Bleh, spammers.

[dvandom]

The latest spammer trick is forged reply-to on stuff that's going out to unconfirmed addresses, so that if there's no one reading the email at the first address, the bounce message spams some other guy. In 8 hours overnight, I got 450 such spams that made it through my filters, another 50 caught by SpamAssassin, and a few hundred caught by the content-checking manual filters I set up when this bounce-spam first started (most of it is for sex videos and fake designer watches).

Unfortunately, last night's flood means I now have to subject-filter on bounce messages in general, since they've broadened their content too much for me to keep up that way. So now I can no longer see if I actually send an email that bounces...well, I could, but it would require reading my spam folders so often that it wouldn't be worth HAVING spam filters.

Congratulations, anonymous assholes, for contributing further to turning a useful tool into useless crap.

Comments

[robotech-master.livejournal.com]

It isn't really new. Backscatter spam has been going on for years, and was the bane of my existence back when I worked for a webhosting ISP and had to explain to people why they were getting it.

They seem to have started doing a lot more of it than usual over the last few weeks, though. So, in the end, I've just had to start feeding it all to spamassassin.

There are some damned persistent spams these days. I funnel all my email through first spamassassin on Eyrie, then bounce what survives to Gmail, and still the odd spam occasionally finds its way through.

[acoustic-rob.livejournal.com]

Ugh, I had that happen to me about five years ago. I'd be getting about 500 spam-bounces a day and eventually had to shut the address down because I couldn't keep up with it all.

My condolences. I'm not a guy who resorts to physical violence at all, but for the guy who came up with trick I'd make an exception.

[the-s-guy.livejournal.com]

Presumably there would be some way to check it against your outbox(es), but that would need a slightly more invasive/integrated function set for the filter.

[liabrown]

I think you should send Derek Radner after them.

[dvandom.livejournal.com]

Unfortunately, even if he exists in this timeline, he's only 9 years old in 2008.

[lord-xiphos.livejournal.com]

Hey, that makes him older than ... Dr. Tran (http://youtube.com/watch?v=-jBa7iBonTk)! (He's a REAL DOCTOR)

[wtimmins.livejournal.com]

What really boggles me is that even presuming spam works at all as a means of revenue, you'd think 'people screening out spam' wouldn't be your target market.

[z4nd4r.livejournal.com]

I'd suggest setting up some sort of filter that shunts those bounces directly into the garbage. Once the deluge has ended you can loosen the reins on that filter.

I had that problem a year or two ago, set up a filter that sent that stuff straight to the trash and then after a couple weeks they stopped.

It even predates email

[lord-xiphos.livejournal.com]

I've recieved spam snail-mails where my address was set as the return address, with the delivere to address marked as undeliverable. Apparently it's a really old technique that electronic mail has not solved.

One solution, that has been as widely adopted as ssh has to telnet, is to only accept digitally signed/encrypted emails, putting in a "hold" folder signed/encrypted mails from folks for whom you do not have a public key. Unsigned mails get junked.

Re: It even predates email

[dvandom.livejournal.com]

Heh. Yeah, just like the Nigerian Spam Scam goes back to the early days of the postal service. A story in one of the Grantville Gazette installments revolved around some high school kids adapting that one to 1600s Germany. :)

Unfortunately, I kinda want strangers to be able to contact me out of the blue on the account that's getting all the spam, for various reasons, so I'm reluctant to over-filter or abandon the address.

Re: It even predates email

[lord-xiphos.livejournal.com]

Re: overfiltering - Yep. Unfortunately, even though a solution exists, its successful implementation requires effort on the part of John Q. Public, and that will never happen.