Educause Security Discussion mailing list archives

Re: Handling flood of returned e-mail messages due to spam with forged sender address

From: Gary Flynn <flynngn () JMU EDU>
Date: Tue, 17 Aug 2004 11:00:06 -0400

Dick Jacobson wrote:

On Mon, 16 Aug 2004, Scott Weeks wrote:

Because that's the way the virus was written.  It's not retaliatory if
it's the virus I'm describing.


And when was the last time you saw a real spammer use their own real
address on the From: line ?

As postmaster I was getting several thousand of these daily - a couple
years ago.  We used filters to divert the mail before it hit my inbox.  Of
course I need to clean the log files frequently to avoid quota problems.
;-)

This is the reason I insisted we not try to return infected mail to the
source (or notify them).  The a/v vendors have not developed the code to
be able rip apart the headers to determine the true origin.


Just to clarify the situation, the messages are made up of a variety
of spam, not messages generated by viruses trying to spread
themselves.

--
Gary Flynn
Security Engineer
James Madison University

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

Handling flood of returned e-mail messages due to spam with forged sender address Gary Flynn (Aug 16)
- <Possible follow-ups>
- Re: Handling flood of returned e-mail messages due to spam with forged sender address Scott Weeks (Aug 16)
- Re: Handling flood of returned e-mail messages due to spam with forged sender address Dick Jacobson (Aug 17)
- Re: Handling flood of returned e-mail messages due to spam with forged sender address Gary Flynn (Aug 17)