Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

How the hell can we CAN SPAM??
From: "RandallM" <randallm () fidmail com>
Date: Wed, 17 Nov 2004 08:47:31 -0600

It's just getting ridicules not to mention what it cost all of us in the
end. And might I add doesn't make since. I mean, they spam selling something
with no real contact but a "spoofed one" or real website to reach (most of
the time). I placed an web appliance at my work place and catch an average
of 52000 in 7 days. My ISP has spam filters yet I still receive a number a
day. Now I am also the "return to sender" because of email spoofing. I get
about 40-50 returned to sender, or can't deliver emails (not to mention what
my ISP catches). There is not a dam thing I can do about it. 

Let add to this the problem for legit company's who have this done to them
and they are placed on the "blacklist". They are victims of this abuse that
causes undo problems with their business affairs and it backlashes to their
clients. I often have to help fight for some of our clients who have been
victimized this way. They are not spammers but their addresses have been
spoofed and blacklisted and now any client who uses spam blacklist block
their legit address and miss their business correspondence. 

As for myself I am stuck with the pain of removing my email and setting up
another one and the pain of contacting all correspondences who have that one
to change it to the new one, etc., etc..  

Or I could attempt to figure out the real senders, send abuse email out and
hope someone would answer and help. Doubt that would work. 

Example:
_________-
Date: Wed, 17 Nov 2004 12:12:27 +0000
From: Mail Delivery System <Mailer-Daemon () bt net>
To: mueller () fidnet com
Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software (Exim). A
message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
byoder () bt net unknown local-part "byoder" in domain "bt.net" ------ This is
a copy of the message, including all the headers. ------ Return-path:
&lt;mueller () fidnet com&gt; Received: from [217.35.209.184]
(helo=insmtp22.bt.net) by insmtp01.ukcore.bt.net with esmtp (Exim 3.36 #1)
id 1CUOfh-000628-00 for byoder () bt net; Wed, 17 Nov 2004 12:12:25 +0000
Received: from [211.186.238.119] (helo=therightmoment.com) by
insmtp22.bt.net with smtp (Exim 3.36 #1) id 1CUOTM-00043p-00 for
byoder () bt net; Wed, 17 Nov 2004 11:59:40 +0000 Received: from fidnet.com
(fidnet.com.mail5.psmtp.com [64.18.5.10]) by therightmoment.com (Postfix)
with ESMTP id 3097F4FF8C for &lt;byoder () bt net&gt;; Wed, 17 Nov 2004
06:09:31 -0600 Message-ID: &lt;011001c4cc9e$d041a8b6$13be7097 () fidnet com&gt;
From: "Tickled B. Pulsar" &lt;mueller () fidnet com&gt; To: Byoder
&lt;byoder () bt net&gt; Subject:
=?iso-8859-1?B?VmFyaW91cyBQaWxscywgTG93IHJhdGVzLCBtb25leWJhY2sgZ3VhcmFu?=
=?iso-8859-1?B?dGVlISA=?= Date: Wed, 17 Nov 2004 06:09:31 -0600
MIME-Version: 1.0 Content-Type: multipart/alternative; charset=iso-8859-1;
boundary="----=_NextPart_000_0005_DDA5806C.B53BEAE9" X-Priority: 3
X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1081
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0006
_______________

The email message that was enclosed for these headers was a complete non
sense one full of meaniless verbage like:

__________________-
<TBODY>  <TR>  <TD bgColor=3d#996666 height=3d22>  <DIV align=3dcenter><SPAN
class=3dstyle13>Once something becomes di= scernible, or understandable, we
no longer need to repeat it=2e We can de= stroy
it=2e</SPAN></DIV></TD></TR></TBODY></TABLE> <TABLE cellSpacing=3d0
cellPadding=3d0 width=3d"100%" border=3d0>  <TBODY>
__________________

We talk about the scare of government control. Someone then tell me who else
has the power to step in and stop the viral and spam. Who else has the money
to back massive counter measures to put a stop to it all. I'm I just being
too critical and a doom and gloom user. 

FYI:
Yes I have ensured that I'm not zombified. I then tested again by turning
off my internet use for two days and still received returns for those days.
I clean machines for things like this for a living. Thanks for asking.
 
thank you
Randall M
 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
  • How the hell can we CAN SPAM?? RandallM (Nov 17)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault