Re: More then 2800 spams from the list...
-----BEGIN PGP SIGNED MESSAGE-----
On Mon, Mar 19, 2018 at 10:21:57PM +0000, Joe wrote:
> > This is precisely why e-mail server should never send bounces to
> > non-local senders. When sender is spoofed as in this case then is hit
> > with thousands of DSNs.
[delivery status notification]
> You do it by never accepting email for non-existent users. The problem
> is the use of a mail server which accepts absolutely anything for the
> domain, then finds that the end user rejects the rubbish. Having
> accepted it in the first place, the receiving mail server is then
> required to admit that it can't deliver it, by means of an NDR. It does
> this using the reply-to address, which is easily forged.
"never" is too strong a word. This is a corollary of the fundamental
law "all generalizations suck".
But yes, in general it is a bad idea to bounce a mail automatically
if you don't have control over its provenience.
FWIW, I did the experiment and sent a mail to a random user at one
of Michelle's reported domains: I got no bounce.
This is a strong hint (no proof, mind you!) that the whole bounces
are spoofed in this case. The reported headers in those bounces
do look strange (to me, anyway), but I'm willing to admit that I'm
not smart enough to grok them.
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
-----END PGP SIGNATURE-----