Date: Sat, 23 Feb 2002 16:43:05 -0600 From: "Mike Meyer" <mwm-dated-1014936185.98c1d5@mired.org> To: mascio@ryu.com Cc: freebsd-chat@FreeBSD.ORG Subject: Re: User unknown: Lie to Spammers? Message-ID: <15480.6905.348926.555126@guru.mired.org> In-Reply-To: <3C77EF30.2030001@ryu.com> References: <Pine.BSF.4.21.0202230847350.25286-100000@server.highperformance.net> <xzp7kp4p132.fsf@flood.ping.uio.no> <3C77EF30.2030001@ryu.com>
next in thread | previous in thread | raw e-mail | index | archive | help
John R. S. Mascio <mascio@ryu.com> types: > Dag-Erling Smorgrav wrote: > >They don't. They ignore bounces. Most of the time they don't even > >*receive* bounces, because they spoof their return paths and channel > >their spam through open relays. Yup. Here's <URL: http://www.cs.colorado.edu/~seidl/lawsuit/ > what happened in one such case when the machine so spoofed suffered what amounted to a DoS because of this. > So true. A friend of mine uses Ricochet > (http://www.vipul.net/ricochet/) to try to attack the problem. You save > the email, including headers and it will send email to the admins of the > chain of receiving machines that the email followed. The goal is to > attempt to get spamers punted by the ISPs often enough that it is some > pain for them as well. He's had some luck with it. YMMV. I'm not familiar with Ricochet, but the general problem with this idea is that the spammers put bogus received-from headers in them, just to cause such tools to fail and/or bother innocent people. You might want to check out tmda (in the ports tree). It's based on the idea that spam is one-directional. Since installing it, the only spam I get comes through the freebsd lists. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15480.6905.348926.555126>