Subject: | |
From: | |
Reply To: | |
Date: | Wed, 15 Jan 1997 12:29:45 -0600 |
Content-Type: | TEXT/PLAIN |
Parts/Attachments: |
|
|
Yesterday, I started running the listserv alias (on Unix ListServ) through
procmail, catching all of the bogus requests for a particular list.
After looking at all of the mail I received, I'm really wondering how they
do it. There is no trace of the origin of the message; it looks like it's
coming from the real person. The Received: lines look good, and there is
no single place this is coming from.
On Mon, 13 Jan 1997, Paul M. Karagianis wrote:
> On Mon, 13 Jan 1997 13:48:09 -0600 Catherine Anne Foulston said:
> >(...)
> >We have a real problem with these bogus subscriptions. There are
> >a LOT of them. If they all came from a single source, it would be
> >easy to stop them, but they don't. I'm wondering, though, if
> >there is some web page or something out there that people are
> >using to do this.
>
> SJU has 3 out of 350+ lists that have been getting clobbered with this
> stuff for a couple of months now and I have been wondering more or less
> the same thing myself. The view from here is that some high ranking
> messiah among the legions of pimpled brain-doners circulated an exec or
> macro that takes 1 to 20+ parameters and does the SMTP forgeries from
> arg1 using args2 to n as the name. Since many of the perps use only one
> or two args most of the subscriptions bomb out for invalid syntax. The
> rest usually are to invalid addresses, full mailboxes, user refused or
> expire confirmation. Still, there's enough traffic and resulting
> bouncemail to make this annoying. Much of what I've seen lately comes
> from cornell.edu and various asian domains, but it has been coming from
> all over.
Bob Jackiewicz UIC Academic Computer Center [log in to unmask]
University of Illinois at Chicago Network Services
|
|
|