SpamCop), or that it isn't related to your IP (for example, I've heard that SpamCop will report web sites that are listed in spam).My immediate suspicion is that the address is spoofed. We have bogon filters on the edge of our network, so I am 99.9% sure that these are spoofed addresses.Do any of you experience this too? Any suggestions? I get about 2 or 3 claims a week and it's just bothersome.
IP spoofing is usually very, very difficult to do -- doable by a knowledgeable hacker with the right compromised servers, nearly impossible for a script kiddie, and probably impossible for any spammer. It is next to impossible to do with a Windows computer, and Windows computers are what spammers and script kiddies tend to have for compromised servers. Even if a spammer knew how to do it, the drawbacks of doing so would likely well outweigh the benefits.
-Scott
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
