Slashdot Mirror
100 Email Bouncebacks - Welcome to Backscattering
distefano links to a story on Computerworld, excerpting: "E-mail users are receiving an increasing number of bounceback spam, known as backscatter, and security experts say this kind of spam is growing. The bounceback e-mail messages come in at a trickle, maybe one or two every hour. The subject lines are disquieting: 'Cyails, Vygara nad Levytar,' 'UNSOLICITED BULK EMAIL, apparently from you.' You eye your computer screen; you're nervous. What's going on ? Have you been hacked? Are you some kind of zombie botnet spammer? Nope, you're just getting a little backscatter — bounceback messages from legitimate e-mail servers that have been fooled by the spammers."
A few every hour? This weekend marks the second weekend in which I got several hundred bounces in a single night!
This story was preceded less than a month ago:
https://tech.slashdot.org/article.pl?sid=08/04/08/2258246
I had a bunch of these back then, now they are happening again. Here is some information about the subject.
http://spamlinks.net/prevent-secure-backscatter.htm
You should only get NDRs from your own ISP, as I undestand it. The other mail admins are being fooled by your spoofed return address, and should know better.
Where's the news here? I've been getting these for years. It's so bad that I filter bounce messages to a separate account on the server to download and review at the end of the week. I get almost as much backscatter as spam, both over 1000 messages a week.
It is dangerous to be right when the government is wrong.
Ugh, care to elaborate? Anyway, I think the solution is simple. Just publish a giant list of all mail servers not configured properly. It wouldn't be hard to write a script, to verify if a domain is configured or not. It would function as a name and shame list. But more than that, all spammers would harvest from it, and absolutely smash the listed servers until they were forced to configure them properly.
Nope, I'm not getting anything - procmail on my honeytrap spam email account sees it and stops it with a few simple filters
So please try harder, spammers, or go and get extensions to your obviously miniscule penises so you no longer need to take you inadequacies out on the rest of the world.
Gentoo Linux - another day, another USE flag.
There's an easy way to filter out backscatter while preserving bounce messages that you care about (ie. ones about email that you actually sent):
1. Add your own custom header to all your outgoing emails. Doesn't matter what it is, but it should be unique, eg. 'X-Really-From-Richard-Jones: xsomesecretx'
2. MTAs include the original headers in bounce messages, so discard bounce messages which don't contain your custom header.
You can even be smart and sign the header based on the content of the email using a private key, which would make it unforgeable, but at the moment you don't need to do that.
Rich.
libguestfs - tools for accessing and modifying virtual machine disk images
I must have read at least 3 news stories about backscatter in the last week. Why is this only getting attention now when it's been a problem for years? Is it just because someone has coined a word for it?
I can remember years back when some spammer decided to use my domain name in their spam run. Hundreds of bounced emails every day and I cursed everyone of the dumb mail servers that mailed them; complete with original html email, images and any other crappy attachment. ("Hundreds" may be small potatoes these days, but they were a big deal at the time.) Just the very idea that spammers would supply a genuine reply address seemed so incredibly stupid, yet there they were; dozens of carefully worded variants of the same "naughty spammer, don't email me" reply. I could just see some smug sysadmin configuring their system with this badly thought-out garbage, thinking "ha! that'll show them!"
None of my mail servers since then have ever bounced spam or mis-addressed emails.
Hasn't this crap been going on long enough? Aren't people tired of spam - tired, as in totally pissed! I know I am.
Something drastic should be done about it, yesterday. Doesn't matter if it fails at first, I just want to see some political will. As it is, it seems like noone who has the power, gives a sh*t.
"The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
My easy anti spam system would block this. Only works if you have your own domain, though.
:-)!
I have anyemail@mydomain.com forwarded to a gmail account, which then forwards ONLY email with a certain extension (for instance, somesite.spam@mydomain.com) to my private email address. The bonus is, if you use a different email address for each site (for instance, slashdot.spam@mydomain.com), you can nail down the sites that spam like crazy (not that slahdot would do such things
1280px wide layout but the column with the actual content in is only 200px the other 1080px are dedicated to adverts and sponsors
i think that computerworld site is a classic example of a site that cares nothing for its readers (like spam) and is only a means to an end, when a site has more space dedicated to advertising than content you know you've hit a spam site
funny how they are telling us about spam while promoting more adverts on a single page than a spam message has
I lost my "email for life" account (randeg at alum.rpi.edu) nearly five years ago because of backscatter. I got a lot of it because that address appeared in-the-clear in libpng and zlib documentation. The people at RPI did not understand the backscatter phenomenon, and I assume they are still getting plenty of it.
As a 9-year veteran of the anti-spam industry (with experience within the regulator, although I've left that behind me now and work in telecoms,) it's a REAL stretch for anybody inside the IT industry to take these kinds of comments seriously.
Anybody who says that 'legitimate' mailservers are sending backscatter instead of 5xx-ing the message in transit is wrong. Mailservers which send backscatter are NOT legitimate, EOL.
- A pissed off mail admin.
You're doing it wrong.
It seems like the solution to "backscatter" has been around for quite a few years (SRS). I'm surprised how few of the commercially available anti-spam solutions use or interpret it.
At my company, we just looked at Barracuda (PoS), Pineapp, St. Bernards ePrism, MX Force, Postini, and some other things. None of them understand SRS and only a few of the tech contacts had even heard of it. Sad Sad. But they all seem to have hand-rolled "backscatter" protection that partially works.
It seems like everyone has an SPF record these days. But it feels like relatively few actually check them and almost nobody goes the full distance and uses SRS.
Imagine if you weren't allowed to use roads because a bus company complained about your driving 3 times. --skunkpussy
Unless you like playing around with your user's machines a lot, you should better implement that at the MTA level and configure your mail server(s) so that they include the header.
Or you could just use SPF, which basically does the same thing, only more elegantly.
Who is General Failure and why is he reading my hard disk?
I have never gotten any "backscatter". At least to my knowledge. Hopefully it stays this way!
If brute force isn't working, you are not using enough.
Because email is an open medium!
How do you suggest we change it?
Because right now your comment is no more useful than "We should fix it"
An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
MY JEWELER COULD NOT TELL
IT WAS NOT A REAL ROLEX!
More information how to buy an AAA+ quality replica!
Helluvua lot of mail servers out there not configured "properly." I can't block some mail even from "legitimate" mail servers because they are not configured well enough some of my spam rules don't pick them up, so how would a "list" fix that?
As it is, the lists from the anti spam houses work very little. There are so many zombie mail servers out there, I guess, no one can really effectively police these things except through spam filters. And Google are the only folks who can afford a full time staff writing spam filter rules.
Any more properly used to mean not an open relay; now it can can mean not in the same network segment that does have spamming email servers. Lists just add to the insanity and often punish legitimate mail servers.
Dawn of the Dead
"go and get extensions to your obviously miniscule penises "
I think one of their products can help them with that.
I don't have any of these "bounce" messages. I don't know it it means I have no nerdy friends, or I have very good rules for dealing with spam.
Take Nobody's Word For It.
Every so often, I'll get backscattered for a few days with the catch-all e-mail account I've setup for my domain. Since I'm lazy, I usually just log-in to my ISP and set up an alias to redirect to another mailbox I have set up for this crap. If it gets any worse, then I'll have to look at a real solution, or even drop my catch-all account, which would be a real pain.
The trick is to use the "header_checks" and "body_checks" to look for signs of the email having being sent out from your email server in the first place.
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
I have hardly received any back scatter on any of my email addresses with Comcast, Yahoo, and my very own personal one. I guess im one of the fortunate ones. Could you all post the headers of these so called messages, so I can be on the look out for them.
I'm a victim of this sort of spam since several years, and it may happen to anybody that has an email address since a long time.
A few years ago, AOL always blocked my legitimate emails to AOL users, due to the fact that my email address was blacklisted due to this spam infection.
Think Machiavelli.
Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
It used to really bug me, that someone was sending out spam and using my legitimate email address in the From, Return-path and Envelope-from headers. I began filtering out the "Spam received from YOU" type headers years ago. But what still bugs me about this is those people who set their systems up to add me to some domain based rather than IP address based block list based on these faked headers. For more than a year I have been unable to successfully send email to my insurance company due directly to this issue.
Then again, I have never regarded email as a reliable method of communication. Everything truly important goes with a read receipt request and if I don't receive one then I phone or send snail mail. I continue to be amazed by the number of screwups I continue to hear about where someone says "I never got [such and such] email."
Uh, hasn't that been tried already?
My blog
Bounce messages should go to the postmaster of the domain that sent the message (the last Received: line before your MTA), rather than the "sender" in the From: header. That way, the actual forwarding server will be notified that it is being used to send spam and should be able to prevent further misuse. That also means the true sender gets the problem, not innocent bystanders.
Comment removed based on user account deletion
If an MTA is sending backscatter, it is not legitimate, it is broken. The MTA should NOT be looking at the FROM header to determine where the error goes. Report 5xx during the transaction, sending MTA is responsible for routing it to the associated address.
Any MTA I get backscatter from goes right into my local incompetent.dnsbl zone.
I had originally contemplated that this was the case however figured that due to my self declared war on spammers, they decided to spoof my email as the send bit. I am 100% sure I have not been hacked or any system compromised but it was really a crappy experience nonetheless. http://technoracle.blogspot.com/2008/04/spam-war-deepens-am-i-winning.html
"Question everything, including this!" - http://technoracle.blogspot.com/
I've figured out how to stop all spam, and it's very simple: I block all incoming email.
I know what you're thinking... what about the false positives? Yes, there are some, but here's the great part of the system... the more spam I receive, the lower my false positive rate. I don't need to worry about backscatter, phishing, viruses, or anything, and the CPU usage for this is incredibly minimal.
One of the main reasons forums don't get hit by spammers is because the admin staff knows what they're doing. They lock down threads, respond quickly, and keep the software up to date. Temporary bans, and permanent bans... You also need a working e-mail address in order to register, which blocks an awful lot of spam. Finally, there's over 150 domains on the banlist for my forums... some of the most popularly used (by spammers) freebie e-mail accounts, like mail.ru.
Oh... and it helps to have a robots.txt file. Mine looks like this:
The forums are served up from a subdomain... the actual site shows up in search engines, but having the separate domain with robots.txt helps keep the forums off the search engines. If they don't know you're there, then they can't spam you.
If you believe everything you read, you'd better not read. - Japanese proverb
Much easier to write a list of mail servers which are configured properly. At 66 lines per page, I'd reckon on about 5 sheets.
Red to red, black to black. Switch it on, but stand well back.
TODO create witty sig.
Last year we had an issue with spammers targeting our postfix server to do this. They would insert an extra Delivered-To line, which postfix would happily bounce back to wherever the spammer wished. I wound up writing a header_check for this. Last I heard there were no plans to change postfix's default behavior.
Computer World trying to get street cred by re-hashing old and moldy.
Nothing new here, move along.
Rick B.
Try my recept, feedback welcome !
http://www.bueche.ch/wp/2008/05/05/fighting-backscatter-using-procmail/
In the mean time, here's some music...
This is a joke. I am joking. Joke joke joke.
Yeah, the spammers' bots ignore the robots.txt and the indexing control headers. But the spammers don't have near the capacity of Google. It's easier for the spammers to search the forums through google, and more productive of e-mail addresses that can be sold.
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
I've gotten apparent backscatter containing malware since more than five years back. Some of those might be actual backscatter from mail servers that bounce full messages+attachments.
But many of those have claimed to come from my provider. I know the peculiarities of my provider's headers. Those are definitely spoofed.
I have been seeing more of these apparent spoofs of backscatters from other ISPs (check them headers!) lately.
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
You know what else? You could make vehicles a lot faster if, instead of putting them on logs, you put four little round disks at the corners! I know, let's call them wheels!
Count me among those who were worried. I have been getting, say about a hundred a week for the last few weeks. At first I thought my mail provider had been hijacked, then I realized that the spammers were just using my return address. It is really, really frustrating. At least now I know that I'm not the only one suffering... small consolation, but perhaps this will mean that some attention gets focused to it and a resolution will be coming.
MailScanner, which ships with Fedora, includes a feature called watermarking. Like those that have already posted, it works by creating a custom header with a secret key that is used to add a quick little seemingly random text and puts it in the header. If mail is coming from a bounceback, MailScanner checks the message for a match on the header. If it doesn't see one, then you can have it act based on that scenario. After turning this on, I get zero bounceback/scatterback emails into my Inbox. A perfectly elegant solution that works well and is easy to implement.
It exists. See http://www.backscatterer.org/
Bring back Sirius Punk!
There's already a few mail reputation systems:
Mail Abuse Prevention System
And there's also a generic checklist for all anti-spam ideas:
Anti-Spam Solutions Checklist
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
How about we change the delivery method. Instead of an email being sent to me and sitting on my server or service waiting for me to sort it, you send me the headers for the sender, subject, size, date, and attachment status while the message and attachments sit on YOUR server until I chose to pick it up or it expires. The reduction in bandwidth should pay for the increase in storage, and the spammers would have to leave their message sitting on a machine somewhere waiting for me to pick it up (hint, not gonna happen).
1. No servers flooding the net with messages.
2. Easily identifiable spam sources, making bot-nets less useful.
3. Reduced bandwidth as the system replaces the old one.
4. Allow email clients and webmail services to be configured retrieve every message for the few numb nuts that don't/won't get it.
5. Profit (via reduced long term cost).
Just spitballing...
You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
And... if I wanted my personal webmail portal on Google, I'd actually have content besides the SquirrelMail front page... *shrugs*
You missed the part where I said the forums were served up from a subdomain which has robots, and you apparently missed out on the idea that it's possible to serve up multiple domains from a single server. killerbob.ca is where my e-mail goes. The page I'm talking about shows up first in Google when you search for it, under an awful lot of possible search keys (not just the domain).
I've got nothing to do with the bear community... ironically, I do have something to do with LGBT in general, but more to do with the L... but if he wants to make money off it, more power to him. If it were actually a business for me, I'd be more concerned about it showing up high on Google.
If you believe everything you read, you'd better not read. - Japanese proverb
I've used Gmail for years and had maybe 1 spam the whole time, now every few hours I have 2 or 3 in my SPAM folder. Don't like it at all.
Why are (most) forums spammed less than inboxes? You apparently don't run a forum that uses popular software. The little forum I run, on our own private domain, gets more spambots than our catch-all email configuration sees spam.
Of course, this could be argued as another piece of evidence against standardization. I have no doubt we get attention from spambots due to search results looking for the forum software we run. If I hid or otherwise obfuscated this information, we'd probably see less nefarious traffic. I could also do away with the "prove you know something about the subject of this forum" type question that has done wonders to foil spambots (although its also foiled legitimate users before as well).
But that doesn't mean the forum is superior. I still run email addresses on the domain because it remains a really useful tool. Email is powerful because of its standardization. We use it for internal communications and technical administration of the site. People can quickly and easily contact us via email without the additional overhead of forum accounts, etc. Usually the email we get comes from folks having trouble with their forum account.
The forum is a great tool. It serves its purpose well (although not the only way to do things by a long shot). But email serves it's place as well. I'd be really wary of throwing too many wrenches in to either system.
A nice trick is to put a no-follow link in robots.txt and have a well linked but no-follow (and to humans, obscured) page that when accessed denies that IP from getting anything from the site for a certain amount of time.
Oh.
what's wrong with this idea? It sounds pretty good to me.
DRM-free indie games for the PC and Mac: Positech Games
You are djb and I claim my $1000.
Internet Mail 2000
Watch this Heartland Institute video
I've asked this question in Slashdot before, but I've never gotten a satisfactory answer.
There are 7633 messages in my gmail spam folder. Now let's suppose I'm new to the internet, and I read spam message #1. Do I want Viagra? No thanks. Message #2, still don't want Viagra. #3 no thanks, I'm fine.
Well, I didn't buy that stuff the first 7633 times you asked me THIS MONTH, but maybe if you ask me REALLY nicely with a few misspellings just once more, then I'll cave into my male inadequacies and buy prescription medicine from a sketchy online source.
Now I'm going to pretend I'm a spammer. I want lots of money. What benefit is there to me to send a single address more than say... 5 messages? (not per month. EVER) If it didn't make it through the filters the first time, it won't the 800th time, and the more messages I send, the more likely my recipients will learn to evade them. More importantly, a jaded audience won't be receptive to buy.
I can imagine that the newer scams could be useful. Like the ones pretending to be your bank. I've only received a few of those, and it took some thinking to realize that the facts didn't add up. But the normal viagra spam should only be useful in the very limited cases where a brand new user (8 years old?) who hasn't been exposed to it ever before reads one of the first messages and decided that it's a worthwhile endeavour.
My hypothesis are:
1) Spam is not used in the effort of making money, but as a way of crippling the internet for sport.
OR
2) The majority of spam is sent by poor, hungry and stupid script kiddies who are as of now still poor, hungry and stupid.
OK, so how do I handle these messages?
I am responsible for periodically updating our spam filter (at work) by flagging individual messages as either spam or ham--the usual Bayesian method, I think.
Should I be tagging these backscattered messages as spam, ham, or just leaving them untagged? Ideally I'd like to filter most of them out, but I don't want to start getting false positives on legitimate bouncebacks.
Problems:
1. Only works for obvious spam. For non-obvious spam it means the user has to download it - which notifies the spammer of a known-good address. That means more spam. (Right now images do this, but images can be disabled while preserving the text.)
2. They'll just advertise in the subject line. Perhaps easier to filter, but seems like a losing battle to me.
3. How do you authenticate?
4. Allows people to associate an email address with an IP even if that IP/address never sends them email.
5. Completely fails to account for offline/IMAP use.
Some of this can be mitigated by having the receiving server fetch the mail when the client requests it, but that adds more problems.
We have noticed a DRAMATIC increase in backscatter over the last month or so. It has forced us to configure our E-mail systems to automatically flag NDR's as SPAM and quarantine them. I cant wait until the next new method of spam shows up.
If their default is to terrorize bounce victims, no sale.
DT
Is this thing on? Hello?
1. Only works for obvious spam. For non-obvious spam it means the user has to download it - which notifies the spammer of a known-good address. That means more spam. (Right now images do this, but images can be disabled while preserving the text.)
2. They'll just advertise in the subject line. Perhaps easier to filter, but seems like a losing battle to me.
3. How do you authenticate?
4. Allows people to associate an email address with an IP even if that IP/address never sends them email.
5. Completely fails to account for offline/IMAP use.
Some of this can be mitigated by having the receiving server fetch the mail when the client requests it, but that adds more problems.
1. I'm pretty much whitelisting by hand now, If I don't know you, I don't care what you put in the subject line, your stuff is gone.
2. Set a size limit on all the headers, no hex or encoding, plain text and straight IP addresses for the server holding the mail.
3. Their server sends me a key to pick up the message (a header I forgot), if a server sees the same key a thousand times in a minute or two... hmmmm...
4. Works both ways: Gmail Warning, The message you are about to retrieve is located on a server KNOWN to send spam... Continue?
5. If your offline you are pretty much working with the mail you already downloaded, right?
I'm not saying I have a perfect answer, but there are plenty of people that can figure it out, just like other ideas have been brought to fruition on the web, by cooperation of parties that have a mutual interest... and on this topic, it a BIG group and they have the brain power and bucks to make it work without rattling to many cages.
The point is to reverse it so that the abusers are left holding the bag, botted machines are quickly identified (and hopefully cleaned), and the free ride stops with the death of standard SMTP servers.
All I can offer is my idea of a starting point...
You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
I think you are misunderstanding the poster. The point is-- do not accept nondelivery (aka "bounce") messages from senders with misconfigured SMTP relays. This would be very easy to implement: bounce senders always set the "MAIL FROM" field to "[less than][greater than]". So if you receive an email from "[less than][greater than]", check it against the list. If it's from a misconfigured server, drop it.
/. filter.
This is one area where greylisting (taking advantage of the SMTP protocol to implement some primitive challenge-response) does not work, because MTAs involved in backscatter are indeed real SMTP servers.
BTW, interpret the "[less than][greater than]" as the actual angle braces. Stupid
The spammers will move the spam from the message of the body to the headers. Heck, they've been spamming via HTTP logs so why not?
Of course, it will cut down image spam so we do gain something.
No sig
A few weeks ago we were getting 100,000 - 200,000 backscatter emails a day. Some one was using our domain to send massive amounts of spam. Not from our servers of course, but it didn't matter. I think at its peak we were doing around 60 emails per second. Ended up installing a barracuda and that was barely able to handle the load. Then mysteriously after about 3 weeks, it just stopped.
neorush
wait for infinite loop to finish..
repeat as needed.
Storm
That's largely how RSS is supposed to work, and I'd like to see more mailing-list situations be replaced by RSS feeds.
To use it for personal mail you'd have to be more selective about authentication,since you don't want just anybody to be able to download mail intended for you.
(I'd also like an RSS feeder which incorporates those feeds into my inbox.)
You still have the usual problems of sorting out spam (black/white/graylist/bayesian), but at least the bandwidth problems would be dramatically reduced.
SMTP is completely broken. It has no accountability beyond the end of the connection. Hence, I don't see a reason to set up my server to be "RFC-Compliant", but just drop that crap right away. If you want to send me something important, use phone, fax, IM, or carrier pigeon. I'm sure we can find a suitable mode of communication that won't get you re-routed to the deep dark places where the IMAP folders don't reach.
Fight hunger. Filet a politician and send him to a 3rd world country of your choice.
Not me, i'm averaging about 4000 a day ( to my domain ).
Im expecting to get blacklisted any day by idiot sysadmins that don't understand how things work..
---- Booth was a patriot ----
Great idea! Go tell Google, because they're quite possibly the largest source of backscatter spam right now.
The worst thing about backscatter is they are valid messages coming from valid hosts. Greylisting is no help, SPF can't fix it either. Since it has your email address as the original sender, it can be confusing even for the victim.
I also find it extremely ineffective, since I'm clearly not going to click a Cialis link in a bounceback that I allegedly sent out. I'm sure there are some simpler folk out there who would click the link, but would they actually go ahead and participate in the con ? Hopefully less likely than regular spam... I mean, people are astoundingly dumb, but this takes it to a whole new low.
-Billco, Fnarg.com
You might be interested in D.J.Bernstein's Internet Mail 2000 concept for sender-stored email.
http://cr.yp.to/im2000.html
Socialism: a lie told by totalitarians and believed by fools.
Hmm, should I pull out the "your idea will not work" items?
In this case, it means that there's both confirmation that you actually read the email -- and that it's actually a valid address -- and there's the fact that they don't care. (How many emails contain URLs in them?)
This would make pump'n'dump schemes slightly harder. That's about it.
Don't thank God, thank a doctor!
there are probably hundreds of ways to solve spam "if everyone was doing it"
There is just no way a significant enough fraction of the billions of domains, most of them simply registered and parked or forgotten, will publish SPF records
If there was an alternate email system which each email had a price USD$0.20c, it would cost too much to spam out. Internal email would be free, but as soon as it leaves your organisation you would get a bill. Or, just scrap the worldwide email system and build another from the ground up, with billing and some sort of banning / server authentication.
No, that just creates more problems.
...
1. If you only automatically download the headers, then that requires the user to be online to manually download the body. Not so much of a problem for IMAP users, but
2. POP email (or equivalent, in your new system) accounts that download all emails immediately, which then allow the user to read later at their own pace, even without being online, would just download the message anyway.
3. When the receiver downloads the message from the server, that immediately validates the email address as real. That takes away the need to do it with images or other techniques in HTML mail.
4. It's not backwards compatible. There a litterally mllions of legacy systems out there and both email platforms would need to run in parallel indefinitely, while it takes several decades for everyone to switch, only to realise that it hasn't solved any problems.
By reading this signature, you hereby agree with the content of the above comment.
This is exactly why you use spam filters like MIMEDefang (or his commercial big brother CanIt). They actually do all of the spam filtering *during* the actual SMTP dialog. Ie, DSNs are not sent to forged senders. The server sending the spam does not have the opportunity to get rid of its message before the message is identified as spam. RFC 2821 permits the issuing of 4xx or 5xx error codes right up until the final 221 QUIT message. A rejection before the QUIT forces the sending MTA to handle the bounce to the envelope from.
I suppose this qualifies as a mis-directed 5xx rather than backscatter, but... Exactly a year ago, coincidentally, I received "failure delivery" bounces from a Yahoo.com server, for email I never sent, apparently because the actual sender put my corporate email address in the Return-Path! You'd think Yahoo'd know better.
If I go away for a week and can't get to my email, it expires and I then never get the photos/data from an important client - sure I can ask them to re-send but it looks dumb.
It's a good idea. Perhaps a refinement on it (i.e. only storing attachments on the email server) - much like packages from the post office where all your letters and small items are sent but the big ones require you to go pick them up.
Of course then we have to worry about high volume of traffic, and resources and all the other things.
Me failed English...
FreeBSD over Linux. If my comments seem odd, this may explain...
If a spammer claims to be sending SPAM from your domain, that is at the very least slander, and if you have a trade mark, it's trade mark infringement.
The only other case I can think of where an ad email is that illegal is when it's sexual harassment - a sexually suggestive spam sent to a coprorate email address.
Andy Out!
Gmail makes it easy to create multiple aliasii (and to send from those aliasii I think).
Append a plus followed by a word, and it resolves to the name before the plus. e.g. happypenguin+amazon@gmail.com goes to happypenguin@gmail.com account. Or use dots in your email address and the gmail address resolves to your account without dots e.g. ha.ppy.pen.guin@gmail.com goes to happypenguin@gmail.com account
You can then easily create a spam filter if an address is snarfed by a spammer.
This article says it better: http://somegirlwitha.com/2008/04/17/the-dot-plus-and-googlemail-gmail-hacks/
Happy moony
Why are (most) forums spammed less than inboxes?
They are mostly spammed for different purposes, although there is plenty of viagra forum spamming, the kind that go to inboxes.
Forum spamming is mostly for posting links to sites that will try to download malware and take over your PC. That's their goal, that's where the money is, if not yours they will see if they can follow your connections and get through into a private corporate, government, or financial network. Meanwhile your PC is instructed to probe ports and try to take over more PC's and/or generate even more spam to others.
Always believe in money as the answer. They try to break in 24 hours a day on forums. They do it because it pays.
rd
What happens if I'm sending a mailing list?
I might send it to my clients at 1am to avoid high server load. This will dramicically increase my server load since my clients will be grabbing the email all at once.
Also If I'm away and a client emails some documents to me its pretty important that they don't expire on the clients server.
Overall it's not a bad idea, just a few issue's that may need refining.
An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
Pretty much the same way a lot of NNTP (Usenet) clients work, eh... I do like it. It has it's flaws, but what doesn't? That's what engineering's about. Let's fix em. :)
You have an evil, BOFHish mind. I like you.
Just look at them, , and add the misconfigured server's domain and the spammer's domain to your blacklist. (which *doesn't* bounce the emails back)
There are other situations where SPF does not work which a little bit of googling will reveal.
Well, how about trusted email addresses, whose messages get straight through, and any others sit on the server? If this system were widely adopted, you wouldn't "look dumb" to your client who would know when they got an out-of-office autoresponse that there's a chance their message would expire before you got it.
A closed mouth gathers no foot.
Maybe you could tell me how you did that instead of calling names.
Like this: < >
I'll leave you to figure out how I posted those without getting < and >
Javascript + Nintendo DSi = DSiCade
They generally dont get paid per message sent. they get paid per message REPLIED TO (by acting on the offer).
Its all about odds. It costs you virtually nothing to send an email. Yes, you have to pay for the list of emails you bought but by using open relays, etc. your cost is minimal.
Assume you make $10 per rube that actually takes your offer.
Assume that your rate of response is 2%.
so for every 100 messages you send, 2 people acutally fall for it and give you money.
With that being said, do you want to make $20 (100 emails), or $20,000 (a million emails)? Its all in the amount of email you send.
THAT my friend is why you get so much. The more they send, the more $$ they are likely to make. Anytime you can increase your income without increasing expenses its a good thing and you are going to do it.
So its not the number of emails, its the number of customers those messages entice.
You over estimate the mental capacity of most clients my friend. You greatly over estimate it.
Me failed English...
FreeBSD over Linux. If my comments seem odd, this may explain...
I am so clueless that I thought I'd done just what the piece suggested; as grotesque and box-clogging as this is at least it isn't something going to people who know me. Bummer though.