SPAM companies using a new (?) trick. Need help stopping
We've been noticing the following in the name server area of our log watch:
sysquery: query(NS1.ENCHANTINGIDEAS.NET) All possible A RR's lame: 1189 Time(s)
And noticing that this is being used to push SPAM through the system.
We have blocked the following at our firewall:
209.164.22.203 - NS1.ENCHANTINGIDEAS.NET
209.164.22.204 - NS2.ENCHANTINGIDEAS.NET
Along with every IP associated through their chain (do a dig on NS1.ENCHANTINGIDEAS.NET and follow up with other digs).
Yet, they still show up as a lame server.
How do we get rid of this SPAM organization?
Thank you.
