All,
I have email for my whole domain. I'm typically known to sign up for
services with vendor@mydomain, so that when an email gets retired or
leaked, I route it to /dev/null, or in the event of a leak, retire it from
the original place (say, [email protected]) and auto-route it to spam
reporting and bayes learning.
One of my older ones: [email protected] was a general purpose one, and
thus for that one, rather than just routing it straight to sa-learn, I put
in an autoresponder saying "the spammers won this address, if you really
want to contact me, use this".
Here's the thing though.
Spam is coming to me with VERP'ed addresses. It's getting autoresponded
to. Those autoresponses are then bouncing back to me as undeliverable.
So...you're a spammer. You're going to the trouble to do VERP. You're
throwing the responses on the ground, or even blocking their receipt. Or
your VPS got suspended (which I'm sure you saw coming).
What's the bloody point here? I mean, I know there doesn't have to be
one, buy I'f love to hear ideas as to what the possible use case is.
I mean, logically, one thing I could do is have my autoresponder detect
the verp'ed format to this address specifically, and not attempt to
respond to it (and in fact, I could report on/train on it).
The autoresponder is for legitimate humans trying to contact me directly
(i.e. nobody who will use verp). In the few years since I realized this
address was a lost cause, nobody's tried. (Although I have started
getting spam at gushi2015@domain, so that's some intelligence).
Example:
The original message was received at Mon, 1 Nov 2021 11:09:59 -0700 (PDT)
from localhost [127.0.0.1]
----- The following addresses had permanent fatal errors -----
<[email protected]>
----- Transcript of session follows -----
<[email protected]>... Deferred:
Connection refused by mail.ndlplayerbenefits.com.
Message could not be delivered for 5 days
Message will be deleted from queue
Reporting-MTA: dns; prime.gushi.org
Arrival-Date: Mon, 1 Nov 2021 11:09:59 -0700 (PDT)
Final-Recipient: RFC822;
[email protected]
X-Actual-Recipient: rfc822;
[email protected]
Action: failed
Status: 4.4.7
Remote-MTA: DNS; mail.ndlplayerbenefits.com
Last-Attempt-Date: Sat, 6 Nov 2021 11:16:13 -0700 (PDT)
From: [email protected]
Subject: Automated acknowledgement
Date: November 1, 2021 at 11:09:58 AM PDT
To: [email protected]
Hey There,
This is why we can't have nice things.
Unfortunately, the spammers seem to have won the email address you've
mailed me at -- [email protected], and I'm now starting to use it as a spam
trap to train my systems.
If you want to email me, you can email me at [email protected] (i.e.
[email protected], but make sure you use the CURRENT year).
Best,
-Dan Mahoney
--
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
FB: fb.com/DanielMahoneyIV
LI: linkedin.com/in/gushi
Site: http://www.gushi.org
---------------------------
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
