#2 Virus Report Email To Abuse.net contact for ISP

[Anonymous]

I would really like to see this script lookup the virus
sender's ISP abuse contact from abuse.net and then
forward a copy of the virus notice to the correct abuse
dept. That would be really cool, and it would help ISP's
get a grip faster on the escalading virus epidemics.

[Xtreme-Host.Com]

Logged In: YES
user_id=1068807

Ok, I have written a perl script which you can pipe notices
from odeiavir, and generate another email notification to the
sender's host and/or ISP's abuse desk. Unlike older versions,
this new messaging system does not use the sender's return
envelope or From: field to contact their ISP, as this is just a
waste of time, since a new viruses/worms forge this field(s).
Instead we take the senders IP, do an nslookup to get the
true hostname and then lookup their abuse contact from
abuse.net . In the event that we are not able to get a
hostname using that method, a backup whois lookup is
performed to acquire a contact email for the IP. Once the ISP
of the infected computer receives our notification, they
inform their users of the infection and this usually resolves
the issue.

Since this script is still in testing, with a few small bugs being
worked out right now, I will post it here later if possible or if
anyone is interested in it's source let me know.

[Xtreme-Host.Com]

Logged In: YES
user_id=1068807

Im sure that this source could be ported to C and included in
the odeiavir source.