From owner-freebsd-questions@freebsd.org Mon Jun 6 03:04:26 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0131AB6A937 for ; Mon, 6 Jun 2016 03:04:26 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.70.90]) by mx1.freebsd.org (Postfix) with ESMTP id D137019F3 for ; Mon, 6 Jun 2016 03:04:25 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: by cosmo.uchicago.edu (Postfix, from userid 48) id 94984CB8CA0; Sun, 5 Jun 2016 22:04:18 -0500 (CDT) Received: from 76.193.16.11 (SquirrelMail authenticated user valeri) by cosmo.uchicago.edu with HTTP; Sun, 5 Jun 2016 22:04:18 -0500 (CDT) Message-ID: <57081.76.193.16.11.1465182258.squirrel@cosmo.uchicago.edu> In-Reply-To: <726b9c4d-2f90-a3d8-d9c2-16a2bb3636e6@radel.com> References: <5754C2E0.5090606@gmail.com> <7d120d78-53ab-a9df-9fe6-019d4e14a06d@columbus.rr.com> <5754D3E1.5070305@gmail.com> <726b9c4d-2f90-a3d8-d9c2-16a2bb3636e6@radel.com> Date: Sun, 5 Jun 2016 22:04:18 -0500 (CDT) Subject: Re: Undeliverable: Re: sh[it] and What am I missing here? From: "Valeri Galtsev" To: "Jon Radel" Cc: freebsd-questions@freebsd.org Reply-To: galtsev@kicp.uchicago.edu User-Agent: SquirrelMail/1.4.8-5.el5.centos.7 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2016 03:04:26 -0000 On Sun, June 5, 2016 8:40 pm, Jon Radel wrote: > On 6/5/16 9:37 PM, jd1008 wrote: > >> If the fake user is at the server in question, that server replies to >> the list with a spam. > > Actually, in this case it appears that the "fake" bounce messages are > sent to the sender, not the list. > > I suspect I'm about to find out. Unless, of course, my spam filters are > up to snuff. >From all what you guys said it sounds like something on this mail list is harvesting poster's e-mail addresses, and then [likely different server] sends each of the posters this sort of spam directly. There is virtually no way to catch the harvester. As far as the server that spam comes from is concerned, all we can do is to block it on the side of our own servers. I will likely to find out more detail, namely the IP that delivered these messages after my post comes through and I receive my personal spam message. Once I get that myself, then I will block them on the side of my servers. It doesn't matter for me whether it is just rogue server, or some brain dead "sysadmin" poorly configured his server, which is just sending so called "backscatter". Either way, the box will be blocked without regret. Sorry about adding to background nose ;-( Valeri PS Some people prevent this sort of abuse by doing the following. They create aliases for each mail list they subscribe to, and then, whatever comes to that alias is being thrown away, except for mail coming through that particular mail list. You should be careful and always post From particular alias... ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++