On Wed, Oct 04, 2000 at 04:17:05PM +0200, Petr Novotny wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 4 Oct 2000, at 16:04, OK 2 NET - Andr� Paulsberg wrote:
>
> > Are your server being used as a Relay for these messages,
> > or are the SPAMMERS simply using your domain to forge their envelope
> > sender.
> > BTW: would it be possible to see one COMPLETE
> > bounce message you are having trouble with.
>
> I have stored about five thousand of them. The basic pattern is
> simple: Some faked Received line, then someone at
> saturn.bbn.com (a DSL? dial-up?), then some open relay in .cn, .jp
> or .kr domains (I have seen quite a few of them) and then the
> recipient, bouncing the message back. I can post one of the
> messages, but which one? Don't want to be unfair to the remaining
> open relays :-)
<std.disclaimer>
Anything in .saturn.bbn.com is a dialup port sold to a virtual ISP, that
is, a company which may or may not own any modems of their own, but buy
access to Genuity's (formerly BBN's) dialup pool.
We don't have any particular control over them, but every single user
is a client of one of our clients, and our contracts have strong anti-spam
terminology.
Problems should be sent first to the client ISP, if available from headers,
and if not, to [EMAIL PROTECTED]
-dsr-
