Autor: Marilyn Davis Data: A: exim-users Assumpte: Re: [exim] Anti Phishing Trick
On Thu, 25 Aug 2005, Marc Sherman wrote:
> Marilyn Davis wrote:
> >>
> >>I don't know what "collateral mail" is. The term I used, "collateral
> >
> > I mean all mail that is automatically generated because of some
> > incoming mail, for any reason.
>
> That's generally referred to as either DSN, bounce, or auto-response
> (for the case of vacation and similar messages). "Collateral mail" is
> not a commonly used term, and people will think you're talking about
> collateral spam (ie: secondary spam, sent to an innocent third party, as
> a bounce of the primary spam; cf. collateral damage).
I see. I guess it would be nice to have a term for all auto-responded
mail, or maybe that's it: auto-response.
>
> > I think of "spam" as advertising email. But maybe you also think of
> > it as Joe Job email, which is evil prank email. The Joe Jobs I've
> > experienced were an evil destructive attack on a political group and
> > did not look like advertising so that they wouldn't be stopped by spam
> > filters.
> >
> > Advertisers have nothing to gain by forging a legitimate victim sender
> > address. In fact, they lose that victim as a customer. Do your users
> > experience a lot/any of that?
>
> A lot of joe jobs mail these days aren't intended as an attack against
> the purported sender, but rather just use their address simply to get
> through mail servers which do callout verification. Since the purported
> sender address exists, the callout will succeed, and the message will be
> delivered.
>
> I know that the couple times I've been hit by a joe job, I haven't been
> able to trace it to anyone who would have any reason to attack me.
