Creative spamming
Apr 6, 2003
<img src="/img/blosxom/technical/spam-small.gif" width=“101"nheight=“100” align=“right”>Spammers will take up any opportunity tonget their advertisements through. The past few days I’ve beennreceiving a lot of it using a bounce scheme. I first saw it aroundn1998, but I’ve had a dozen unique ones this week so it looks like somencrook has rediscovered it. It’s different than just sending a fakednbounce or getting one because a spammer hijacked your address to stuffninto the sender field because it subverts the correct operation of anproperly configured host to do the dirty work. It goes like this:nn
-
Spammer fakes message from you to a bunch ofnaddresses. This looks just like someone is trying to fake you as beingnthe sender. The addresses are probably not real, at least they don’tnexist on the target mail host.
-
Target mail host refuses it, sending the bounce message to thenpurported sender- you.
-
You get bounce with original message content at the bottom andnwonder what the hell happened.
nn
nn
nn
nn
nnYou can distinguish this from the bounces produced by the hijacking ofna sender address by the headers but also because you only get a singlenmessage, not a torrent of bounces from all over the world. Becausenmost of us want to see bounce messages and they are less common thannspam, our filters don’t flag the message and it ends up in theninbox. Charming little bastards.