Finding out about domains...

[John Oliver]

Is there a way to get a (any) machine name on a domain, starting with
just knowing the domain name? I just got a spam email with a "real"
return email address in the body (ez98.com). I'd like to be able to
find a valid machine name I can traceroute to, so I can find their
upstream provider... :-)

**********************************************************
IMPORTANT!!! >>> **********************************
**********************************************************
Don't just hit "Reply"! You have to jump through
a hoop or two first. Make sure you're mailing me
with j oliver (no space) at home dot com.

Sorry for the inconvenience...
**********************************************************

[Barry Margolin]

In article <34beed4e....@snews.zippo.com>,

John Oliver <dont....@to.this.address> wrote:
>Is there a way to get a (any) machine name on a domain, starting with
>just knowing the domain name? I just got a spam email with a "real"
>return email address in the body (ez98.com). I'd like to be able to
>find a valid machine name I can traceroute to, so I can find their
>upstream provider... :-)

I usually look up the MX host for the domain, and trace to that. If that
doesn't work (none of the nameservers for the ez98.com domain are
responding) you can look up the nameservers for the domain. Often they'll
be the ISP's nameservers, so you know their provider; if not, you can trace
to the nameservers to find their upstream provider.

I'll bet there are many more suggestions like this in the net-abuse
newsgroups.

--
Barry Margolin, bar...@bbnplanet.com
GTE Internetworking, Powered by BBN, Cambridge, MA
Support the anti-spam movement; see <http://www.cauce.org/>
Please don't send technical questions directly to me, post them to newsgroups.

[John Oliver]

On Fri, 16 Jan 1998 07:28:07 GMT, Barry Margolin
<bar...@bbnplanet.com> wrote:

>>Is there a way to get a (any) machine name on a domain, starting with
>>just knowing the domain name? I just got a spam email with a "real"
>>return email address in the body (ez98.com). I'd like to be able to
>>find a valid machine name I can traceroute to, so I can find their
>>upstream provider... :-)
>
>I usually look up the MX host for the domain, and trace to that. If that
>doesn't work (none of the nameservers for the ez98.com domain are
>responding) you can look up the nameservers for the domain. Often they'll
>be the ISP's nameservers, so you know their provider; if not, you can trace
>to the nameservers to find their upstream provider.

How do you look up the MX?

[Barry Margolin]

In article <34c36d5a....@snews.zippo.com>,

John Oliver <dont....@to.this.address> wrote:
>How do you look up the MX?

Using whatever DNS query tools you have available. My order of preference
for this is:

host <domain>
dig <domain> mx
nslookup -type=mx <domain>

[Bjorn Reese]

Barry Margolin (bar...@bbnplanet.com) wrote:

> host <domain>

host -t mx <domain>

[Raz Uri]

John Oliver (dont....@to.this.address) wrote:
>On Fri, 16 Jan 1998 07:28:07 GMT, Barry Margolin
><bar...@bbnplanet.com> wrote:

[snip]

>>
>> I usually look up the MX host for the domain, and trace to that. If that
>> doesn't work (none of the nameservers for the ez98.com domain are
>> responding) you can look up the nameservers for the domain. Often they'll
>> be the ISP's nameservers, so you know their provider; if not, you can trace
>> to the nameservers to find their upstream provider.
>

> How do you look up the MX?
>

For unix hosts "nslookup -type=mx <hostname>"

--
+---------+-----------------------------------+-------+-----+-----+
| Uri Raz | mailto:s284...@t2.technion.ac.il | Noire | :-) | :-( |
| Schroedinger's cat is alive and dead. |
+-----------------------------------------------------------------+