IETF Logo Mail Archive

Re: [Asrg] Some data on the validity of MAIL FROM addresses

Kee Hinckley <nazgul@somewhere.com> Mon, 19 May 2003 14:27 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA23021 for <asrg-archive@odin.ietf.org>; Mon, 19 May 2003 10:27:32 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h4JDuWV20914 for asrg-archive@odin.ietf.org; Mon, 19 May 2003 09:56:32 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4JDuVB20909 for <asrg-web-archive@optimus.ietf.org>; Mon, 19 May 2003 09:56:31 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA22998; Mon, 19 May 2003 10:27:01 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19HldD-0003pW-00; Mon, 19 May 2003 10:28:51 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19HldC-0003pT-00; Mon, 19 May 2003 10:28:50 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4JDpQB20642; Mon, 19 May 2003 09:51:26 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4JDojB20605 for <asrg@optimus.ietf.org>; Mon, 19 May 2003 09:50:45 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA22869 for <asrg@ietf.org>; Mon, 19 May 2003 10:21:15 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19HlXd-0003nE-00 for asrg@ietf.org; Mon, 19 May 2003 10:23:05 -0400
Received: from www.somewhere.com ([66.92.72.194] helo=somewhere.com) by ietf-mx with esmtp (Exim 4.12) id 19HlXX-0003mi-00 for asrg@ietf.org; Mon, 19 May 2003 10:22:59 -0400
Received: from [66.92.72.194] (account nazgul HELO [192.168.1.104]) by somewhere.com (CommuniGate Pro SMTP 3.5.7) with ESMTP-TLS id 2366698; Mon, 19 May 2003 09:23:44 -0500
Mime-Version: 1.0
X-Sender: nazgul@somewhere.com@pop.messagefire.com
Message-Id: <p0600123cbaee92124128@[192.168.1.104]>
In-Reply-To: <aT5vaIe86J8qbrFfW02@x>
References: <aT5vaIe86J8qbrFfW02@x>
To: Scott Nelson <scott@spamwolf.com>
From: Kee Hinckley <nazgul@somewhere.com>
Subject: Re: [Asrg] Some data on the validity of MAIL FROM addresses
Cc: asrg@ietf.org
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Mon, 19 May 2003 09:54:32 -0400

At 8:25 PM -0700 5/18/03, Scott Nelson wrote:
>I would expect that /if/ the majority of return addresses are forged,
>then the spammer would pick the domain at random from their collection
>of lists.

As I noted in my mail.  This appears to be happening now--although I 
had not seen symptoms of it before.  Is anyone else starting to see 
low-level occasional bounce back from spam?

Prior to that, all of the bounce-back instances I had heard of or 
experienced (and I used to get one or two a week) were major--where 
the entire spam load got sent out with the same return address.


-- 
Kee Hinckley
http://www.messagefire.com/          Junk-Free Email Filtering
http://commons.somewhere.com/buzz/   Writings on Technology and Society

I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.30.2 | Report a Bug | By Email | System Status