[Asrg] Hotmail used for scripted spam (from SlashDot)
Yakov Shafranovich <research@solidmatrix.com> Sun, 08 June 2003 06:49 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA15419 for <asrg-archive@odin.ietf.org>; Sun, 8 Jun 2003 02:49:54 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h586nTY05755 for asrg-archive@odin.ietf.org; Sun, 8 Jun 2003 02:49:29 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h586nSB05752 for <asrg-web-archive@optimus.ietf.org>; Sun, 8 Jun 2003 02:49:29 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA15410; Sun, 8 Jun 2003 02:49:23 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19Otxd-0001SD-00; Sun, 08 Jun 2003 02:47:25 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19Otxc-0001SA-00; Sun, 08 Jun 2003 02:47:24 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h586fOB05546; Sun, 8 Jun 2003 02:41:24 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h586eWB05529 for <asrg@optimus.ietf.org>; Sun, 8 Jun 2003 02:40:32 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA15297 for <asrg@ietf.org>; Sun, 8 Jun 2003 02:40:27 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19Otoz-0001Qk-00 for asrg@ietf.org; Sun, 08 Jun 2003 02:38:29 -0400
Received: from 000-259-134.area7.spcsdns.net ([68.27.252.55] helo=68.27.252.55) by ietf-mx with smtp (Exim 4.12) id 19Otox-0001Qb-00 for asrg@ietf.org; Sun, 08 Jun 2003 02:38:28 -0400
Message-Id: <5.2.0.9.2.20030608023638.00b40750@solidmatrix.com>
X-Sender: research@solidmatrix.com
X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9
To: asrg@ietf.org
From: Yakov Shafranovich <research@solidmatrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-MimeHeaders-Plugin-Info: v2.03.00
X-GCMulti: 1
Subject: [Asrg] Hotmail used for scripted spam (from SlashDot)
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Sun, 08 Jun 2003 02:36:40 -0400
Just ran across this SlashDot story that discussed a hole in Hotmail that allows spammers to use HotMail for spam (http://yro.slashdot.org/yro/03/06/08/0257203.shtml). The source appears to be this weblog (http://www.unicom.com/chrome/a/000262.html) and there is a link to this SpamCop article (http://spamcop.net/fom-serve/cache/363.html). And here is a link to a howto on how to do it (http://www.thecodeproject.com/csharp/httpmail.asp). This seems to support someone's opinion that HotMail is being actively used for spamming. Note, that a CRI protocol will not help here since the HotMail C/R system will authenticate the sender. Only active involvement by the ISP and limiting amount of outgoing email will help. RMX will not resolve this issue either. The best is one of the comments on the posting, which appears to be a copy of a letter from MS's customer service: ----snip--- I have checked the mail including the headers and it appears that the mail passed through a Hotmail server. However, kindly note that this does not mean such e-mail originated from our domain. Sometimes, e-mail delivery between different domains are relayed through other servers. This is the reason why a Hotmail server appears in the mail header. It is possible that your ISP or e-mail provider employs such method. ----snip--- Yakov --------------------------------------------------------------------------------------------------- Yakov Shafranovich / <research@solidmatrix.com> SolidMatrix Research, a division of SolidMatrix Technologies, Inc. --------------------------------------------------------------------------------------------------- "One who watches the wind will never sow, and one who keeps his eyes on the clouds will never reap" (Ecclesiastes 11:4) --------------------------------------------------------------------------------------------------- _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] Hotmail used for scripted spam (from Slash… Yakov Shafranovich
- Re: [Asrg] Hotmail used for scripted spam (from S… Kurt Magnusson