[22278] in North American Network Operators' Group
Re: ** Forged spamming going on
daemon@ATHENA.MIT.EDU (Stephen Stuart)
Mon Dec 21 13:18:23 1998
To: nanog@merit.edu
Cc: Stephen Stuart <stuart@tech.org>
In-reply-to: Your message of "Mon, 21 Dec 1998 11:23:33 EST."
<Pine.BSF.4.05.9812211121360.24932-100000@iago.nac.net>
Date: Mon, 21 Dec 1998 10:15:02 -0800
From: Stephen Stuart <stuart@tech.org>
> On Mon, 21 Dec 1998, Robert Tarrall wrote:
>
> [...]
> A user dialed into ATT, sent thousands of emails to aol.com users, with a
> forged return-address of youarecool@mailme.com, which AOL bounces back to
> youarecool@mailme.com, which is a domain I own.
>
> Relaying on my machines has no bearing on this.
Someone did this to me about six months ago, and yes, there's nothing
you can do to prevent the bounces from coming your way.
I used sendmail 8.9.1's access feature to cause *me* to bounce mail
sent to the forged from address with code:
550 No such user; forged header address used by spammers
It didn't help me in the AOL case; they don't appear to be watching
for double-bounces. It did help with recipients who tried to reply to
the forged from address.
Stephen
