![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SpamCop-List] Re: Spammer Soap Box?
John E. Malmberg
wb8tyw at qsl.network
Wed Jan 21 12:02:20 EST 2004
In article <bultl5$ibt$1 at news.spamcop.net>, Michael Lefevre <michael.spamcop at michaellefevre.com> writes:
> Godwin Stewart wrote:
> [snip stuff about loopback DNS]
>> b) accept the spam and send a DSN later. The DSN will be undeliverable,
>
> Well, that depends on the mail server. Some mailservers will successfully
> deliver the message themselves, and continue to do until they spot a
> looping message from the Received headers.
>
> Of course this is rather broken behaviour, but that's not a reason to
> target it...
What a horrible thing to happen to a mainsleaze spammer.
It may also tie up an open proxy for a bit.
But as long as it is not visible to the public like being in a FROM: or a
REPLY-TO:, etc, in a newsgroup or mailing, no one should be mailing to it
by mistake.
Hiding one in the X-headers (appropriately chosen ones) or on a web page
where it is not readable by humans should limit the damage to the machines
actively used for spamming.
>> meaning that postmaster @ $ISP will get a delivery failure message.
>>
>> Yes, b) does mean that postmaster will get unwanted mail. This unwanted
>> mail, however, serves as a real-time warning of $ISP's subscribers coming
>> under attack and supplies the IP addresses from whence the attack is
>> coming so the network people know what to block.
>
> Hrm... so ISPs should be happy to receive extra spam at admin addresses,
> because it warns them that they're being spammed? Unless they're
> clueless, they can probably figure that out anyway. If they are
> clueless, they probably don't want to know...
Actually it is letting them know that they are bouncing spam to other victims,
and in this case the victim is them.
> Admittedly, the loopback is only going to cause problems if a spammer
> decides to abuse it, and even then only if the receiving server isn't very
> well configured. But if people have badly-configured servers and are
> getting spammed, you're just making their problems worse...
If the domain part of an e-mail address is getting such a quantity of these
useless bounces as to make filtering them impractical, it seems like setting
that name to have the mail sent to 127.0.0.2 would help educate the bouncer's
that what they are doing is a bad thing.
If nothing else, it will convince them to stop sending e-mail to that specific
address (or the domain, unless they have a user that has a legitimate need to)
-John
wb8tyw at qsl.network
Personal Opinion Only
More information about the SpamCop-List
mailing list