domain is run by morons Date: Wed, 24 Dec 2003 02:23:22 +1100 User-Agent: KMail/1.5.4 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <[EMAIL PROTECTED]> Status: RO X-Status: Q X-KMail-EncryptionState: X-KMail-SignatureState:
They have a filter that stops naughty language. Their filter replies to the apparent sender of all messages (including mailing list messages). They have an address for discussion of the filter but it applies the same filter (so if you forward their complaint message to discuss why it should not be blocked then you get even more of their messages). If you CC multiple addresses in their domain then you get multiple responses. Here are some ways that txucom.com can be abused: Send a number of messages appearing to come from someone you don't like that are CC'd to many addresses at txycom.com ([EMAIL PROTECTED] and [EMAIL PROTECTED] are two that I know of). The number of messages sent to the person you don't like will be N*M (where N is the number of messages and M is the number of names on the CC list). The "Wall Alarm" program that they use contains a paragraph of text which contains the "naughty" word. So a three line message about p**** enlargement with the P word in the middle line can be transmitted in the bounce message, thus getting around some spam filters (in effect an open-relay). There are probably ways of making the "Wall Alarm" program reply to it's own messages and kill itself, but I didn't bother figuring it out. This "Wall Alarm" program is evil and should not be allowed on the Internet. I recommend that everyone configure their mail server to reject messages who's header match the regex "^Subject: Wall Alarm", in Postfix you can do this by adding the following line to /etc/postfix/reject: /^Subject: Wall Alarm/i REJECT You also need the following in main.cf: header_checks = regexp:/etc/postfix/reject PS I would appreciate it if the person from txucom.com would use hotmail.com to read this mailing list. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
