«

For ****'s sake, when will mailserver admins disable automatic bouncing to
the purported sender address?

I'm getting 200 bounces a day, due to this latest winshit virus forging my
email address.

My mailserver is not even involved in the original message.

But these stupid ****ing mailservers are not even comparing the IP address
of the incoming message session with the IP address resulting from a
lookup of the claimed sender.

And this is the weakness in my otherwise almost bulletproof spam filter -
it is set to allow bounce messages.

This mailserver dumbness is bad enough.

But the real blame goes to all the Joe ****wit Windows Users out there who
say 'duhh, whaddya mean there's better software than windows, outlook
express, internet explorer? I'm not gonna change, it sounds too technical'.

And, to Microsoft itself, for facilitating and encouraging people to stay
in this stupidity, so they can remain as ignorant marketing cash cows.

Microsoft is way overdue for a class action suit filed by
hundreds of corporations, thousands of small businesses and millions of
users, for the time, money and even data that's been lost because of
Microsoft's negligent product design.

$50 billion in the bank?
Give it to the users you've ****ed over!!!

EB

Evil Bastard wrote:

> For ****'s sake, when will mailserver admins disable automatic bouncing to
> the purported sender address?

No kidding.

> I'm getting 200 bounces a day, due to this latest winshit virus forging my
> email address.

I've had about 30 today.

> My mailserver is not even involved in the original message.

If you're like me, you don't even use friggin' Windows......yet have to
suffer this crap.

.................

> But the real blame goes to all the Joe ****wit Windows Users out there who
> say 'duhh, whaddya mean there's better software than windows, outlook
> express, internet explorer? I'm not gonna change, it sounds too
> technical'.

I KNOW how you feel, mate!!

> And, to Microsoft itself, for facilitating and encouraging people to stay
> in this stupidity, so they can remain as ignorant marketing cash cows.

Yep.

> Microsoft is way overdue for a class action suit filed by
> hundreds of corporations, thousands of small businesses and millions of
> users, for the time, money and even data that's been lost because of
> Microsoft's negligent product design.

We've seen how they corrupt courts over and over in the US and elsewhere.

Evil Bastard <postmaster@127.0.0.1> wrote in
newsan.2004.01.31.03.26.12.223913@127.0.0.1:

> For ****'s sake, when will mailserver admins disable automatic
> bouncing to the purported sender address?
>

I have noticed that at least this issue is being mentioned in the write ups
for the worm. Progress is being made.
Ciao, Dave

In article <pan.2004.01.31.03.26.12.223913@127.0.0.1>,
Evil Bastard <postmaster@127.0.0.1> wrote:

>For ****'s sake, when will mailserver admins disable automatic bouncing to
>the purported sender address?

It's difficult to automatically determine the true sender from the
headers.

The next best thing is, when bouncing the message back, to at least
include the full headers. That way the person receiving the bounce can
work out where the message really came from.

Back in the days of SoBig and Klez.H, every time I got a bounce with
insufficient information, I would send back a query asking for the full
headers. I figure if I annoyed enough sysadmins about this, they would
get the idea.

Unfortunately, the current deluge of Mimail or MyDoom or whatever the
hell it is is so great that I'm no longer bothering...

On Sat, 31 Jan 2004 16:26:13 +1300, Evil Bastard
<postmaster@127.0.0.1> wrote: nothing worth repeating
>

You could always try looking on the bright side. At least you don't
need a fire extinguisher in your house... enough foam coming out there
to put out a bushfire.

Gavin

On Sat, 31 Jan 2004 16:26:13 +1300, Evil Bastard wrote:

> For ****'s sake, when will mailserver admins disable automatic bouncing to
> the purported sender address?

And sender notifications of "you have sent a virus"

> I'm getting 200 bounces a day, due to this latest winshit virus forging my
> email address.

You're lucky. I'm getting that many an hour at times.

On Sat, 31 Jan 2004 16:26:13 +1300, in article
<pan.2004.01.31.03.26.12.223913@127.0.0.1>, Evil Bastard wrote:

> For ****'s sake, when will mailserver admins disable automatic bouncing to
> the purported sender address?

Evidently you're talking about the "MAIL FROM" purported sender
(where the bounce goes to), not the "HELO"/"EHLO" claimed sender
(where the incoming message session claims to be from).

> I'm getting 200 bounces a day, due to this latest winshit virus forging my
> email address.
>
> My mailserver is not even involved in the original message.
>
> But these stupid ****ing mailservers are not even comparing the IP address
> of the incoming message session with the IP address resulting from a
> lookup of the claimed sender.

1. I routinely send email through Paradise, using my Xtra email
address. I want to see bounces, even though
• The IP address of the incoming message session will be
a Paradise IP (Paradise's outgoing mail server).
• The IP address resulting from a lookup (MX record) of
the "MAIL FROM" claimed sender will be an Xtra IP address.


2. A _simple_ IP comparison is not good enough. Even when using
one ISP, the IP address of the incoming message session
need not be the same as the IP address resulting from a
lookup of the claimed sender. The first one will be the IP
address of the ISP's outgoing mail server and the second one
will be the IP address of the ISP's mail exchanger.


3. If you did mean the "HELO"/"EHLO" claimed sender, then
not allowing this to be forged isn't going to stop your
email address from being forged in the "MAIL FROM".

Most mail servers put the IP of the incoming session
in the "Received" headers, so spammers don't gain too much
by forging the "HELO"/"EHLO" claimed sender. A lot of
spam I see simply sets the "HELO"/"EHLO" claimed sender
to the same [IP] as the incoming session.


--
Cheers,
Ralph

Politics is the art of getting power and
privilege without possessing merit.

On Sat, 31 Jan 2004 21:59:04 +1300, Lawrence D¹Oliveiro wrote:

>>For ****'s sake, when will mailserver admins disable automatic bouncing to
>>the purported sender address?
>
> It's difficult to automatically determine the true sender from the
> headers.

It's easier to not accept-then-bounce.

> The next best thing is, when bouncing the message back, to at least
> include the full headers. That way the person receiving the bounce can
> work out where the message really came from.

Most systems do that anyway. More to the point they shouldn't be accepting
mail for any random name in their domain then sending mail later saying
they can't deliver it. Verifying the existance of a local name is trivial
and most MTAs have been doing it for at least a decade.

Of course the ones which aren't are windows based, or Qmail.

Uncle StoatWarbler wrote:

> Most systems do that anyway. More to the point they shouldn't be accepting
> mail for any random name in their domain then sending mail later saying
> they can't deliver it. Verifying the existance of a local name is trivial
> and most MTAs have been doing it for at least a decade.
>
> Of course the ones which aren't are windows based, or Qmail.

Assuming your talking to the server that has details of the users on it, for all
you know it may be a backup MX server that will simply relay it to the main mail
server when it is available, or else some go between server that is checking
content of the messages, no need for that to have details of all the users.

And, rejecting based on user gives rise to the rumplestiltskin attacks where you
know the ones that are delivered because the server doesnt reject the recipiant.

I think its better that all failed messages are just dropped, spam filtering
means that enough mail goes missing already, a few more wouldnt go unnoticed.

Richard Malcolm-Smith wrote:
> Uncle StoatWarbler wrote:
>
>> Most systems do that anyway. More to the point they shouldn't be
>> accepting
>> mail for any random name in their domain then sending mail later saying
>> they can't deliver it. Verifying the existance of a local name is trivial
>> and most MTAs have been doing it for at least a decade.
>>
>> Of course the ones which aren't are windows based, or Qmail.
>
>
> Assuming your talking to the server that has details of the users on it,
> for all you know it may be a backup MX server that will simply relay it
> to the main mail server when it is available, or else some go between

But when the main mail server is available then it should know if theses
are legitimate addresses.


> And, rejecting based on user gives rise to the rumplestiltskin attacks
> where you know the ones that are delivered because the server doesnt
> reject the recipiant.

True, but I think the utility out ways the potential disadvantages. As
"return receipts" are even less likly to work, it is a very useful
service to have email with the wrong delivery address returned, Like
post office RTS, because one can easily make a typing mistake with an
email address (particularly if it is in ISO format). It appears very
unprofessional (and can be difficult) to contact someone by another
method to check whether they have or have not received your important
email. .