On Fri, Jul 14, 2006 at 05:51:49PM -0400, Chris Wagner wrote:
At 09:44 AM 7/14/2006 -0700, Paul Johnson wrote:
k2159jcd003343@isp2dial.com
I often can look up the bogus address and find a Usenet post with the same
message ID.
That makes me think it's a very lame email harvestor gone wrong. A normal
email address is like something@somewhere.com. If u want to grab those and
don't know what ur doing u might write something that grabbed
<anything>@<anything>.com. Trouble is, most of what matches that are
message id's not email addresses.
yep, spammers have been doing this for years. if it looks vaguely like
an email address, then they'll harvest it.
and they don't give a damn whether it's a valid, deliverable address or
not. it inflates the size of their spam list, and that's the important
thing.
spammers use many techniques for inflating their lists - web harvesting,
usenet harvesting, email harvesting, windows viruses that monitor
and harvest from all data seen by the IP stack, random generation,
semi-random generation (e.g. using localparts from one domain in other
domains), dictionary attacks, and more. from what i've seen, it really
doesn't matter at all to them whether the address is valid or not.
and once an address is in a spam list, it will never get removed. it
will just keep on getting added to more spam lists. my mail server is
still routinely rejecting spam for addresses that first got spammed over
10 years ago - they didn't exist then, they don't exist now, and they
never will exist.
just reject (not bounce - you don't want to generate backscatter) mail
for unknown users and ignore it. there's nothing more you can do.