North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ** Forged spamming going on

  • From: Jon Lewis
  • Date: Tue Dec 22 01:14:43 1998

On Mon, 21 Dec 1998, Robert Tarrall wrote:

> [email protected] wrote:
> -> some luser off of AT&T DIalup is using (my domain) for relaying
> -> mail:
> -> Received: from (
> -> [...]
> -> He is sending thousands of emails to AOL users, who is then bouncing them
> -> to me.
> -> [...]
> -> Thinking about this, there is no solution; here are my options:
> -> 
> You forgot:
> 4) Deny relaying, which sendmail 8.9.1a will do by default (has worked
>   great for us so far), and

I almost said that, but then I read the header he posted.  This wasn't a
case of's just "from address forgery".  The same problem I
posted about a week or two ago.  Some moron sends out a few hundred
thousand messages relayed through a variety of 3rd parties, claiming to be
from [email protected] being your domain.  When
the 3rd party relays fail to deliver tens of thousands of messages because
the spammer bought a 3rd rate address list full of bogus addresses, guess
where the bounces go?

> 5) Deny access to (and,,
>, etc) which is what we're doing here just because we
>   get so much spam directly from such dialup accounts these days.

And if you use a service like iPass, this becomes highly inconvenient for
your customers unless you've setup a relay after pop3 hack.

----don't waste your cpu, crack team enzo---
 Jon Lewis <[email protected]>  |  Spammers will be winnuked or 
 Network Administrator       |  nestea'd...whatever it takes
 Florida Digital Turnpike    |  to get the job done.
______ for PGP public key________