Re: [exim] Heads up?

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMFred Viles at <-
.MFred Viles at ->
Delete this message
Reply to this message
Author: Marilyn Davis
Date:  
To: Fred Viles
CC: exim-users
Subject: Re: [exim] Heads up?
On Thu, 24 Mar 2005, Fred Viles wrote: 

> On 24 Mar 2005 at 17:20, Marilyn Davis wrote about
>     "Re: [exim] Heads up?":

>
> | On Thu, 24 Mar 2005, Marilyn Davis wrote:
> |
> | > 2005-03-24 14:17:28 1DEadm-0004XA-Vj => mike@??? R=dnslookup T=remote_smtp H=ext-mx02.hisplace.com [66.134.75.55]
> | > 2005-03-24 14:17:28 1DEadm-0004XA-Vj Completed
> | >
> | > ----
> | >
> | > So now I'm wondering, how is this collateral spam from an error better
> | > than the collateral spam from a challenge?
>
> You're looking at a server log entry, not a bounce message.

Yes. I guess I trimmed too much off the previous message. I'm sorry.

Here's more context:

| 2005-03-24 14:17:22 1DEadm-0004X5-Qq <= mike@??? U=root P=local S=1759
| 2005-03-24 14:17:22 1DEadm-0004X5-Qq ** marilyn@??? R=dnslookup T=remote_smtp: SMTP error from remote mailer after MAIL FROM:<mike@???> SIZE=2826: host | 2005-03-24 14:17:23 1DEadm-0004XA-Vj <= <> R=1DEadm-0004X5-Qq U=exim P=local S=3356
| 2005-03-24 14:17:23 1DEadm-0004X5-Qq Completed
| 2005-03-24 14:17:28 1DEadm-0004XA-Vj => mike@??? R=dnslookup T=remote_smtp H=ext-mx02.hisplace.com [66.134.75.55]
| 2005-03-24 14:17:28 1DEadm-0004XA-Vj Completed

It was an error message that originated on my test machine and
completed on Mike's machine.

and Fred said:

> That's obviously an extract from an exim log. If that's what Mike is
> seeing, he's running exim, not Exchange.

Yes, that's my log, on the machine where I originated the spam,
showing that the bounce message went to Mike, even though the envelope
sender was forged by me to be Mike. I didn't see the bounce at all --
except that he sent it to me since we're in cahootz.

>
> | I mean. Errors give collateral spam too, even when they are generated
> | at smtp time.
>
> Only if the offending message was offered by a relay MTA, then it
> will generate a DSN that could be collateral spam. But that would be

So, my machine offered the offending message -- to another of my
machines. All exim, of course.

Is there some reason why a spammer won't do what I did?

> its fault for accepting the message for relay in the first place, not
> your's for rejecting an unwanted message.
>
> | And, putting the challenge on the smtp connection doesn't help
> | anything afterall.
>
> It helps with collateral spam. But that doesn't make it a good thing
> to do...

It only helps with collateral spam if the original spam told the truth
about the envelope sender?

Why would a spammer tell the truth on the envelope sender and not in
the headers?

Thank you.

Marilyn

>
> - Fred
>
>
>
>
>
>

--



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Heads up?Re: [exim] Heads up?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)