Jump to content
Sign in to follow this  
asgardian

Under attack?

Recommended Posts

Since 2pm yesterday I have received almost 1000 'bounceback' e-mails, about half of which Spamcop has 'spotted' and put in Held Mail, the other half has all got through. I am at the point next week of needing to renew my subscription to spamcop. This is the first time this has happened and I'm concerned that I have no contact details to talk to someopne at Spamcop to see what's going on. I have a McAfee security system including their firewall, and I ran a full virus scan yesterday afternoon on spotting this problem and came up clean, so I don't think I'm guilty of an e-mail virus exploiting my mail-box.

Can anyone help?

Share this post


Link to post
Share on other sites

No headers provided to look at, so will just go with the most likely situation .... one of your addresses has become the forged From: and/or Reply To: line contents. There's an entry or two in the FQ about this, there are a number of other Topics & discussions from others that have been there. In general, the story usually goes that you'll be hit hard for a while with these bounces, then the spammer will eventually select a new address to forge into the next spam spew. You could be looking at a few days to a few weeks of this. This is another of those things written into code back when there was trust in the world and the "net" .... and it's another function that spammers have taken advantage of to get around the filters, blocks, and walls put up by folks that have the strange idea that spam is bad.

Your comment of "no contact details" could be taken a number of ways. I'll just leave it that this makes it obvious you have no taken the time to look at the FAQ.

I don't know if your "half made it through, half went into Held mail" is interesting or not. At this point only you can see what you've got and analyze why one went here and one went there.

Share this post


Link to post
Share on other sites

Thanks for your reply. I have looked at the FAQs but I readily admit that I haven't ploughed through everyhing. If you have tech support phone number or e-mail contact for Spamcop I'd be grateful to receive it or to be told (with some precision) where to find it. Below is a sample header from one of the SPAMS caught in Held Mail:

Date: Thu, 4 Nov 2004 23:01:37 +0700 [04/11/04 11:01:37 EST]

From: Mail Delivery Subsystem <MAILER-DAEMON[at]DOPA.GO.TH>

To: Goss[at]asgardmedia.com

Subject: Returned mail: see transcript for details

Headers: Show All Headers

ERROR: Your message could not be delivered.

The mail server generated the following error message:

The original message was received at Thu, 4 Nov 2004 23:01:22 +0700

from [201.255.7.112]

----- The following addresses had permanent fatal errors -----

<cross[at]khonthai.com>

(reason: 550 5.1.1 <cross[at]khonthai.com>... User unknown)

----- Transcript of session follows -----

... while talking to khonthai.khonthai.com.:

>>> RCPT To:<cross[at]khonthai.com>

<<< 550 5.1.1 <cross[at]khonthai.com>... User unknown

550 5.1.1 <cross[at]khonthai.com>... User unknown

Needless to say, there is no e-mail user with the address 'goss[at]asgardmedia.com', though asgardmedia is our domain. This has continued throughout the day.

Share this post


Link to post
Share on other sites
The original message was received at Thu, 4 Nov 2004 23:01:22 +0700

from [201.255.7.112]

I'd start there. If you have the originating IPs, best to report them manually to the ISP and to spam[at]uce.gov

Share this post


Link to post
Share on other sites

Samll catch is that your sample appears to basically be the "bounce" header .... You could complain to that ISP about the fact that bouncing these days of a spam and basing the bouce To: address on the contents of the forged To: or Reply To: lines is not a good thing these days. But to do it right, you'd actually want to do the analysis on the actual e-mail that caused the bounce ... one of the problems there is that not all ISP / e-mail software actually sends the original (complete) e-mail. The SpamCop parser and rules have been rewritten to disallow the reporting of bounces, due to many issues involved with trying to extract just the e-mail from whatever packaging that occurred from the bouncing system.

Share this post


Link to post
Share on other sites
Guest art101

This sounds very similar to something we went through last year. If you visit our home page and scroll to the bottom, you'll find a link to a Wired story about what happened and what we did about it.

I'm on a deadline today and can't spend much time typing here, but there's contact info at our site and I'll take your call if you want to talk. Or drop me a line and I'll get back to you this weekend.

Good luck... I feel your frustration and hope I can offer something that will help.

http://www.art101.com

Share this post


Link to post
Share on other sites
Guest art101

Sorry... should have checked your site first... looks like you're in the UK, an 8 hour time zone difference from us. I'd still take a call if I'm awake and working, or feel free to use the PHP form on our contact page. If our phones are on, we're working. If you get voicemail, we're out.

Again, good luck.

Share this post


Link to post
Share on other sites

Thanks for your replies esp. Art101. I have looked up the article on your site and this appears to be exactly what happened to me. I appreciate your offer of help. As someone else suggested, the bombardment appears to be over now so the Spammer has probably moved on. However, within my very limited technical resources I will try to trace the perpetrator using some of the tools I read about from following links to the Art101 article. Let me have a go at this and if unsuccessful I may still try calling you at a workable hour ( I assume you are West coast USA ).

Share this post


Link to post
Share on other sites
Guest art101

Hello, Asgardian. Worked very late here (yes, northern California)... just about to turn in.

Yes, it sounds like the same sort of event we went through. Wazoo's comment above sounds spot on and may help you find the creep who sullied your good domain name. Many bounced messages you received won't contain the full header of the original spam... since some ISPs won't return it to you.

In our case, we had to sift through the avalanche until we found several bounce messages from ISPs who returned the whole spam. That was our starting point in the detective work.

Here's a link that might be useful, if you aren't familiar with digging through email headers:

UXN spam Combat

Scroll down to the bottom right side of the page and check out the "spam Complaints Primer" link... good stuff there. They also provide several useful tools like "ping" and a "whois" function.

Also note that you can probably run some of the spew through SpamCop's robot - even if it's too old to report - just to see what SpamCop comes up with. As I recall, we did that and found many useful clues.

Also consider adding some sort of "we didn't spam you and we're looking into a recent incident" message on your home page. I believe it helped us fend off some of the hate mail we received from users who don't realize that return addresses are easy to forge.

Good luck and happy hunting! Keep us posted on what you discover.

Share this post


Link to post
Share on other sites

As Socks would write:

Post one or two with expanded headers to spamcop.spam [or here without spam bodies] so that people can help evaluate them.

Most internet users these days are wise to spammers using forged addresses, so don't worry about that too much. I would communicate with my ISP though if I were you so that they were aware of the forgeries. They might even be willing to [intercede with the ISPs that are sending you the most bounces].

Share this post


Link to post
Share on other sites

I was directed here from the spamcop.help newsgroup. I'm having the same problem -- a large number of bounced spams because of my email address being forged in the From or Reply-To line. When this happened in the past, the volume was low and it faded out in a few days. But this time it's been going on at high volume for about 6 weeks now, and increasing if anything. I'm currently up to about 150 per day.

I looked at the suggestions for tracking down the source, but using the SpamCop parser on headers from the spam appearing in some of the bounce messages gives a different source for nearly every one -- the first six I parsed showed the source as:

kornet.net (2)

telesp.br

grupohevi.com.mx

jazztel.com

verizon.net

So it looks like they're coming through open relays or some other indirect path. All the spams seem to be peddling the same stuff -- on-line meds -- so it's a good guess they're all from the same spammer. Any suggestions as to how to track the turkey down?

Share this post


Link to post
Share on other sites
spamcop.net,Nov 13 2004, 10:00 PM]I was directed here from the spamcop.help newsgroup.

That's a bit unusual. I'm the one that usually takes the heat for referring folks "here" from there and and I can't recall the thread involved that would have "directed" you here on this specific subject ... as it gets coverage enough in both places.

I looked at the suggestions for tracking down the source, but using the SpamCop parser on headers from the spam appearing in some of the bounce messages gives a different source for nearly every one -- the first six I parsed showed the source as:

As suggested in a couple of previous posts within this Topic alone, you don't have enough data here to make a clear picture .... what exactly are you parsing? If you are parsing the bounce, then what you are seeing is where the bounc came from .... but you are asking about where the "original" spew was sourced from .... quite a different thing.

Or, are you trying to parse a "crafted" bounce, such that the source indicated is the spew source? Why are you leaving things for "us" to guess at just what you are doing, what you are parsing, etc.?

So it looks like they're coming through open relays or some other indirect path. All the spams seem to be peddling the same stuff -- on-line meds -- so it's a good guess they're all from the same spammer. Any suggestions as to how to track the turkey down?

As stated in previous and other posts, both within this Forum structure and over in the newsgroups, you have to start with what's actually within these spam e-mails you're talking about (but did not provide any samples of - please provide Tracking URLs) .... If the "bounce" contains the entire and actual spam, then that can be parsed to locate the source. If the original isn't there or you are talking about something else entirely, then you probably can't go any further.

Basically, there is just so much stuff going on in the world, that talking abstracts and generics like this doesn't help anyone very much. Please provide a Tracking URL of something so the discussion can focus on something specific.

Share this post


Link to post
Share on other sites

Sorry. I wrote:

"using the SpamCop parser on headers from the spam appearing in some of the bounce messages . . " which I thought was clear. I'll try again.

Many of the bounce messages contain a copy of the header from the spam message. This included the forged "From:" line containing my email address, plus the remainder of the header. (This is what I meant by "headers from the spam appearing in some of the bounce messages".) I copied this header from the bounce message and ran this through the SpamCop parser to get the results I posted. (For convenience, I used messages that had gotten through my SpamCop spam filtering into my ISP inbox. Most of those don't include a copy of the spam itself, because the filter catches most of the ones which do. So I appended a few characters to the spam header to serve as a body so the SpamCop parser would accept it.)

I wasn't intentionally vague. I just underestimated the ability of readers to read what I wrote and believe it meant what it said. I keep forgetting that it's necessary to say things in at least two or three different ways, then repeat again after the first group of responses.

If it's still not clear, I'll try to say it in yet other words.

If you or anyone else thinks that posting some of the spam headers to spamcop.spam or elsewhere would help (that is, if anyone can use the headers to find a single real source for the spam), I'll be glad to post a half dozen or so. And I'd be interested in how it's done. I really would appreciate any help I can get in stopping or reducing this onslaught.

Roy Lewallen

Share this post


Link to post
Share on other sites

OK, found the thread .... it was me that made a suggestion, referring to art101's offer of help to another user ... I don't quite see "directed" in my posted remarks ..

> Current Topic on the exact subject over in the web-Forum.

> http://forum.spamcop.net/forums/index.php?showtopic=2987

> Poster there seems "happy" with an offer of help extended by

> another user.

semantics I suppose .. but that leads into your last post here ... this is a place that contains posts from many people, and those people have varied backgrounds, experiences, histories, and knowledge levels. Many say one thing but mean another. Many try to use the "lingo" but don't actually know what the words they are using really mean. Some try to define certain words in their own way. You suggest needing to say things three different ways to make your point clear .... I contrast that to my suggesting that you pick a specific spam item and start a discussion on just that specific spam item ... thus "we all" know what is being talked about and being talked to.

Then you further question the scenario of "posting headers" to track down your dozens of different sources .... and once again, I'll repeat my actual suggestion ... post the Tracking URL of the particular spam. You say you've already looked at the headers and they come from all over the place. A newsgroup response has already suggested at trying to track down the spamvertised web-site, if that's the only thing in common amongst your batch of spam.

You suggest that I can't read what you wrote ... I'm going to have to suggest that you aren't picking up my points either.

Share this post


Link to post
Share on other sites

art101 seemed to think that the work he did to track down the actual spammer who was using a forged From with his domain in it was worth the trouble. I didn't check out what he did (published on his web page).

However, from what I know about tracking spam (and spammers), he gave the correct information to find the culprit. What you need to do is read his stuff, then if you don't understand something (or it doesn't work for you), ask a specific question.

Myself, I prefer to complain to the abuse desk who 'bounced' messages after receiving them since tracking down the spammer is something that is difficult to do (and one needs to really know the 'lingo' and how email and the internet works). I am one of those who don't understand the 'lingo' and may not always use correctly. IIRC, it took me several days of posting questions and being answered to just understand the difference between 'emails directed to the From for undeliverable email' and 'SMTP reject' (which, ISTM, is being used to identify the preferred 'bounce' since people were not understanding that there are two 'bounces' or ways of getting a message that email is undeliverable). I think I do understand the concept of email, but can only decipher very simple headers.

Posters like art101 here (or in the ng) may point you in the right direction, but most of them don't have the time to 'find the real source' for you.

Miss Betsy

Share this post


Link to post
Share on other sites

Guilty as charged -- I apologize.

I see what you're getting at (I think) is that I shouldn't be looking at the source of the spam, but rather what SpamCop calls the "spamvertized web site" -- I admit I wasn't familiar with the term "tracking URL" but some web research indicates that's what it is. Anyway, that makes good sense -- thanks!

So I looked at some of the bounces that contained the full spam message and dug out the URLs the spammer has listed for responses. Here are the ones from three of the messages:

http://dexcellences.lvsdfbefd.info/3/

http://dcoteline.lobjxndfe.info/3/

http://dregimentation.lavnfjefs.info/3/

http://dpharisee.lavnfjefs.info/3/

http://dsafemaking.lvsdfbefd.info/3/

http://daphrodisian.lvsdfbefd.info/3

http://dautobiography.lavnfjefs.info/3/

http://dsphygmophonic.lobjxndfe.info/3/

http://dunscourged.lzogfefdf.info/3/

http://dmicrophotograph.lavnfjefs.info/3/

http://doverfamiliarity.lavnfjefs.info/3/

http://dtobaccoman.lzogfefdf.info/3/

Here's where my ignorance really shows, and where I can use some help. I did a whois on several of these (e.g., lvsdfbefd.info, lavnfjefs.info, etc.), and all are registered to a Ruslan Yavorenko in Leningrad. The nameservers are NS6.DNSISGREAT.COM and NS4.4GREATDNS.COM, and those are registered by gandi.net. The gandi.net website says they're just a registrar and don't do anything about spam. Attempts to reach dnsisgreat.com and 4greatdns.com brought back a "cannot reach" response.

Seems I need to find the domain host and send a complaint to them, but I don't think I know it yet. I'll be perfectly willing to do the grunt work if someone can point me in the right direction, either something to do next, or a place where I can read and learn what to do.

Thanks!

Roy Lewallen

Share this post


Link to post
Share on other sites
spamcop.net,Nov 15 2004, 04:32 AM]I see what you're getting at (I think) is that I shouldn't be looking at the source of the spam, but rather what SpamCop calls the "spamvertized web site" -- I admit I wasn't familiar with the term "tracking URL" but some web research indicates that's what it is.

That's not what a Tracking URL is. Here's a link to the Glossary:

http://forum.spamcop.net/forums/index.php?showtopic=2530

Tracking URL

When looking at the Report Page of the Parser Results, the top of the page contains these words (your reference number will be different);

spam Header

Here is your TRACKING URL - it may be saved for future reference:

http://www.spamcop.net/sc?id=z641303267z04...fef3b3d92488bfz

Skip to Reports

This "future reference" URL is the "Tracking URL" (etc.)

DT

Share this post


Link to post
Share on other sites

Once again, my error -- sorry.

But am I going in the right direction in trying to track down the host of the spamvertized web site, or should I backtrack, run a bunch of the spam headers through SpamCop, and post the tracking URLs? As I mentioned, running them through SpamCop gives a different origin for nearly every one, while the spamvertized web sites all seem to point back to the same person. But I don't know how to proceed beyond what I've done, and don't yet know who the host is, except maybe the nameservers NS6.DNSISGREAT.COM and NS4.4GREATDNS.COM, which I can't seem to get any more information on except that they're registered by gandi.net.

A google search of "Ruslan Yavorenko" (the registree of the spamvertized web sites) brought this very interesting URL: http://eclecticdjs.com/mike/spam/spam-11-04.html. Apparently this spammer uses a large number of web sites, and quite a variety of names.

Can anyone suggest how to proceed from here?

Roy Lewallen

Share this post


Link to post
Share on other sites

http://www.spamhaus.org/rokso/listing.lass.../%20iNkus%20LTD has some more data on what I'll assume is the same spammer. You may want to see how much of your data matches, if any is new ....

Maybe read the little blurb at the ledt of the page found at http://www.spamhaus.org/rokso/index.lasso rhar explains a bit about this listing.

At this point, you're now getting into some heavy work .. perhaps run over to the Lounge and look for an old Topic dealing with looking up "upstream" targets.

Some Topics to start with;

http://forum.spamcop.net/forums/index.php?showtopic=2279

http://forum.spamcop.net/forums/index.php?showtopic=2012

http://forum.spamcop.net/forums/index.php?showtopic=408

Share this post


Link to post
Share on other sites

The ROSKO listing doesn't look like the same person -- the only point of commonality I could find was the first name. Everything else appears to be different.

It looks like several, if not all, of the URLs used by the spammer have the IP address 221.11.133.67. I was able to do a tracert on it, but don't know how to interpret the results. I looked over quite a few of your earlier postings about determining the upstream provider, and see that I'm very, very much out of my depth. I see talk about collection points, adjacent AS, BGP tables, and a whole pile of other terms whose meaning I don't have a clue about. As Miss Betsy accurately pointed out, you people who know how to do this don't have the time to do it for us clueless folk -- there are just too many of us and too few of you. And it looks like it would take a really extended period, months maybe, of learning the details of Internet protocol and web structure to even begin to figure out how to do it myself.

So, I guess the only practical option for me is to grin and bear it. Sooner or later, I hope, the spammer will piss of somebody who has the knowledge and skill to do something about them. In the meantime, the web pretty much belongs to the spammers.

Thanks very much for your time and patience. I appreciate it.

Roy Lewallen

Share this post


Link to post
Share on other sites

http://www.senderbase.org/?searchBy=ipaddr...g=221.11.133.67

11/16/04 09:37:51 whois 221.11.133.67[at]whois.apnic.net

inetnum: 221.11.128.0 - 221.11.223.255

netname: CNCGROUP-HI

descr: CNC Group Hainan province network

descr: China Network Communications Group Corporation

descr: No.156,Fu-Xing-Men-Nei Street,

descr: Beijing 100031

country: CN

admin-c: CH455-AP

tech-c: CH455-AP

remarks: service provider

mnt-by: APNIC-HM

mnt-lower: MAINT-CNCGROUP-HI

changed: hm-changed[at]apnic.net 20030122

status: ALLOCATED PORTABLE

source: APNIC

role: CNCGroup Hostmaster

e-mail: abuse[at]cnc-noc.net

address: No.156,Fu-Xing-Men-Nei Street,

address: Beijing,100031,P.R.China

nic-hdl: CH455-AP

phone: +86-10-68019956

fax-no: +86-10-68019958

country: CN

admin-c: CH444-AP

tech-c: CH444-AP

changed: abuse[at]cnc-noc.net 20031016

mnt-by: MAINT-CNCGROUP

source: APNIC

11/16/04 09:47:44 Slow traceroute 221.11.133.67

Trace 221.11.133.67 ...

152.63.53.238 RTT: 70ms TTL: 32 (0.so-3-0-0.XR1.SAC1.ALTER.NET ok)

152.63.54.121 RTT: 69ms TTL: 32 (POS6-0.IG3.SAC1.ALTER.NET ok)

208.214.140.94 RTT: 258ms TTL: 32 (cncgroup-gw.customer.alter.net ok)

219.158.3.9 RTT: 272ms TTL: 32 (No rDNS)

219.158.5.6 RTT: 374ms TTL: 32 (No rDNS)

219.158.4.34 RTT: 305ms TTL: 32 (No rDNS)

219.158.10.50 RTT: 323ms TTL: 32 (No rDNS)

221.11.160.2 RTT: 300ms TTL: 32 (No rDNS)

221.11.128.66 RTT: 293ms TTL: 32 (No rDNS)

221.11.128.170 RTT: 296ms TTL: 32 (No rDNS)

* 221.11.133.61 RTT: 417ms TTL: 32 (No rDNS)

* * * failed

221.11.133.67 RTT: 330ms TTL: 55 (No rDNS)

11/16/04 09:50:36 IP block 208.214.140.94

Trying 208.214.140.94 at ARIN

Trying 208.214.140 at ARIN

OrgName: UUNET Technologies, Inc.

OrgID: UU

Address: 22001 Loudoun County Parkway

City: Ashburn

StateProv: VA

PostalCode: 20147

Country: US

NetRange: 208.192.0.0 - 208.255.255.255

CIDR: 208.192.0.0/10

NetName: UUNET1996B

NetHandle: NET-208-192-0-0-1

Parent: NET-208-0-0-0-0

NetType: Direct Allocation

NameServer: AUTH03.NS.UU.NET

NameServer: AUTH00.NS.UU.NET

Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE

RegDate: 1996-05-08

Updated: 2001-09-26

TechHandle: OA12-ARIN

TechName: UUnet Technologies, Inc., Technologies

TechPhone: +1-800-900-0241

TechEmail: help4u[at]mci.com

OrgAbuseHandle: ABUSE3-ARIN

OrgAbuseName: abuse

OrgAbusePhone: +1-800-900-0241

OrgAbuseEmail: abuse-mail[at]mci.com

Share this post


Link to post
Share on other sites

I'm sure that anyone with a modicum of knowledge, skill, and spunk, would look at all that and say, "Of course! Now I know exactly what to do! Thanks, Wazoo!" It's also apparent that anyone who has no idea what it all means, isn't worth even a few words of explanation. So all the posting does is to further impress me with how much you know and how little I do. Assuming that was why it was posted, it was a success.

I get the message -- if you don't understand this, don't even bother to ask. The experts have more important things to do. I'll leave you alone now.

Roy Lewallen

Share this post


Link to post
Share on other sites

No, it's called trying to do too much ... I posted that as I had the page / data started when I got the emergency phone call ... figuring it'd give you a starting point to dig a bit further .... Back from the hospital now, but waiting for a return phone call from the wife of the guy I just took to the hospital ... I'll finish up when I get the opportunity to focus a bit on your issue ... but for right now, you are way down on the list ......

Oh, and the how to win friends and be gracious award of the day goes to:

-=-=-=-=-=-

Thanks, I tried tracking down the spamvertized sites. There were a lot,

but most or all seemed to have the same IP address. But information

about how to get from there to the actual web host is pretty obscure,

and I haven't been able to find anyone willing or able to help in any

meaningful way. I'm not sure whether it's because it's extremely

complicated, or because the people with the knowledge are afraid of

losing some guru status by allowing any of the unwashed masses to learn

any of the sacred lore. I suspect it's some of both. At any rate, it

sounds from your posting that a complaint to the web host isn't likely

to do much good, anyway.

It looks like there are only two options. One is to spend a very long

time getting intimately acquainted with web and Internet protocol and

jargon, and spammer and anti-spam techniques; or to just keep deleting

the bounces in hopes that it will eventually subside. For me, only the

second is practical, so that's what I'll do. I'm getting about 200

bounces per day now, still increasing since it started about 6 weeks

ago. It's gotta stop sometime.

Roy Lewallen

-=-=-=-=-

On second thought .....

Share this post


Link to post
Share on other sites

I apologize for mistaking your motives. Because none of your responses were helpful, and either referred to or gave information that's pretty much incomprehensible to me, I assumed that you weren't really trying to help. I see now that you really were, but just greatly overestimated my knowledge and ability.

Putting the situation in terms more familiar to me, it's something like this: Someone posts a question on an antenna newsgroup saying his TV picture is noisy and what can he do about it. I respond by posting some links to integral equations for calculating antenna self impedance, and tell him how a spectrum analyzer can be used to determine the bandwidth of the television signal. When he expresses confusion about this, I give him a set of tranmission line equations and some information about calculating and measuring receiver noise figure. Now, if I'm actually trying to help, it certainly won't be obvious to the poor guy who posted the question. I probably did impress him with how much we engineers know about such things, and how little he knows in comparison. But he still won't have a clue about why his TV picture is noisy.

If the newsgroup is one normally dealing with highly technical matters, his posting was probably inappropriate. But someone should have extended the courtesy of pointing him to some group more oriented toward consumers, assuming no one wanted to stoop to explaining things on his level.

It looks to me like I'm in the wrong place here, since the assumed knowledge level is way above mine. That would explain why you assumed your postings would be helpful to me, while in fact they weren't. I apologize for coming, and for taking up time which could have been spent helping people who can benefit from your knowledge. I'll get back to the groups where I'm one of the folks who knows the subject matter, and where I can hopefully help others who don't -- and let you get back to helping the folks who are knowledgeable enough to benefit from your postings. I fully agree with your decision not to waste any more time on me.

I appreciate your effort. Thanks for taking it.

Roy Lewallen

Share this post


Link to post
Share on other sites

Hi, Roy,

spamcop.net,Nov 16 2004, 10:49 PM]<snip>

It looks to me like I'm in the wrong place here, since the assumed knowledge level is way above mine. That would explain why you assumed your postings would be helpful to me, while in fact they weren't. I apologize for coming, and for taking up time which could have been spent helping people who can benefit from your knowledge. I'll get back to the groups where I'm one of the folks who knows the subject matter, and where I can hopefully help others who don't -- and let you get back to helping the folks who are knowledgeable enough to benefit from your postings. I fully agree with your decision not to waste any more time on me.

<snip>

20223[/snapback]

...No, no, no, no, NO!!!! You are in the right place! These fora are populated both by the highly technical and the relatively non-technical (in terms of the internet and e-mail). If the information you're being presented is over your head, do not hesitate or be too embarrassed to say so. In my experience, someone comes along (often the person who posted the original technical information) to explain at a less technical level or to offer other resources.

...IIUC, you misunderstood Wazoo's latest reply. His intent wasn't merely to post the analog to "integral equations for calculating antenna self impedance," but to explain them, the latter of which was interrupted by something I would hope you'd admit is far more important -- an emergency requiring a dash to the hospital. I'll drop him a "personal message" to remind him to return when he has a chance.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×