[22299] in North American Network Operators' Group
Re: ** Forged spamming going on
daemon@ATHENA.MIT.EDU (Jon Lewis)
Tue Dec 22 01:15:51 1998
Date: Tue, 22 Dec 1998 01:13:19 -0500 (EST)
From: Jon Lewis <jlewis@inorganic5.fdt.net>
To: Robert Tarrall <tarrall@ecentral.com>
Cc: alex@nac.net, nanog@merit.edu
In-Reply-To: <199812211607.JAA04735@hades.ecentral.com>
On Mon, 21 Dec 1998, Robert Tarrall wrote:
> alex@nac.net wrote:
> -> some luser off of AT&T DIalup is using mailme.com (my domain) for relaying
> -> mail:
> -> Received: from mailme.com (146.st-louis-71-72rs.mo.dial-access.att.net
> -> [...]
> -> He is sending thousands of emails to AOL users, who is then bouncing them
> -> to me.
> -> [...]
> -> Thinking about this, there is no solution; here are my options:
> ->
>
> You forgot:
>
> 4) Deny relaying, which sendmail 8.9.1a will do by default (has worked
> great for us so far), and
I almost said that, but then I read the header he posted. This wasn't a
case of relaying...it's just "from address forgery". The same problem I
posted about a week or two ago. Some moron sends out a few hundred
thousand messages relayed through a variety of 3rd parties, claiming to be
from idontexist@yourscrewed.com...yourscrewed.com being your domain. When
the 3rd party relays fail to deliver tens of thousands of messages because
the spammer bought a 3rd rate address list full of bogus addresses, guess
where the bounces go?
> 5) Deny access to dial-access.att.net (and dialsprint.net,da.uu.net,
> pub-ip.psi.net, etc) which is what we're doing here just because we
> get so much spam directly from such dialup accounts these days.
And if you use a service like iPass, this becomes highly inconvenient for
your customers unless you've setup a relay after pop3 hack.
----don't waste your cpu, crack rc5...www.distributed.net team enzo---
Jon Lewis <jlewis@fdt.net> | Spammers will be winnuked or
Network Administrator | nestea'd...whatever it takes
Florida Digital Turnpike | to get the job done.
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key________
