On Apr 8, 2008, at 2:50 PM, McDonald, Dan wrote:
On Tue, 2008-04-08 at 12:36 -0700, ahgu wrote:
They forged the header with my email addr as the return address.
When it get bounced back by a server, everything is valid. Since
the server
strip off most of the content, it can pass the spamassassin very
easily. I
wonder if anyone got this problem?
Of course, it is very common.
SPF does a reasonable job of stopping it, since it is not worth the
spammer's time to forge when a good portion will be ditched as
violating
spf.
Guys? He's been joe-jobbed.
From the original email: "somebody is using my email as the bounce-
back return email.
How do I avoid the problem?"
If SPF is supposed to prevent this, I can say that it sure as heck
doesn't seem to. Despite having SPF records, I still managed to have
my hostmaster@ address become the recipient of a few thousand bounce
notifications the other day. :|
