spam relaying by the big boys
Just yesterday, UUNet released a statement on it's anti-spam policy, which included: UUNET's anti-spamming policy includes: - limiting the length of email recipient lists; - blacklisting mail sent from known spamming locations or organizations; - maintaining a mailbox (abuse@uu.net) which allows victims to report spam incidents; Imagine my surprise when I bounced some newly received spam to abuse@uu.net and received the following response: ----- The following addresses had permanent fatal errors ----- <abuse@uu.net> ----- Transcript of session follows ----- ... while talking to mail.uu.net.:
RCPT To:<abuse@uu.net> <<< 550 <abuse@uu.net>... User unknown 550 <abuse@uu.net>... User unknown
Oh joy! ------------------------------------------------------------------ Jon Lewis <jlewis@fdt.net> | Unsolicited commercial e-mail will Network Administrator | be proof-read for $199/message. Florida Digital Turnpike | ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
Earlier, Jon Lewis said:
----- The following addresses had permanent fatal errors ----- <abuse@uu.net>
----- Transcript of session follows ----- ... while talking to mail.uu.net.:
RCPT To:<abuse@uu.net> <<< 550 <abuse@uu.net>... User unknown 550 <abuse@uu.net>... User unknown
Connected to mail.uu.net. Escape character is '^]'. 220 relay1.UU.NET ESMTP vrfy fsdf 550 fsdf... User unknown vrfy abuse 250 <abuse@relay1.UU.NET> quit 221 relay1.UU.NET closing connection -- -Myk Myk O'Leary (System Administrator) --> moleary@ironlight.com Ironlight Digital (Marketing/Design/Network) --> http://www.ironlight.com 222 Sutter Street 6th floor * San Francisco, CA 94108 * 415.646.7000 ------ FOR NETWORK PROBLEMS, WRITE TO tech-support@ironlight.com ------
Earlier, Myk O'Leary said:
Earlier, Jon Lewis said:
----- The following addresses had permanent fatal errors ----- <abuse@uu.net>
----- Transcript of session follows ----- ... while talking to mail.uu.net.:
RCPT To:<abuse@uu.net> <<< 550 <abuse@uu.net>... User unknown 550 <abuse@uu.net>... User unknown
Connected to mail.uu.net. Escape character is '^]'. 220 relay1.UU.NET ESMTP vrfy fsdf 550 fsdf... User unknown vrfy abuse 250 <abuse@relay1.UU.NET> quit 221 relay1.UU.NET closing connection --
So the PR department got the word out before the sysadmins got the mailbox created? So which department is overloaded? -- Phil Howard KA9WGN +-------------------------------------------------------+ Linux Consultant | Linux installation, configuration, administration, | Milepost Services | monitoring, maintenance, and diagnostic services. | phil at milepost.com +-------------------------------------------------------+
Phil Howard sez: {abuse@uu.net}
So the PR department got the word out before the sysadmins got the mailbox created? So which department is overloaded?
Nope. It was valid [I will NOT say "it worked..."] until late last week. You got an auto-placabo message back. So did UUnet remove it in response to the UDP? -- A host is a host from coast to coast.................wb8foz@nrk.com & no one will talk to a host that's close........[v].(301) 56-LINUX Unless the host (that isn't close).........................pob 1433 is busy, hung or dead....................................20915-1433
Earlier, Myk O'Leary said: So the PR department got the word out before the sysadmins got the mailbox created? So which department is overloaded?
Nope, abuse has been a valid address for a year now. I guess something broke. Steve Mansfield steve@nwnet.net NorthWestNet Network Engineer 425-649-7467
Earlier, Steve Mansfield said:
Earlier, Myk O'Leary said: So the PR department got the word out before the sysadmins got the mailbox created? So which department is overloaded?
Nope, abuse has been a valid address for a year now. I guess something broke.
Steve Mansfield steve@nwnet.net NorthWestNet Network Engineer 425-649-7467
Not to be ultra picky here, but I didn't say the above even though quoted as such. Please be a bit more careful when replying and quoting messages. -- -Myk Myk O'Leary (System Administrator) --> moleary@ironlight.com Ironlight Digital (Marketing/Design/Network) --> http://www.ironlight.com 222 Sutter Street 6th floor * San Francisco, CA 94108 * 415.646.7000 ------ FOR NETWORK PROBLEMS, WRITE TO tech-support@ironlight.com ------
On Thu, Aug 07, 1997 at 11:16:30PM -0400, Jon Lewis wrote:
... while talking to mail.uu.net.:
RCPT To:<abuse@uu.net> <<< 550 <abuse@uu.net>... User unknown 550 <abuse@uu.net>... User unknown
Oh joy!
How 'bout this? ----- The following addresses had permanent fatal errors ----- <abuse@aol.com> ----- Transcript of session follows ----- ... while talking to mrin80.mail.aol.com.:
RCPT To:<abuse@aol.com> <<< 552 abuse mailbox full 554 <abuse@aol.com>... Service unavailable
Operational issue: how to not look so foolish.. :-) -- = Christopher Masto = chris@netmonger.net = http://www.netmonger.net/ = = NetMonger Communications = finger for PGP key = $19.95/mo unlimited access = = Director of Operations = (516) 221-6664 = mailto:info@netmonger.net = v---(cut here)---v -- yourname@some.dumb.host.com "Keep in mind that anything Kibo says makes a great sig." -- Kibo ^---(cut here)---^
Christopher Masto writes:
How 'bout this?
RCPT To:<abuse@aol.com> <<< 552 abuse mailbox full
It's a known (recurring) problem. The standard workaround is to use <abuse@aol.net>. -- Chip Rosenthal support CAUCE Unicom Systems Development because junk email stinks <http://www.unicom.com/> <http://www.cauce.org/>
[ On Fri, August 8, 1997 at 02:25:55 (-0400), Christopher Masto wrote: ]
Subject: Re: spam relaying by the big boys
... while talking to mrin80.mail.aol.com.:
RCPT To:<abuse@aol.com> <<< 552 abuse mailbox full 554 <abuse@aol.com>... Service unavailable
Operational issue: how to not look so foolish.. :-)
Yeah. I think I've got copies of bounces from postmaster and abuse mailboxes at all the big players who run systems that offer that "mailbox full" feature.... I find it hard to believe that a 24x7 NOC could ever get into this situation unless they've got a mail bomber right on their backbone and they can't cut him off any other way. These big guys do all have 24x7 staffed NOCs and their staff do constantly monitor ops-related mailboxes such as 'postmaster', don't they? If not, why not? -- Greg A. Woods +1 416 443-1734 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>
participants (8)
-
Chip Rosenthal
-
Christopher Masto
-
Jon Lewis
-
moleary@ironlight.com
-
Phil Howard
-
Steve Mansfield
-
wb8foz
-
woods@most.weird.com