North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: backscatter hosts

  • From: Steven Champeon
  • Date: Tue May 18 19:04:24 2004 
on Tue, May 18, 2004 at 11:37:49PM +0100, Chris Edwards wrote:
> Much as I hate to come to their defence, hotmail rejects unknown users
> during the dialog, and has done so for as long as I can remember.

That may be so. But I've got 208 hotmail.com hosts "back"listed for
backscatter dreck such as this:

--8<----8<----8<--
 From MAILER-DAEMON  Wed Apr 14 16:17:33 2004
 Received: from mc6-s2.hotmail.com (mc6-s2.bay6.hotmail.com [65.54.251.76])
    by serrano.hesketh.net (8.12.9p1/8.12.8/NO-UCE-NO-UBE-NO-spam) with ESMTP id i3EKHVAh005383
    for <[email protected]>; Wed, 14 Apr 2004 16:17:32 -0400
 Received: from mc6-f11.hotmail.com ([65.54.252.147]) by mc6-s2.hotmail.com with Microsoft SMTPSVC(5.0.2195.6713);
      Wed, 14 Apr 2004 13:17:36 -0700
 From: [email protected]
 To: [email protected]
 Date: Wed, 14 Apr 2004 13:14:29 -0700
 MIME-Version: 1.0
 Content-Type: multipart/report; report-type=delivery-status;
     boundary="9B095B5ADSN=_01C42243E592A444000006B1mc6?f11.hotmail."
 Message-ID: <[email protected]>
 Subject: Delivery Status Notification (Failure)
 X-OriginalArrivalTime: 14 Apr 2004 20:17:36.0210 (UTC) FILETIME=[86CCFB20:01C4225D]
 Content-Length: 7430
 Lines: 142 

 This is a MIME-formatted message.
 Portions of this message may be unreadable without a MIME-capable mail program.

 --9B095B5ADSN=_01C42243E592A444000006B1mc6?f11.hotmail.
 Content-Type: text/plain; charset=unicode-1-1-utf-7

 This is an automatically generated Delivery Status Notification.

 Delivery to the following recipients failed.

        [email protected]

 --9B095B5ADSN=_01C42243E592A444000006B1mc6?f11.hotmail.
 Content-Type: message/delivery-status

 Reporting-MTA: dns;mc6-f11.hotmail.com
 Received-From-MTA: dns;accsports.com
 Arrival-Date: Wed, 14 Apr 2004 13:14:19 -0700

 Final-Recipient: rfc822;[email protected]
 Action: failed
 Status: 5.2.3
 Diagnostic-Code: smtp;552 5.2.3 This message is larger than the current system limit or the recipient's mailbox is full. Create a shorter message body or remove attachments and try sending it again.

--8<----8<----8<--

Granted, it's a DSN for an over-quota user, not a nonexistent user, but
the rejection happens after accept, and the DNS goes to the forged sender.

Steve

-- 
hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com
Buy "Cascading Style Sheets: Separating Content from Presentation, 2/e" today!
http://www.amazon.com/exec/obidos/ASIN/159059231X/heskecominc-20/ref=nosim/