From owner-freebsd-questions@FreeBSD.ORG Sat May 21 13:58:25 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 86D8A106566B for ; Sat, 21 May 2011 13:58:25 +0000 (UTC) (envelope-from xaero@xaerolimit.net) Received: from mail-bw0-f44.google.com (mail-bw0-f44.google.com [209.85.214.44]) by mx1.freebsd.org (Postfix) with ESMTP id 1923D8FC08 for ; Sat, 21 May 2011 13:58:24 +0000 (UTC) Received: by bwz13 with SMTP id 13so6144043bwz.17 for ; Sat, 21 May 2011 06:58:23 -0700 (PDT) Received: by 10.204.114.144 with SMTP id e16mr570990bkq.119.1305986302208; Sat, 21 May 2011 06:58:22 -0700 (PDT) MIME-Version: 1.0 Received: by 10.204.72.82 with HTTP; Sat, 21 May 2011 06:58:02 -0700 (PDT) In-Reply-To: References: From: Chris Brennan Date: Sat, 21 May 2011 09:58:02 -0400 Message-ID: To: Robert Simmons Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: ipv6 spam X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 May 2011 13:58:25 -0000 On Sat, May 21, 2011 at 9:28 AM, Robert Simmons wrote: I have begun receiving ipv6 spam from this mailing list, and I was > wondering how to determine who the owner of a particular ipv6 address > is. A whois may tell you who the block has been given too (ISP wise) ... that may start you in the right direction.... For example: I have a valid IPv6 address from my hosting provider (they gets used for IRC on occasion ..) NetRange: 2610:1E8:: - 2610:1E8:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF CIDR: 2610:1E8::/32 OriginAS: AS14595 NetName: NET-THINKTEL6-1 NetHandle: NET6-2610-1E8-1 Parent: NET6-2610-1 NetType: Direct Allocation RegDate: 2007-05-04 Updated: 2007-05-04 Ref: http://whois.arin.net/rest/net/NET6-2610-1E8-1 As you can see, a whois of that ip reveals the block provided to my hosts provider, from there you could start asking questions. Spam sent to the list, I tend to ignore, spam sent to me, I investigate and make go away. I'v also run a tracert(6) to find a general geographic region of the spam, if it's origin was reasonably local then I fire e-mails off to those locations as best I can. An interesting story here ... I actually knew one of my spammers, personally, a pseudofriend who always tried to show off to me, he had money and was always buying gadgets that he had no use for or how to use. When I figured it out I almost laughed meself stupid. I then took all my proof to his Mom and it all stopped, all his gadgets mysteriously disappeared from his house and he stopped calling ... coincidentally, all of that mysteriously disappeared junk, magically appeared in my bedroom :D Anywho there are ways, just takes patience and persistence... -- > A: Yes. > >Q: Are you sure? > >>A: Because it reverses the logical flow of conversation. > >>>Q: Why is top posting frowned upon?