What To Do The Laws The Scam Dissected The Numbers Revealed The Countries The Variants Ridiculed The Reporters The Detectives The Results Links Elsewhere Return to the MMF Home Page dig finger nslookup PGP ping procmail telnet traceroute whois Unix Command Manual Pages: index
MMF Navigation Bar Man Pages Navigation Bar

The UNIX Commands Manual Page Index Page

Here are some of the UNIX commands that you can use from your shell account (if you have one) to help trace and track spam of all kinds. Click on a command name to see the "Man Page" for that command and how to use it.
whois - looks up records in the Network Information Center (NIC) database. Very simple to use, can require some interpretation on results. NIC records are known to be horribly innacurate and out of date in many cases, and they do nothing to update or verify them.

traceroute - utilizes the IP protocol `time to live' field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to some host, which then gives you a complete set of the machines through which your packets transmits to reach your destination. This helps enable you to trace a sites connectivity, or upstream provider. Very simple to use, some results may require correct interpretation.

telnet - used to communicate with another host using the TELNET protocol. Enables youto many times telnet into the SMPT port of a remote site (port 25 is standard) to VRFY (verify) or EXPN (expand) user names and see if they are valid on that system, and sometimes gather more information about them, depending upon implentation on that particular system. Some systems (especially rogue spam sites) disable these functions, or totally disable incoming Telnet to the mail port - this is in and of itself a clue as to the site's hospitality towards spam, in my opinion. Easy to use once you have some basic commands down.

procmail - allows you to do almost anything with incoming or outgoing mail, but you have to understand regexps (Regular Expressions) pretty well - it can get fairly techincal. Mainly used in our context to set up automatic filters to filter out unwanted incoming junk mail. Highly flexible, fairly steep learning curve.

ping - sends a packet to the specified host and waits for a reply. Generally used as a "are you even there?" type utility to see if a site responds. Not always accepted by the remote host. Easy to use in its basic form.

nslookup - a program to query Internet domain name servers. Usually used to convert dotted.decimal to domain name or vice-versa. Very easy to use in its default form, can be used in a far more complex way.

finger - displays information about a user. Many systems have this function turned off, or are behind firewalls that do not allow fingering. Still useful in many cases. Easy to use.

dig - (domain information groper) is a flexible command line tool which can be used to gather information from the Domain Name System servers. Can be simple to use, although the return data is often cryptic to the unfamiliar.

pgp - (Pretty Good Privacy) while PGP is not a true "anti-spam tool," this enables you to sign and encrypt your own messages (signing produces a key which can be compared to the received document at the other end to validate its authenticity and content have not been tampered with) or decrypt or verify incoming messages for which you have the person's PGP public key. Its a Good Idea to PGP sign all outgoing complaints, so that your document can be verified later if any question arises.

Return to the MMF Manual Index Page

Return to the MMF Myth Page

All comments within these pages are expressed as personal opinions only.

Made With Macintosh  © 1997 Ken Lucke - all rights reserved  Spun With PageSpinner