> On Mon, 23 Sep 2002, Toralf Lund wrote:
>
> > 59m 3.4K 17tRfs-00vg6d-00 <> *** frozen ***
> > users002@???
>
> There's been an absolute orgy recently of some abuser presenting a
> username of users002 at all kinds of email domains.
>
> We see these addresses in our rejection logs, and you can see them at
> google groups:
>
> http://groups.google.com/groups?hl=en&lr=&ie=ISO-8859-1&as_drrb=q&q=users002++group%3Anews.admin.net-abuse.*&as_qdr=m
>
> > Has anyone seen anything similar? Note that the address is always
> > the same (users002@???)
>
> Haven't seen that specific one, but we've refused plenty of similar
> ones. If the mail was relayed by a third party then presumably that
> third party would have composed a non-delivery report to the
> envelope-sender on the basis of our rejection. The JANET abuse folks
> call it "collateral spam" http://www.ja.net/mail/junk/collateral.html
> which seems apt.
Just a thought:
What if I set up an account or alias so that the address would be valid,
and add auto reply, "vacation" style (with a long or possibly infinite
reply interval) with a message that would explain it all, and encourage
people to block messages from this address?
- Toralf