[2315] in WWW Security List Archive
Email Hack: Help.
daemon@ATHENA.MIT.EDU (Doug Breault)
Thu Jul 4 18:09:22 1996
Date: Mon, 24 Jun 1996 12:42:45 -0400 (EDT)
From: Doug Breault <dbreault@ns.sprintout.com>
To: World Wide Web Security <WWW-SECURITY@ns2.rutgers.edu>
Errors-To: owner-www-security@ns2.rutgers.edu
Hello Everyone,
We've got a problem here with a hacker. There's some punk
apparently hacking a mail server somewhere and sending BS postings all over
the net regarding get rich quick schemes, etc - from a non-existent
account on our server. They've done it twice so far, from two different
non-existent accounts.
1. Is there any authority who we can call about this type of incident?
2. What are the methods one uses to do fake these FROM fields? And is
there a way to prevent it?
3. What are the limits of prosecution available, is it typical US justice
where even if they're caught red handed, nothing is done?
In addition, the culprit is apparently from Canada (from one of the
mail-me-some-cash addresses contained in the get-rich-quick letter)...which
is a long drive, but not so long that I won't make it to solve this
problem if necessary.
All information will be greatly appreciated.
Best regards,
Doug
