McKirahan said:
Heinz Schmitz said:
With most of the spam coming in I can determine the server
it wants to lead me to (without actually going there).
But what does my browser translate that to:
<a href=3D"
http://aafsz.travelmade.cn/?1=76022619798"
target=3D"_blank"> ... some text ....</a>
A WHOIS search at
http://www.geektools.com/whois.php
revelaed these details of the domain "travelmade.cn":
Checking server [whois.cnnic.net.cn]
Results:
Domain Name: travelmade.cn
[....]
Often WHOIS information is not allowed to be archived, so it would probably
be best if it was not posted on Usenet. That aside, finding out where the
link in a spam message points (or what the sender address is), is not likely
to be a reliable source of information to locate the spammer. You should
look for the last Received headers if it is an e-mail, and the
NNTP-Posting-Host header if it is a NetNews message, instead. Whereas the
latter is not required to give an indication of the real host name or IP
address per the RFC, but it has turned out to be a good starting point.
If still necessary after consulting the corresponding FAQs, please discuss
this where it is on-topic, one of
news.admin.net-abuse.email
news.admin.net-abuse.usenet
news.admin.net-abuse.misc
Or, in the case of the OP, one of
de.admin.net-abuse.mail
de.admin.net-abuse.news
de.admin.net-abuse.misc
F'up2 news.admin.net-abuse.misc
PointedEars