No serious damage but annoying. I do see this
junk make it through when spammers hit hard
enough against our mail server but I see this
also on Gmail, Yahoo, Hotmail and other better
known large volume mail services in which they
have much more resources than I do. However not
everyone has large amount of computing resources
to devote to this and can, under the right
circumstances, hang or cause a denial of service
on the system.
This is good question for all mail developers,
not only qmailadmin, to find a way to prevent
legitimate replies to become a spamrelay.
However, IMHO, this is daunting task to sort the
legitimate mail with an legitimate reply to or
return address or a spoofed or junk address to
prevent illegitimate replies.
Frank
Content-Type: multipart/signed;
protocol="application/pgp-signature";
micalg=pgp-sha1;
boundary="Apple-Mail-2-790157071"
On 2009-03-11, at 0624, Lendvai Pter wrote:
Thanks John, that is exactly what I mean and what I am afraid of. Btw, our
mail server got already an abuse warning due to this behaviour. Hopefully
spammers do not know and do not try to exploit this potential
vulnerability.
they DO know about it. if they didn't, you
wouldn't have been reported for abuse.
the problem isn't limited to that particular
"autorespond" program, either... any
autoresponder or "vacation" message program
which includes the original message in the
response can be hijacked by spammers, and there
are some spammers who actively search for them.
i see probes for "sales@", "info@", "help@", and
other common autoresponder names, in my logs all
the time. (of course none of these addresses
exist, and i reject RCPT commands for
non-existent addresses, so no real damage is
done- just wasted bandwidth and CPU cycles.)
----------------------------------------------------------------
| John M. Simpson --- KG4ZOW --- Programmer At Large |
| http://www.jms1.net/ <[email protected]> |
----------------------------------------------------------------
| http://video.google.com/videoplay?docid=-1656880303867390173 |
----------------------------------------------------------------
content-type: application/pgp-signature; x-mac-type=70674453;
name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit
Attachment converted: Frank's MacBook Pro:PGP 63.sig (pgDS/ ) (06940C03)
Content-Type: text/plain
X-DSPAM-Signature: 49b8000d32683231810464
!DSPAM:49b836e332681683012191!
