At 07:14 PM 7/16/2003, Frank wrote: >Some yahoo, probably a professional spammer is hammering away at my >machine 24 hours a day, trying to get my SMTP to relay for him/her/it. I'm >trying to get to the root of who this person is, but a trace route >demonstrates a long trail of false reverse DNS entries. Do you have access to the router that serves your co-lo boxes? If you own it, or you can get your ISP to configure it - you can have the attacking IP dropped from the route so it never gets to your boxes. While you are pestering your ISP, send some email with cuts from your logs to the ISP responsible for the IP: C:\>nslookup 18.104.22.168 Server: dns1.sktnca.sbcglobal.net Address: 22.214.171.124 Name: 126.96.36.199.isp.tfn.net.tw Address: 188.8.131.52 http://www.apnic.net/apnic-bin/whois.pl inetnum: 184.108.40.206 - 220.127.116.11 netname: TFN-NET descr: Taiwan Fixed Network CO.,LTD. descr: 7FI., No. 498, Ruei-Guang Rd., Nei-Hu descr: Taipei Taiwan 114. country: TW admin-c: TT164-AP tech-c: SH376-AP mnt-by: MAINT-TW-TWNIC changed: cwkuo at twnic.net.tw 20020425 status: ALLOCATED PORTABLE source: APNIC You can send the email to abuse at twnic.net. Hopefully they will respond. --- Anthony Baratta President Keyboard Jockeys "Conformity is the refuge of the unimaginative."