Re: MS mail bombs
Karsten M. Self said:
> on Mon, Sep 22, 2003 at 07:03:47PM -0600, Jacob Anawalt
> (jacob@cachevalley.com) wrote:
>
>> There's a company that provides this service. First time emails to you
>> get
>> an auto-response "You aren't authorized to send me email, visit this web
>> page to get authorized" or something like that. I Googled and can't find
>> it again. Interesting idea.
>
> This is known as "challenge-response", and as an anti-spam / anti-virus
> method, without mitigation, it's simply unacceptable.
>
> Swen spoofs addresses resolving to nonexistent addresses (challenge to
> Verisign), Microsoft (ditto), or Morgan Stanley (ms.com). As Verisign
> has elected to receive this crap, and Microsoft is responsible for the
> problem, I'm not shedding tears for their admin teams. Morgan Stanley,
> however, is taking a hit on about 5% of all Swen bounces, and is a
> completely innocent party. When their lawyers pay you a visit for
> Joe-job DDoSing them, note you've been warned.
>
> SoBig.F spoofed arbitrary senders. Same problem except that the load
> was more broadly distributed.
>
> I've received far more invalid, than valid, C-R challenges. This is
> simply spam by another name.
>
> http://kmself.home.netcom.com/Rants/challenge-response.html
>
> ...also discussed at some length in d-u last month.
>
Since I posted this I've read the whole challenge and response (C-R)
thread and updated myself on some of the content on your site including
the aforementioned link. I won't be seeing Morgan Stanley lawyers about
bouncing email at them because I don't bounce email. I stop it at SMTP.
--
Jacob
Trying out SquirrelMail
Reply to: