Is this a genuine ISP??

I've noticed that a humongous amount of my junk mail (much of which appears, looking like a genuine message) comes from an attbi.com address.

Would it be safe to set up a message rule that automatically deletes any inbound message from attbi.com (or could I "lose" some good stuff)?

Keygrip,

Here is the result of a WHOIS search on ATTBI:

Organization:
AT&T Corp.
Corporate Administrator
32 Avenue of the Americas
New York, NY 10013
US
Phone: 908-221-5578
Fax..: 908-221-5581
Email: [email protected]

Registrar Name....: Register.com
Registrar Whois...: whois.register.com
Registrar Homepage: http://www.register.com

Domain Name: ATTBI.COM

Created on..............: Tue, Oct 02, 2001
Expires on..............: Sat, Oct 02, 2004
Record last updated on..: Sun, Nov 30, 2003

Administrative Contact:
Comcast
Domain Admin
183 Inverness Drive West
Englewood, CO 80112
US
Phone: 1-888-565-4329
Fax..: 720-267-2802
Email: [email protected]

Technical Contact:
Comcast
Domain Tech
183 Inverness Drive West
Englewood, CO 80112
US
Phone: 1-888-565-4329
Fax..: 720-267-2802
Email: [email protected]

Zone Contact:
Comcast
Domain Tech
183 Inverness Drive West
Englewood, CO 80112
US
Phone: 1-888-565-4329
Fax..: 720-267-2802
Email: [email protected]

Domain servers in listed order:

NS2.ATTBI.COM 216.148.227.68
NS.ATTBI.COM 204.127.198.4
NS6.ATTBI.COM 63.240.76.4
NS5.ATTBI.COM 204.127.202.4

It doens't necessarily follow that attbi.com is the source of the Spam - it could be a domain name hijack.

"One of the most popular generic form-to-email scripts in use today is FormMail. Unfortunately, most versions of this script contain security loopholes which allow bulk emailers to hijack a third-party's FormMail script in order to send out any number of messages. When this happens, the innocent third party appears to be the sender of the messages and gets all of the blame.
Bulk emailers actively probe web sites all around the world, looking for insecure FormMail scripts to exploit."

The last is a quote from obliquity.com (http://www.obliquity.com/computer/spambait/) - an interesting website with a pretty robust position on spam!

HTH

SD

Yes, but what do bulk e-mailers get out of all this effort? Who is paying for all the work? There must be some return on investment for it to be worthwhile but I don't see where there is enough income when spammers must spend most of their life dodging detection. How do they get paid and who pays them? I'm not only dropping forty or fifty new domain names a day into our spam blocking system, we get a dozens every day to the e-mail address given for engineering inquiries on the company website.

I accept that some spam is straightforward fraud - the real Emperora Bokassa's widow already moved her money out of the country years ago - but does anyone actually buy any of the crap that is advertised in spam?