New Spam Delivery Technique

[tony barry <tony () no-bull co nz>]

Hi list (again),

I think I didn't explain clearly first time. Its not the PDF attachment
thats new its the delivery method.

The spammer forges the sender address to anyone () mydomain com and sends
it to doesnotexist () ligitimatecompany com.

Ligitimate companys mailer receives the message finds the recipient is
not on its list, crafts a 'Could not deliver mail' message, Attaches the
spammers original message and sends it to anyone () mydomain com where my
catch all account receives it because the spam filter does not reject
Mailer Daemons failed to deliver mail messages 'cause I want to know
that.

While typing this a thought has occurred to me. What would happen if I
did not have a catch all account and my mail server also rejected the
message. Would it be bounced back to Ligitimatecompany.com or to
mydomain.com? How long would this message bounce around the internet
looking for a home.

Second thought. If ligitimatecompany.com (and others) is/are receiving
messages supposedly from mydomain.com (or yourdomain.com) that have a
high spam score what is the likely hood of mydomain.com ending up on a
spammers blacklist.

Tony