Subject: Email your AD to 57 MILLION People ONLY $99

[an error occurred while processing this directive]
The report for this spam can be found at: FutureWT Edition.
Received: from office4.corp.netcom.com (199.35.110.148) 
by studio42.com with SMTP (Eudora Internet Mail Server 1.2); Mon, 19 Jan 1998 09:39:32 -0800
Received: from blaze.corp.netcom.com (blaze.corp.netcom.com [199.35.110.203]) by office4.corp.netcom.com (8.6.12/Netcom-Corp) with ESMTP id JAA01784 
for <postmaster@studio42.com>; Mon, 19 Jan 1998 09:39:05 -0800
Received: by blaze.corp.netcom.com (SMI-8.6/SMI-SVR4)	id JAA00422; 
Mon, 19 Jan 1998 09:39:05 -0800
Date: Mon, 19 Jan PST  09:39:05 -0800
Message-Id: <199801191739.JAA00422@blaze.corp.netcom.com>
To: <postmaster@studio42.com>
Subject: Re: Email Spam: Email your AD to 57 MILLION People  ONLY $99  
From: abuse@netcom.com (NETCOM Policy Management)
Reply-To: abuse@netcom.com (NETCOM Policy Management)

>This is consistent with my ZERO TOLERANCE policy on spam.

>Complete records of this spam and spammer can be found at:
>http://www.studio42.com/kill-the-spam/reports/FutureWT.html

>It has come to my attention that an internet abuser has chosen to abuse 
>my domain. I will not tolerate spam being delivered to my domain. I must 
>now persue legal action against UU.net who facilitates this spammer, as 
>well as the spammer. I consider this assault on my domain to be a denial 
>of service attack and I will not stand by and let this happen. I will not 
>allow my users to be plagued with spam. I will not allow spam INTO or OUT 
>OF my server.

>UU.Net:
>I consider UU.Net responsible for causing this denial of service attack 
>on my domain and my system. I have already called police and FBI to 
>investigate UU.Net because you have clearly refused to do anything about 
>this spammer. I would like the phone number to this individual so that I 
>may verbally confront this spammer.

>Glen-net.ca and Istar.net:
>Glen-net.ca relayed this spam. Please secure your server against such 
>future attacks.
>Istar.net:
>Please assist your customer in securing their servers to prevent this 
>from happening again.

>Netcom:
>Again, this spammer is forging Netcom information. 

>Received: from sparc1.glen-net.ca (205.189.134.2) by studio42.com with 
>SMTP (Eudora Internet Mail Server 1.2); Sun, 18 Jan 1998 20:33:30 -0800
>Received: from sparc1.glen-net.ca (1Cust87.tnt6.lax3.da.uu.net 
>[153.37.69.87]) by sparc1.glen-net.ca (8.6.12/8.6.12) with SMTP id 
>BAA12531; Sun, 18 Jan 1998 01:14:06 -0500
>From: 09089578@ix.netcom.com
>Received: from mailhost.afassafa.com (alt1.afassafa.com(205.3.52.35)) by 
>82555312@ix.netcom.com (8.8.5/8.6.5) with SMTP id GAA08372 for 
><82555124@ix.netcom.com>; Sat, 17 Jan 1998 23:03:31 -0600 (EST)
>Date: Sat, 17 Jan 98 23:03:31 EST
>To: 82555124@ix.netcom.com
>Subject: Email your AD to 57 MILLION People  ONLY $99  
>Message-ID: <532145314125.CAA55185@afassafa.com>
>Reply-To: 82555124@ix.netcom.com
>X-UIDL: 53124513325478965421254125214522
>Comments: Authenticated sender is <82555124@ix.netcom.com>


>        57 MILLION EMAILS FOR ONLY $99 
>            INCLUDES STEALTH MAILER

>  That's right, I have 57 Million  Fresh  email addresses that I will 
>sell for only $99.   These are all fresh addresses that include almost 
>every person on the internet today,  with no duplications.  They are all 
>sorted and ready to be mailed.  That is the best deal anywhere today !  
>Imagine selling a product for only $5 and getting  only a 1/10% response. 
>  That's  $2,850,000  in your pocket !!! Don't believe it? People are 
>making that kind of money right now by doing the same thing, that is why 
>you get so much email from people selling you their product....it works ! 
> I will even tell you how to mail them with easy to follow step-by-step 
>instruction I include with every order.  These 57 Million email addresses 
>are yours to keep, so you can use them over and over and they come on 1 
>CD.  I will also include the stealth mailer - this is a full version of 
>the incredibly fast mailing program that hides your email address when 
>you send mail so no one will find out where it came!
>  from and you won't lose your dial up account. The stealth mailer  is an 
>incredible program and absolutly FREE with your order !  If you are not 
>making at least $50,000 a month, then ORDER NOW. 

>ORDER NOW BY FAX:  Simply print out this order form and fax it to us 
>along with  your check made payable to: Future WT  for only $99.  
>Our Fax # is:  602 348 2955
>We will confirm your order by email and then mail your cd out the same 
>day via priority mail.

>Name:_____________________________

>Street Address:______________________________

>City:_____________________       

>State:________________ZipCode:_____________

>Phone number:__________________________

>Email:_______________________________
>Tape your check here.  Returned checks are subject to $25 NSF Fee.
>                Fax it to   602 348 2955
>                                Or
>You can mail a check or money order to:
>FutureWT
>15560 N. Frank Lloyd Wright  #b-4187
>Scottsdale, AZ  85260

>If you want to be removed from our mailing list just send a email <a 
>href="takemeofflst@answerme.com">here</a>














>57 million plus mailing program for only $99


Hello:

After examining the headers for this case, we have come to the conclusion 
that it did not originate from NETCOM. It has a NETCOM address in the 
From: line, but this is a forgery.

The address that it has originated from is uu.net.  Please send 
complaints on this issue to fraud@uu.net. 


To determine the server where a forged email originated, check the last
received line of the mail.  As an example:

> Received: from mailhost.net.com(net.com(alt1.net.com(208.9.77.65)) by
> net.com (8.8.5/8.6.5) with SMTP id GAA02542 for <sucess@netcom.net>;
> Sun, 06 Apr 1997 19:30:51 -0600 (EST)

The first machine named is generally the source of the email, in this 
example:

        alt1.net.com

Generally, only the last two words of the address are the domain, in this
example, net.com.

You can then use the command

        whois <domainname>

in UNIX or enter the domain name into the form at the URL:

        http://rs.internic.net/cgi-bin/whois

to see if it is a valid site, and if it is, you can send your complaints
there.  If you do not have UNIX or access to a web browser, check with your
ISP's technical support for an alternative way to check.


Thank you



Matt
NETCOM Policy Management

----------------------------------------------------------------------
NETCOM On-Line Communication Services, Inc.          abuse@netcom.com
NETCOM Policy Management:   (408) 881-3499           M-F 9AM-5PM PST
24-Hour Technical Support:  (408) 881-1810         support@netcom.com
----------------------------------------------------------------------
16mm, 8mm and Super8 Films put to DVD. Fast Turn-Around for your priceless family films