Here's a thought I just thunk, folks: some scum, apparently in eastern
Europe, has harvested my email, and is using it in the Reply-To: in its
spamming efforts. Now, I realize that some mails go out from noreply, but
other than that, is there a good reason why a mailserver would not be
configured to send delivery failure to *both* Reply-To and From?
mark
On 08/31/2011 01:16 PM, m.roth at 5-cent.us wrote:> Here's a thought I just thunk, folks: some scum, apparently in eastern > Europe, has harvested my email, and is using it in the Reply-To: in its > spamming efforts. Now, I realize that some mails go out from noreply, but > other than that, is there a good reason why a mailserver would not be > configured to send delivery failure to *both* Reply-To and From?There are two parts to an email that relate to routing; envelope header and email header. The only consideration given to routing is the envelope header which has sender and recipient, nothing else. Reply-To is part of the email header and is there for the email client to use. (See RFCs 2821, 2822.) HTH, -- Josh Miller Open Source Solutions Architect http://itsecureadmin.com/
> Here's a thought I just thunk, folks: some scum, apparently in eastern > Europe, has harvested my email, and is using it in the Reply-To: in its > spamming efforts. Now, I realize that some mails go out from noreply, but > other than that, is there a good reason why a mailserver would not be > configured to send delivery failure to *both* Reply-To and From?You don't want to send rejects to more than one address 'cos you then have a simple message multiplier; send one message, generate two bounces; the mail server will be doubling the back-scatter problem! Anyway, the SMTP server should send the delivery failure to the envelope address, which may be different to both the From and Reply-To addresses. -- rgds Stephen
On Wed, 2011-08-31 at 16:16 -0400, m.roth at 5-cent.us wrote:> Here's a thought I just thunk, folks: some scum, apparently in eastern > Europe, has harvested my email, and is using it in the Reply-To: in its > spamming efforts. Now, I realize that some mails go out from noreply, but > other than that, is there a good reason why a mailserver would not be > configured to send delivery failure to *both* Reply-To and From?May I suggest you create a sub-domain and a user name the use that in public places ? For example:- mark at xyz.5-cent.us As soon as the nasty ******** get that email address simple change the sub-domain. If you receive your own mails (meaning run your own mail server) then do not accept emails from sites where the host name does not exist or does not resolve to the HELO / EHLO or the IP address of the sending server. There are lots of other things you can do to reduce the spam, but only if you run your own mail server or use Google to filer-out the spam. Paul.
On Wed, Aug 31, 2011, m.roth at 5-cent.us wrote:>Here's a thought I just thunk, folks: some scum, apparently in eastern >Europe, has harvested my email, and is using it in the Reply-To: in its >spamming efforts. Now, I realize that some mails go out from noreply, but >other than that, is there a good reason why a mailserver would not be >configured to send delivery failure to *both* Reply-To and From?This type of forging is generally referred to as a "Joe Job", and may be a conscious effort to impair the reputation of the forged sender or domain or perhaps an attempt to flood the mailboxes of antispammers (e.g. mail forged like abuse at antispam.example.com). Sending spam complaints to these addresses or to their ISPs is generally a waste of time and effort as the forged sender has nothing to do with the message as any cursory examination of the Received: headers in the message will confirm. The spam complaints are in themselves a type of abuse, and are referred to as "Blowback". Sometimes these complaints are the result of ignorance when they are manual complaints, or incompetence (e.g. early Barracuda e-mail appliances that did this by default). Configuring an MTA to bounce to the Reply-To: header is probably worse than useless as it could well flood poorly configured mailing lists with garbage when spam gets through the lists spam filters, then the complaints go back to the mailing list. Probably the best thing to do with this kind of delivery failure message which come in is to ignore them unless you feel like Don Quixote and like tilting at windmills. Bill -- INTERNET: bill at celestial.com Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way Voice: (206) 236-1676 Mercer Island, WA 98040-0820 Fax: (206) 232-9186 Skype: jwccsllc (206) 855-5792 UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. -- Doug Gwyn