Function Get-WhoIsRecord { param( [string]$address = $(throw "Error: address is a required parameter."), [string]$whoisServer = 'whois.arin.net', [int]$port = 43 ) if ($address -match '\d+.\d+.\d+.\d+') { $ipAddress = $address } else { $ipAddress = [System.Net.Dns]::GetHostEntry($address).AddressList[0] } $whoisClient = New-Object System.Net.Sockets.TcpClient $whoisClient.Connect($whoisServer, $port) if (-not $whoisClient.Connected) { throw "Unable to establish a connection with whois server '$whoisServer' on port $port." } $whoisStream = $whoisClient.GetStream(); $whoisWriter = New-Object System.IO.StreamWriter($whoisStream) $whoisWriter.WriteLine("+ $ipAddress") $whoisWriter.Flush() $whoisReader = New-Object System.IO.StreamReader($whoisStream) $whoisRecord = New-Object System.Management.Automation.PSObject $whoisRecord.PSObject.TypeNames.Clear() $whoisRecord.PSObject.TypeNames.Add('WhoIsRecord') foreach ($subRecord in [RegEx]::Split($whoisReader.ReadToEnd(),"`n{2,}")) { foreach ($row in $subRecord.Split("`n",[System.StringSplitOptions]::RemoveEmptyEntries)) { if ($row -match '^#') { continue } $elements = [RegEx]::Split($row,"\:\s{1,}") if (($whoisRecord | Get-Member -Name $elements[0]) -eq $null) { $whoisRecord | Add-Member -Name $elements[0] -MemberType NoteProperty -Value ([string]::Join(':', $elements[1..$($elements.Count - 1)])) } else { $whoisRecord.$($elements[0]) = @($whoisRecord.$($elements[0])) + [string]::Join(':', $elements[1..$($elements.Count - 1)]) } } } $whoisRecord $whoisClient.Close() $whoisStream.Close() } Function Fight-ContentTheft { param( [string]$offendingBlogUrl = $(throw "Error: offendingBlogUrl is a required parameter.") ) $spammersAddress = $offendingBlogUrl.Replace('http://','').Split('/')[0] $whoisRecord = Get-WhoIsRecord $spammersAddress $subject = "Spam from one of your customers" $body = @" To whom this may concern, I have recently received comment spam on my blog from one of your customers. They are stealing content from blogs like mine and creating trackback links for the sole purpose of drawing people to their site so they can get click-through links on that site. The content they have posted on their blog is mine and mine alone, and they do not have my permission to reproduce it and link to my blog to draw my readers to their site so that they can generate click-through revenue. The internet address of the customer I am referring to is $spammersAddress ($([System.Net.Dns]::GetHostEntry($spammersAddress).AddressList[0])). You can see the blog entry I am referring to here: $offendingBlogUrl It links to an article on my blog. I do not appreciate this sort of thing and it definitely seems to be against your hosting services abuse policy. Please take care of this. "@ [System.Diagnostics.Process]::Start("http://$([RegEx]::Replace($whoisRecord.OrgAbuseEmail,'\w+@',''))") [System.Diagnostics.Process]::Start("mailto://$($whoisRecord.OrgAbuseEmail)?Subject=$([System.Web.HttpUtility]::UrlEncode($subject).Replace('+','%20'))&body=$([System.Web.HttpUtility]::UrlEncode($body).Replace('+','%20'))") } # example: # Fight-ContentTheft 'contentthief.commentspammer.info/1969/12/31/when-in-doubt-ask-the-community'