Got video tapes? Need DVDs? $32 per tape gets it done fast!
The report for this spam can be found at: Raul Mendez Edition. 
Return-Path: <promo124@hotmail.com>
Delivered-To: cpickett@mediacity.com
Received: (qmail 962 invoked from network); 6 Dec 1998 08:49:24 -0000
Received: from host101.a-272.99.66.209.in-addr.arpa (HELO altern.org) (209.66.99.101)  
by mail001.mediacity.com with SMTP; 6 Dec 1998 08:49:24 -0000
Received: (qmail 31939 invoked by alias); 6 Dec 1998 06:11:29 -0000
Received: from unknown (HELO fdgdfg) (209.154.66.112)  
by host096.a-272.99.66.209.in-addr.arpa with SMTP; 6 Dec 1998 06:11:29 -0000
To: promo127@hotmail.com
Bcc: cpi@citation.com, cpi@world.std.com, cpic338@ms8.hinet.net, 
cpickard@interaccess.com, cpicket@ns.net, cpicket@tomcat.ns.net, 
cpickett2@juno.com, cpickett@mediacity.com, cpickles@iosphere.net, 
cpickles@mrburns.iosphere.net, cpiedmonte@ecs.com, cpierce1@cp500.pto.ford.com, 
cpierce1@ed7590.pto.ford.com, cpierce1@ford.com, cpierce@1stnet.com, 
cpierce@mica.net, cpierson@ivnet.com, cpierson@sunspot.tiac.net, 
cpierson@tiac.net, cpigeon@accent.net, cpike@charleston.net, 
cpinmd@ix.netcom.com, cpinternational@dial.pipex.com
From: <promo124@hotmail.com>
Subject: Frequent Asked Questions Re: $9.99 to build your own
content-length: 3838

I'm not going to repeat my work. Here it is again since the headers are essentially the
same:

>nslookup 209.66.99.101
Server:  ns.mediacity.com
Address:  205.216.172.10

Name:    host101.a-272.99.66.209.in-addr.arpa
Address:  209.66.99.101

I'm confused. This appears to be the spammer.

>nslookup altern.org
Server:  ns.mediacity.com
Address:  205.216.172.10

Name:    altern.org
Address:  209.66.99.96
Yet the address doesn't properly resolve.... Of course, it does state that it may be forged.

Further investigating is warranted:

>traceroute 209.66.99.101
traceroute to 209.66.99.101 (209.66.99.101), 30 hops max, 40 byte packets
 1  grfge002 (205.216.172.1)  0.539 ms  0.383 ms  0.347 ms
 2  bordercore2-hssi0-0-0.SanFrancisco.cw.net (166.48.15.249)  2.531 ms  2.456 ms  2.485 ms
 3  core10.SanFrancisco.cw.net (204.70.9.45)  2.759 ms  2.635 ms  2.648 ms
 4  mae-west6-nap.SanFrancisco.cw.net (204.70.10.238)  4.481 ms  4.118 ms  3.792 ms
 5  mae-west.above.net (198.32.136.31)  5.999 ms  6.003 ms *
 6  core2-mae-west-oc3.sjc.above.net (207.126.96.105)  24.468 ms  12.280 ms  13.904 ms
 7  * core2-mae-west-oc3.sjc.above.net (207.126.96.105)  13.745 ms !H *
 8  core2-mae-west-oc3.sjc.above.net (207.126.96.105)  24.575 ms !H * *
 9  core2-mae-west-oc3.sjc.above.net (207.126.96.105)  23.505 ms !H * *
The host is being protected.

>whois -h whois.arin.net 209.66.99.0
Abovenet Communications, Inc. (NETBLK-NETBLK-ABOVENET2)
   Suite 1010, 50 W San Fernando,
   San Jose, CA 95113
   US

   Netname: NETBLK-ABOVENET2
   Netblock: 209.66.64.0 - 209.66.127.255
   Maintainer: ABVE

   Coordinator:
      NOC  (NOC41-ORG-ARIN)  noc@ABOVE.NET
      408-367-6666
Fax- 408-367-6688

   Domain System inverse mapping provided by:

   NS.ABOVE.NET                 207.126.96.162
   NS3.ABOVE.NET                207.126.105.146

   ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE

   Record last updated on 11-Sep-98.
   Database last updated on 4-Dec-98 16:11:20 EDT.

OK, spammer located.
Want to do some recording? On-Site recording available, up to 48 tracks with full mixdown and mastering capabilities.