nanog mailing list archives
Re: Anyone from instagram reading?
From: Mike Hammett <nanog () ics-il net>
Date: Thu, 3 Dec 2020 07:51:14 -0600 (CST)
Mailops? ----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: bzs () theworld com To: nanog () nanog org Cc: bzs () theworld com, abuse () instagram com Sent: Wednesday, December 2, 2020 1:03:13 PM Subject: Anyone from instagram reading? Instagram is enabling an harassment attack. They are sending out "change in terms of use" statements, you've probably received it. Apparently they will send them to unconfirmed accounts, en masse. So for example you own example.com and all email for *@example.com goes to you. And there are no legitimate email accounts for that domain so can't possibly be confirmed accounts. So you are receiving a firehose of "terms of use" emails to randomstring () example com apparently being generated by a script, random+domain@domain like (from the actual emails tho not example.com): qiuncjhuxeexample () example com mazhjkmthexample () example com and so on and so on, each one different. SOLUTION: Stop sending your terms of use update messages to unconfirmed accounts. It's a trivially abused harassment vector as we're seeing. -- -Barry Shein Software Tool & Die | bzs () TheWorld com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public Information Utility | *oo*
Current thread:
- Anyone from instagram reading? bzs (Dec 02)
- Re: Anyone from instagram reading? Mike Hammett (Dec 03)