** Forged spamming going on

some luser off of AT&T DIalup is using mailme.com (my domain) for relaying

Received: from mailme.com (146.st-louis-71-72rs.mo.dial-access.att.net [])
  by atom.ntgi.net (8.8.8/8.8.7) with SMTP id XAA23473;
  Sat, 19 Dec 1998 23:27:18 -0500 (EST)
  (envelope-from You4Me2C@mailme.com)

He is sending thousands of emails to AOL users, who is then bouncing them
to me.

I am not please, to say the least.

AT&T's security dept is non-existent, as far as I am concerned.

I wish vixie would RBL 12/8.

Thinking about this, there is no solution; here are my options:

1) blackhole AT&T, which does nothing, since the mail is bounces coming
from AOL.

2) blackhole AOL, which would fix my attack, but would break all
legitimate mail from/to AOL.

3) temporarily blackhole mailme.com, which would prevent me from getting
the bounces, but then I can't send/get legit mail.

I wish AT&T and other huge dialup organizations could control the
users they have; there should be a licensing process..

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
     Atheism is a non-prophet organization. I route, therefore I am.
       Alex Rubenstein, alex@nac.net, KC2BUO, ISP/C Charter Member
               Father of the Network and Head Bottle-Washer
     Net Access Corporation, 9 Mt. Pleasant Tpk., Denville, NJ 07834
Don't choose a spineless ISP; we have more backbone! http://www.nac.net
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --

Just as an interesting note.. I seem to recall a spammer doing this in the
past using a "big name" domain and losing quite a lot of money in the
process from the resulting lawsuit.

Might be a good object lesson. :slight_smile:

On a related note, my employer is finishing construction on a new facility
a few blocks away. The conference rooms always have "themes" for their
names (one building used to have names like "Lice", "Boils", and "Locusts",
and another has names based on cities of the world). The staff of the new
building named them after the "seven deadly sins", which was all well and
good except there were 8 conference rooms. The eighth name? "Spam". :slight_smile:

The domain was flowers.com, the ISP was Zilker Internet Park in Texas, and
the judge found for the plaintiff.

Hope this helps.