[ILUG] how should I handle a flood of fscking backscatter

[Brian Foster]

  | From: "PJ" <pj at nssl.ie>
  | Date: Mon, 10 Sep 2007 15:12:49 +0100
  | 
  | I've been meaning to look into the setting up of SPF records
  | for domains, these are used by some mailservers to check the
  | 
  | authenticity of senders, as some of our customers have been
  | having similar problems, but haven't got round to it yet.
  | 
  | Its near the bottom of a very long to-do list. You might try
  | looking at that. http://www.openspf.org/ for more information

 total non-starter (assuming I'm understanding
 the idea correctly).  I don't control any of
 the relevant e-mail servers, or more accurately,
 I don't own the domain to which the bounces are
 being sent (i.e., the domain used in the forged
 e-addresses).  that's an ISP, from which I then
 download the e-mail.  whether or not the ISP
 could, or should, do something like that I've
 no opinion about (ATM).

 w.r.t. the current incident, the rate of incoming
 bounces has dropped considerably since I sent an
 e-mail to the suspected sender's ISP's abuse at ...
 e-address.   also, the suspected sending IP-address
 is no longer responding to ‘ping’s.  I dunno if
 my e-mail worked (the ISP has not replied), or
 something else happened, or this is just a lull,
 but (cross fingers and toes and tails and other
 such things), the bloody storm might now be
 abating ....

 or maybe Mr Söze is now on the case?  ;-)

cheers!
	-blf-
-- 
▶ ▶  I AM CURRENTLY LOOKING FOR A JOB!  ◀ ◀ | Brian Foster
Experienced (>25 yrs) software engineer:    |        Montpellier, FRANCE
 • Unix, Linux, embedded, design-for-test;  | Stop E$$o (ExxonMobile)!
 • Software/hardware co-design, debugging;  |     http:/www.stopesso.com
 • Kernels, drivers, filesystems, &tc;    Résumé (CV) & contact details:
 • IDL, automated testing, process, &tc.   http://www.blf.utvinternet.ie