OT: New spam technique?

Actually it doesn't look like it does.

Think the majority of the mails the OP received are this kind of dead letter messages. Immediate bounce worked in the days the spammers return address was real i.e. the address from which the mail was send. These days the return address is faked most of the time. It's a random_name@an_existing_domain.

I manage a small private network which domain name is misused this way. So I installed a mail server that discards all non-defined names. The other mail is distributed to the respective users.

petrus bitbyter

Use google mail. It catches more than 98% of spam, and I average around 2000 per month incoming.

Some people get so much spam from Gmail accounts that they filter out all e-mail from that domain. What good does their incoming filtering do, when it reaches a point no one will read what you send?

I just get an occasional one from the same people. It is specifically targetted at domains offering spamming services to webmasters. The recipient address is a made up snipped-for-privacy@mydomain.com. I have sendmail set up to catch 'unknowns' and redirect them to another account on the server.

I'm just trying to be Mr Good Bob.

When it started initially I set up sendmail to reject the particular IP and bounce the mail with a message. Of course then they used a different IP.. At the moment I'm rejecting on the recipient address with a 'Mail box is full please try again later' message.

However, as someone has pointed out, it's probably just bouncing things out to someone who knows nothing about it so it might be best to just discard them.......

What happens when some moron decides it's time to spam the abuse address?

It's a lose lose situation.......

DNA

This is why the entire e-mail system needs updated to secure communications, so you know which server originated the e-mail. Sure, it will take a little more overhead, but it would eliminate every untraceable piece of spam, which should reduce the overall bandwidth required for all E-mail.

I honestly don't understand what is meant by "every untraceable piece of spam". (and I acknowledge that you're not alone in using that phrase).

I handle hundreds of thousands of email messages daily for tens of thousands of users, and I can tell you from which computers my mail servers received each and every one of them. If a message is spam, I don't *care* where it "originated". If it didn't originate on the computer that handed it to my mail server, it's up to the admin of that computer to figure out where *they* got the message from (assuming a complaint is at stake).

In the vast majority of cases, where some DSL/cablemodem/dialup client systems are handing our mail servers the spam, all I care about is whether there's someone responsible at the ISPs to instruct their clients to clean up their systems. There rarely is, but the smaller ISPs tend to be much more responsive.

Good Idea! You could download the source code for any number of free software mail servers and clients, and modify them, and release a complete, secure mail suite.

Good Luck! Rich

OK, I'll be stupid. I just know this won't work??????

In setting up sendmail I added some stuff somewhere and added some other stuff somewhere else.

If I read the logs right, and I probably don't, then I get the impression that for some of this stuff, over and above refusing to relay or borking for not logging in, sendmail is querying DNS or whatever servers to make a decision as to what it might do with the information it gives in its logs.

So......

Being silly.

Some computer contacts my computer and says

'Hello, I am bootyboyhorserider. I would like to send you an e-mail'

My computer sends back a message to bootyboyhorserider saying

'Hello bootyboyhorserider, you wanted to know if I wanted to recieve your e-mail. My rubberpissboy operator says that's OK... you may do me a two.'

Some computer comes back and says....

'Here is your two, here is the e-mail. Thank you for the wellingtons.'

DNA

It spoofs a unknown recipient mail, basically exactly what you get if you personally send an email to a non-existant address. Basically, when a server (after the @) recieves an email, it tries to put it at that specific address (that is, gmail.com tries to give the mail to username (@gmail.com)). If that user doesn't exist, gmail will send back an unknown recipient/return to sender kinda mail. Likely, spammers get these and then take the address of their list since it doesn't exist. This program, thus, fakes those emails for you, to trick the spammers. A great trick, assuming you get zero false positives ;)

-andy

A great trick several years ago, when it was first tried.

Two weeks later many Spammers had modified their mail engines to circumvent that trick. By now there aren't any left in business who haven't made the change.

Sending *anything* that isn't an original mail generated by a user on your own server is now likely to become an exploitable mechanism by which spammers can use you to relay.

The only way to avoid having this happen to notifications sent by your mail server is to verify that the return address is really who sent it to you, and that can only be done to an approximation at best.

Best of all, configure your mail server to send no notifications at all. The RFC covering email server behaviour will just have to be broken.

I have accounts at both yahoo and gmail; gmail's filterer is *much* better. (I accidentally posted to Usenet one time, using gmail address -- Google is "friendly" and makes this the default when accessing Groups while reading e-mail. This brings me several spams per day, but *every one* is sent to Spam folder. I spot-check Spam every now and then and, unlike Yahoo's, have *never* seen a legitimate mail in the spam folder.)

Yahoo has sent "invites to gmail" to its spam folders!

I suggest a simple solution to e-mail spam though it would require a micro-money system better than PayPal's. Every e-mail involves a one-penny transfer from sender to recipient. (You get it back, of course, when recipient replies, or after a bounce.)

Surely a micro-money system would be good anyway. It won't happen. All proposed solutions, e.g. by Microsoft, are designed to make money, e.g. for Microsoft, rather than help consumer.

James Dow Allen

A correctly configured mail server will _not_ send back any massage for unknown recipients. Such a mailer will check the recipient address before accepting a message and before accepting the responsibility to deliver the message. I a message to unknown users is simply rejected there is no need to send delivery failure notifications. The sending server has responsibility for the message and should handle the error. There is no need at all -in fact it would be stupid- to take over that responsibility if you know -or could know- that the message can not be delivered. The same logic applies to spam detection. Test the message and simply reject it if you think it is spam. Even in case you reject a regular mail the sender will be notified that the message could not be delivered. But that is not your responsibility if you don't accept the message.

But this is all about mail _servers_. What can you do as an end user with a POP or IMAP account? I'm afraid there is very little you can do. First you are way too late to reject responsibility for the message delivery. Second the simply fact that your provider accepted the message is a sure indication to a spammer that the address was valid. Third it is almost 100% certain that the sender address in a spam message is forged; either it is an invalid address or it is a random chosen address of an innocent third party. In either case you _should not_ send non delivery notification. Those notifications _will not_ reach the spammer, are likely to bounce, and just enlarge the whole spam problem.

As an end user you only have two options to handle spam that has not been filtered out by your provider: trash it automatic or trash it manual.

Regards

Kees.

A little addition to my previous posting. Just to be clear. Of course I'm talking about a mail server at the receiving end of a mail transmission path.

Regards,

Kees.

This would hamstring legitimate large mailing lists. You would at least need to add a type of whitelisting, where Alice can tell the system not to charge Bob for e-mailing her.

"Hamstring"??? Not at all, it merely increases their expense, and rightly so.