Have you received SPAM from a user at freefly.net?
You actually haven't - there are no users at freefly.net.
We have been Joe-Jobbed.
Cut and paste the header from the mail in to spamcop and see who is really sending the mail and go and annoy them.
If you don't know what a header is then go to http://vww.spamcop.com/help_with_headers/
More than likely it is Paul Mentesidis/WebFills/rxmedicals/palmnet (see http://spews.org/html/S1958.html)
I get hundreds of bounced emails a week couresy of Paul and I wish he would just piss off and die.
If I get a bounce, I send the following message (you may find it useful):
Dear Mail Administrator
Turn off your viral autoresponder, if you are using one.
Ensure that your mail server is generating 5XX *REJECT* messages,
*NOT* sending a notification to the 'From:' or Envelope From sender,
as these are SPOOFED.If you *cannot* make an SMTP-time assessment of deliverability of a
message, filter content for obvious viral and spam signatures, and
do not generate nondelivery notices for such messages, as they
frequently spoof sender. Not taking these precautions makes you a
vector for a DDoS Joe-job attack:The Joe Job DoS attack
By John Leyden
Published Tuesday 6th April 2004 17:30 GMT
http://www.theregister.co.uk/2004/04/06/joejoe_dos_attack/A problem with the way that non-delivery notifications are sent
by many mail servers could be exploited to launch "mail bomb"
denial of service attacks.Incorrectly configured mail servers may respond to mail delivery
failure with as many non-delivery reports as there are
undeliverable cc: and bcc: addresses contained in the original
email. By forging the source of an email, hackers could bombard
systems with spurious emails.
MyDoom is the worst virus ever
By John Leyden
Published Wednesday 28th January 2004 13:11 GMT
http://www.theregister.co.uk/content/56/35174.htmlJust like SoBig-F, much of the huge volume of crap generated by
MyDoom is the result of auto-responder messages. As well as
replies that someone is out of the office users are getting a
stream of accusatory messages from anti-virus gateway products
accusing them of sending a virus.
Auto-responders magnify Sobig problem
By John Leyden
Published Wednesday 20th August 2003 17:30 GMT
http://www.theregister.co.uk/content/archive/32434.htmlGraham Cluley, senior technology consultant for Sophos
Anti-Virus, said that the current generation of anti-virus
gateway products are incapable of determining the email address
in a virus contaminated email are spoofed."In the circumstances, it might be better for people to turn off
their auto-responder," Cluley advised, adding the auto responder
messages could be taken of an accusation that someone wholly
innocent was sending out viruses.Also:
http://www.businessweek.com/magazine/content/04_12/b3875032.htm
http://www.attrition.org/security/rant/av-spammers.htmlMy own systems are not susceptible to legacy MS Windows viruses (I
run GNU/Linux exclusively). For sites unfortunate enough to rely on
Microsoft products, such false reports waste staff and
administrative time on wild-goose chases.
Your email system is generating "bounce" messages to spoofed "from"
addresses. These are widely considered spam on the UBE basis:- Unsolicited? Check
- Bulk? Check
- Email? CheckThe sending address has been added to the local spamlist; any
further mail from that address will be treated and reported as spam.
Multiple such reports *will* result in your site being listed on
spam-origin lists, including SPEWS, SpamCop, Spamhaus, and others.Further similar messages from your domain will be reported as spam.
Any prior and subsequent mail can and will be forwarded to public
services not limited to NANAE (news:news.admin.net-abuse.email) at
my sole discretion. All "confidentiality" email disclaimers are
specifically rejected.Thank you.
freefly.net