Re: Need antispam software - mysterious spam encountered

From: winged (winged_at_nofollow.com)
Date: 12/14/04


Date: 13 Dec 2004 20:54:28 EST

Juergen Nieveler wrote:
> "Jeff" <jeff@nospam.net> wrote:
>
>
>>In particular, is anyone familiar with a program that returns an email
>>with appropriate headers, messages, etc. to make it look like the
>>address is nonexistant?
>
>
> That won't work...
>
> a) The From-header is usually faked, so the spammer won't even GET
> your fake error message
> b) The poor guy who really owns the address abused as a From: will
> get tons of error messages - why do you want to harrass him even more?
> c) Error messages usually are sent from the Postmaster-account. You
> aren't the postmaster at your ISP, so if you send mails pretending to
> be postmaster you'll get in trouble
> d) If the spammer actually takes the time to read through all the
> bounces, he'll notice that there is a considerable delay between
> sending his spam and receiving your fake bounce - which shows that
> the bounce was generated after receiving the message, which wouldn't
> have been possible if it didn't exist, therefore verifying that the
> address is correct.
>
> Juergen Nieveler
Mailwasher is a good antispammer tool that does what your asking, but it
won't work, as spammers expect failed mail. Recently it was discovered
however certain major manufactures were embedding phone home software in
their print driver software. The one manufacture that has commented and
indicated this was to monitor ink usage on their printers, however i
haven't heard if anyone has fully cracked the data stream sent.

Bottom line it could just as easily be spammer got mail addy through
other means such as other spyware on system etc. If you use IE and the
addy is embedded in browser, it is an easy thing to glean using various
methods. Spammer may have "guessed" address with a name dictionary
attack against your mail server. From what I have seen, they are pretty
industrious in gathering addresses, and can gather them using multiple
methodologies. I have even suspected someone is gleaning addresses off
of various mail gateways. There are a number of mail servers located on
BOTNETS. Someone you have sent mail to in the past may have lost your
address for you. Bottom line if addy is used on the net, it seldom
stays virgin long. I would say you can expect more spam in the future.
  It is good fried.

Winged



Relevant Pages

  • Re: How to Bounce mail
    ... Can I use a forward on rule -- back to the sender, ... I am a very ordinary guy, not a spammer. ... Expect to get added to public and private blacklists as a spam ... that you deliver your fake bounce to the correct recipient. ...
    (microsoft.public.outlook)
  • Re: Can I "Bounce to sender" an Email message using Outlook?
    ... A fake bounce message issued from a client e-mail program can be ... All you are doing is notifying to the spammer ... Mailwasher is a product to detect spam and it allows automatic ...
    (microsoft.public.outlook.general)
  • Re: Junk and defeating spammers.
    ... > Also I find something to give spammers a headache. ... > comes in that you use mail.app bounce feature to bounce it back to the ... spammers rely on people being able to contact them and if you spam ... their email address spoofed by a spammer will attest. ...
    (comp.sys.mac.system)
  • Re: Make A Bounce Button.
    ... Bouncing spam is not only worthless, ... If the rare case that the spammer happened to use their real e-mail address for sending, ... However, since spammers mostly use fake e-mail addresses as the sender, either that bounce ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: The easiest way to capture and display 3D stereoscopic movies and pictures
    ... posts from a poland newsserver ... the irony of a spammer using for an addy makes me ... have many uses of the addy over the years - people all over the globe - ...
    (alt.support.arthritis)