On Tue, Aug 19, 2025 at 07:52:32AM -0500, Jarland Donnell via mailop wrote: > Suppose I forgot to add the most important detail between 3 & 4: > > - Flood freemail accounts with massive amounts of inbound email all > addressed from randomly generated addresses @ the domain with MX set to the > target server.
Possibly unrelated, but I saw something vaguely similar a few months back when a small number of hosts tried to relay whatever it was to a few addresses in the @qq.com domain using a large subset of the published imaginary friends as the from address. That got them only an entry in the blocklist of course, given our spamd.alloweddomains setup. We also see idiocy like https://nxdomain.no/~peter/to_jacksb841_at_gmail_dot_com.txt where they seem to be trying a joejob of sorts. Then again, if the relay they're abusing is not yours, this will be only anecdotal noise to you. Here's hoping they're found and bashed thoroghly! All the best, Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team https://nxdomain.no/~peter/blogposts https://nostarch.com/book-of-pf-4th-edition "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
