[65566] in North American Network Operators' Group
Re: incorrect spam setups cause spool messes on forwarders
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Tue Dec 2 14:31:55 2003
To: Alexander Bochmann <bochmann@FreiNet.de>
Cc: nanog@merit.edu
In-Reply-To: Your message of "Tue, 02 Dec 2003 20:05:47 +0100."
<20031202190547.GB4387@FreiNet.de>
From: Valdis.Kletnieks@vt.edu
Date: Tue, 02 Dec 2003 14:30:13 -0500
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-630416776P
Content-Type: text/plain; charset=us-ascii
On Tue, 02 Dec 2003 20:05:47 +0100, Alexander Bochmann <bochmann@FreiNet.de> said:
> I agree that much of the anti-spam stuff out there
> is kludgy at best, and often harmful to other users,
> but let's not forget that it's the spammers who make
> all this necessary...
Today's stupid spammer trick:
The other day, I posted something in reply to Stephen Wilcox, with a cc: to
this list. Less than 10 minutes later, I got 4 notes from a site saying that
my posting (which still had nanog and wilcox referenced) had tripped a content
sensitivity filter. Double checking my outbox, I'd only posted one thing that
had both wilcox and nanog in the headers for at least a month. Despite all
this, the site admin in question fished out the actual note from their
quarantine, and discovered that it was spam for some enhancement product.
The only conclusion we could come up with is that somebody on the NANOG list is
infected with some sort of malware that waits for mail to arrive and then uses
its headers to generate a joe-job spam, and that 4 spams had gone off to the
site that generated the notes back to me.
Forget the baseball bat, this one deserves a lead pipe... :)
--==_Exmh_-630416776P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE/zOhEcC3lWbTT17ARAm7kAJ9iwEL3QLgn4K+jIf/mDGNzsE0K0QCgrVQt
lfcAQD9qLuZRs0jmD6paecE=
=BwOk
-----END PGP SIGNATURE-----
--==_Exmh_-630416776P--
