It seems the individual responsible for the Spambully challenges has come forth. Unfortunately the challenges were being issued due to their misunderstanding between how our list sends the from address on posts.
Either way there should be no more challenges as their system has been disabled for our list. Thanks to all who helped out in narrowing this down. Best regards, Peter Ejtel Sales Manager Tucows Inc. [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Tuesday, September 16, 2003 7:12 PM To: Robert L Mathews Cc: [EMAIL PROTECTED] Subject: Re: [OT] OpenSRS, please unsubscribe the person using SpamBully Robert, They are already investigating this rogue system and know who the ISP is. But please forward any information you have including complete mail headers to [EMAIL PROTECTED] Thanks! On Tue, 16 Sep 2003, Robert L Mathews wrote: > List Dad, can we remove the person from the list who has been using > SpamBully to do the following three extremely stupid things for some time > now, with no sign of catching a clue: > > 1. Sending a challenge/response to mailing list mail; > 2. Setting the return address of that challenge to > [EMAIL PROTECTED]; > 3. Forging the HELO sender of that challenge as "opensrs.org". > > Here's an example from a challenge I recently received when posting to > discuss-list: > > >Received: from opensrs.org (unknown [66.117.242.230]) by fry.tigertech.net > >(Postfix) with ESMTP id 60B9A3FC1C5 for <[EMAIL PROTECTED]>; Mon, 15 Sep > >2003 23:25:10 -0700 (PDT) > >From: [EMAIL PROTECTED] > > > >My email program has recognized your email message > >as a possible spam message. If you feel this was > >an error, Please reply to this email with only > >a password and read your password from the enclosed > >image and then reply to this email and type > >the password in the subject or body of the reply. > >Thanks. > > > >This Email account is protected with Spam bully. > >This message was autogenerated by http://www.spambully.com > > Because they're forging all the header info, it's hard to tell who is > doing it, but the mail server at 66.117.242.230 identifies itself as > test.osubucks.org. It appears that the MX host for osubucks.org is > mail.osubucks.org, which is also 66.117.242.230. > > So the offender is most likely someone with an e-mail address > @osubucks.org. Perhaps the person in charge of the list can search the > subscribers for such an address and remove it? > > -- > Robert L Mathews, Tiger Technologies > -- "If Verisign is the 'Value of Trust', then trust ain't worth much any more." - me Spam Trap Mail Key: ASK and you shall receive
