Handling flood of returned e-mail messages due to spam with forged sender address

[Gary Flynn <flynngn () JMU EDU>]

Hi,

I've heard of it happening to others but have never actually
experienced it here. Now I've got a person who is getting
hundreds of messages daily. They are bounce messages from
servers receiving spam that they can't deliver. The original
senders of the messages are scattered all over the world.
The messages have this person's address in the From, Reply-To,
and/or Return-Path fields.

Anyone else been through this already?

Did the activity stop by itself after a period of time?

If not, did you come up with a solution other than to change the
victim's e-mail address?

I'm getting ready to send abuse reports to the dozens of sending
organizations but I'm not optimistic.

Why would someone pick a real address of a single person to forge
in these messages anyway? To our knowledge, this isn't retaliatory
activity but I guess you never really know.

--
Gary Flynn
Security Engineer
James Madison University

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.