Re: People forging their From: addresses
- Date: Wed, 30 Sep 1998 12:27:31 +0200
We have been hit by the same problem and got about 20 complaints,
and about 5-6 reports, telling about the forgery.
Then you have been extremely lucky. A few weeks ago we were
hit by this problem, and the user whose e-mail address was
abused received some 50,000 (!) complaints, and 'postmaster'
and 'abuse' hundreds of them.
I intended to report the case to the police, but realized that it
would require an estimate of how much that forged from address
actually costs us in money and reputation. Who knows about that.
We're facing the same problem. Even so we're going to report
it, if only to assist in anti-spam law-making.
I individually answered every single complaint which essentially said:
Please learn reading mail headers before you make a complaint.
So did I. The answers that I got in return to that ranged
from apologies to hot flames...
I also removed the host from dns, hoping that some pending deliveries
out there would fail. (The host did not exist any more anyway).
Fortunately it was just a host name, not a domain name.
In our case it was a domain name.
I think the combination rbl.vix.com and rbl.dorkslayers.com is the
way to go. Let's have those open mail relays secured ASAP.
It *is* a very powerful combination. But at the same time it
can be a dangerous one for your organisation: you may well
find that quite a few organisations that you *must* exchange
mail with are on rbl and/or orbs. Which means *you* have to
make your own exceptions to the rbl/orbs rules, and tell your
'counterparts' to fix their business.
Piet
