some luser off of AT&T DIalup is using mailme.com (my domain) for relaying mail: Received: from mailme.com (146.st-louis-71-72rs.mo.dial-access.att.net [12.75.28.146]) by atom.ntgi.net (8.8.8/8.8.7) with SMTP id XAA23473; Sat, 19 Dec 1998 23:27:18 -0500 (EST) (envelope-from You4Me2C@mailme.com) He is sending thousands of emails to AOL users, who is then bouncing them to me. I am not please, to say the least. AT&T's security dept is non-existent, as far as I am concerned. I wish vixie would RBL 12/8. Thinking about this, there is no solution; here are my options: 1) blackhole AT&T, which does nothing, since the mail is bounces coming from AOL. 2) blackhole AOL, which would fix my attack, but would break all legitimate mail from/to AOL. 3) temporarily blackhole mailme.com, which would prevent me from getting the bounces, but then I can't send/get legit mail. I wish AT&T and other huge dialup organizations could control the users they have; there should be a licensing process.. -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Atheism is a non-prophet organization. I route, therefore I am. Alex Rubenstein, alex@nac.net, KC2BUO, ISP/C Charter Member Father of the Network and Head Bottle-Washer Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834 Don't choose a spineless ISP; we have more backbone! http://www.nac.net -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Just as an interesting note.. I seem to recall a spammer doing this in the past using a "big name" domain and losing quite a lot of money in the process from the resulting lawsuit. Might be a good object lesson. :) On a related note, my employer is finishing construction on a new facility a few blocks away. The conference rooms always have "themes" for their names (one building used to have names like "Lice", "Boils", and "Locusts", and another has names based on cities of the world). The staff of the new building named them after the "seven deadly sins", which was all well and good except there were 8 conference rooms. The eighth name? "Spam". :) At 04:53 PM 12/20/98 -0500, alex@nac.net wrote:
some luser off of AT&T DIalup is using mailme.com (my domain) for relaying mail:
Received: from mailme.com (146.st-louis-71-72rs.mo.dial-access.att.net [12.75.28.146]) by atom.ntgi.net (8.8.8/8.8.7) with SMTP id XAA23473; Sat, 19 Dec 1998 23:27:18 -0500 (EST) (envelope-from You4Me2C@mailme.com)
He is sending thousands of emails to AOL users, who is then bouncing them to me.
I am not please, to say the least.
AT&T's security dept is non-existent, as far as I am concerned.
I wish vixie would RBL 12/8.
Thinking about this, there is no solution; here are my options:
1) blackhole AT&T, which does nothing, since the mail is bounces coming from AOL.
2) blackhole AOL, which would fix my attack, but would break all legitimate mail from/to AOL.
3) temporarily blackhole mailme.com, which would prevent me from getting the bounces, but then I can't send/get legit mail.
I wish AT&T and other huge dialup organizations could control the users they have; there should be a licensing process..
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Atheism is a non-prophet organization. I route, therefore I am. Alex Rubenstein, alex@nac.net, KC2BUO, ISP/C Charter Member Father of the Network and Head Bottle-Washer Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834 Don't choose a spineless ISP; we have more backbone! http://www.nac.net -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
On Sun, Dec 20, 1998 at 04:52:21PM -0800, Derek Balling wrote:
Just as an interesting note.. I seem to recall a spammer doing this in the past using a "big name" domain and losing quite a lot of money in the process from the resulting lawsuit.
The domain was flowers.com, the ISP was Zilker Internet Park in Texas, and the judge found for the plaintiff. Hope this helps. -- Steve Sobol [sjsobol@nacs.net] Part-time Support Droid [support@nacs.net] NACS Spaminator [abuse@nacs.net] Proud resident of Cleveland Heights, Ohio, the coolest place on earth. http://www.ClevelandHeights.com
alex@nac.net writes:
Thinking about this, there is no solution; here are my options:
1) blackhole AT&T, which does nothing, since the mail is bounces coming from AOL.
2) blackhole AOL, which would fix my attack, but would break all legitimate mail from/to AOL.
3) temporarily blackhole mailme.com, which would prevent me from getting the bounces, but then I can't send/get legit mail.
I wish AT&T and other huge dialup organizations could control the users they have; there should be a licensing process..
4) convince AOL to blackhole AT&T. AOL knows the pain of spam. There is a remote chance they might actually do it. And if AOL could be convinced to do this, it might actually get some attention at AT&T. ITMT: If the mail bounces are addressed to a specific user@mailme.com, then set up an autoresponder on that address that sends a reply back that explains that the address is a forgery, giving the 800 number for AT&T support. Play tough with AOL since it is they who actually in a position to stop the flood. Imagine if AOL were to use RBL. -- -- *-----------------------------* Phil Howard KA9WGN * -- -- | Inturnet, Inc. | Director of Internet Services | -- -- | Business Internet Solutions | eng at intur.net | -- -- *-----------------------------* philh at intur.net * --
participants (4)
-
alex@nac.net -
Derek Balling -
Phil Howard -
Steven J. Sobol