** Forged spamming going on

Stephen Stuart stuart at tech.org
Mon Dec 21 18:15:02 UTC 1998

> On Mon, 21 Dec 1998, Robert Tarrall wrote:
> [...]
> A user dialed into ATT, sent thousands of emails to aol.com users, with a
> forged return-address of youarecool at mailme.com, which AOL bounces back to
> youarecool at mailme.com, which is a domain I own.
> Relaying on my machines has no bearing on this.

Someone did this to me about six months ago, and yes, there's nothing
you can do to prevent the bounces from coming your way.

I used sendmail 8.9.1's access feature to cause *me* to bounce mail
sent to the forged from address with code:

     550 No such user; forged header address used by spammers

It didn't help me in the AOL case; they don't appear to be watching
for double-bounces. It did help with recipients who tried to reply to
the forged from address.


More information about the NANOG mailing list