Filters That Fight Back
Peter Bishop
pgb at adelard.com
Tue Sep 2 14:27:37 CEST 2003
On 2 Sep 2003 at 8:06, David Relson wrote:
> A couple of weeks back, one of the userids at osagesoftware.com received
> a set of false bounces. Since I know that userid has sent 1 or 2 emails
> in the past year and receives approx 1 legit email a week, I'm willing
> to bet that there was some chicanery involved. The total number of
> bounce messages was small, perhaps a dozen or two..
I must admit I saw the same thing - One possible culprit is the SoBig worm
that uses random return addresses selected from the addressbook of the
penetrated machine. A bounce to the actual sender might be a useful warning
of infestation, but bounces to the forged sender could be very puzzling -
it certainly worried me for a while until I saw that my spamtrap userid was
also getting similar bounces.
--
Peter Bishop
pgb at adelard.com
pgb at csr.city.ac.uk
More information about the Bogofilter
mailing list