nanog mailing list archives

Re: ** Forged spamming going on

From: Derek Balling <dredd () megacity org>
Date: Sun, 20 Dec 1998 16:52:21 -0800

Just as an interesting note.. I seem to recall a spammer doing this in the
past using a "big name" domain and losing quite a lot of money in the
process from the resulting lawsuit.

Might be a good object lesson. :)

On a related note, my employer is finishing construction on a new facility
a few blocks away. The conference rooms always have "themes" for their
names (one building used to have names like "Lice", "Boils", and "Locusts",
and another has names based on cities of the world). The staff of the new
building named them after the "seven deadly sins", which was all well and
good except there were 8 conference rooms. The eighth name? "Spam". :)



At 04:53 PM 12/20/98 -0500, alex () nac net wrote:




some luser off of AT&T DIalup is using mailme.com (my domain) for relaying
mail:


Received: from mailme.com (146.st-louis-71-72rs.mo.dial-access.att.net 
[12.75.28.146])
      by atom.ntgi.net (8.8.8/8.8.7) with SMTP id XAA23473;
      Sat, 19 Dec 1998 23:27:18 -0500 (EST)
      (envelope-from You4Me2C () mailme com)

He is sending thousands of emails to AOL users, who is then bouncing them
to me.

I am not please, to say the least.

AT&T's security dept is non-existent, as far as I am concerned. 

I wish vixie would RBL 12/8.

Thinking about this, there is no solution; here are my options:

1) blackhole AT&T, which does nothing, since the mail is bounces coming
from AOL.

2) blackhole AOL, which would fix my attack, but would break all
legitimate mail from/to AOL.

3) temporarily blackhole mailme.com, which would prevent me from getting
the bounces, but then I can't send/get legit mail.

I wish AT&T and other huge dialup organizations could control the
users they have; there should be a licensing process..



-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
    Atheism is a non-prophet organization. I route, therefore I am.
      Alex Rubenstein, alex () nac net, KC2BUO, ISP/C Charter Member
              Father of the Network and Head Bottle-Washer
    Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834
Don't choose a spineless ISP; we have more backbone!  http://www.nac.net
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --

Current thread:

** Forged spamming going on alex (Dec 20)
- Re: ** Forged spamming going on Derek Balling (Dec 20)
  - Re: ** Forged spamming going on Steven J. Sobol (Dec 21)
- Re: ** Forged spamming going on Phil Howard (Dec 21)
- <Possible follow-ups>
- Re: ** Forged spamming going on Robert Tarrall (Dec 21)
  - Re: ** Forged spamming going on alex (Dec 21)
    - Re: ** Forged spamming going on Stephen Stuart (Dec 21)
  - Re: ** Forged spamming going on Steven J. Sobol (Dec 21)
  - Re: ** Forged spamming going on Jon Lewis (Dec 21)
- Re: ** Forged spamming going on Robert Tarrall (Dec 21)
  - List of dialups (was Re: ** Forged spamming going on) J.D. Falk (Dec 21)
- Re: ** Forged spamming going on Dean Anderson (Dec 21)

(Thread continues...)