From owner-freebsd-questions@freebsd.org Mon Jun 6 17:17:59 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id ABCA5B6DA29 for ; Mon, 6 Jun 2016 17:17:59 +0000 (UTC) (envelope-from jd1008@gmail.com) Received: from mail-it0-x22e.google.com (mail-it0-x22e.google.com [IPv6:2607:f8b0:4001:c0b::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 73898119D for ; Mon, 6 Jun 2016 17:17:59 +0000 (UTC) (envelope-from jd1008@gmail.com) Received: by mail-it0-x22e.google.com with SMTP id z189so48570457itg.0 for ; Mon, 06 Jun 2016 10:17:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-transfer-encoding; bh=LF0KG065cHe6Dl74kuGOygi6DyVkWfM9xVUMDHeuZF0=; b=fOWLVascshWHw4O8qhREXgOSBhT6B8vaBqFKhyqwXGlNL4H6iViY4rSa5UpoDmpZAq x66D6HG5hSQ/GzQsQJSr4zl3tggwCTKNW/YChMjQ6wcQ8FlV7IvdbrnnmMe0riUnQwly DR59h+3RghzfHSES+sS3SuOazlvvgy+7zYNloToeHFpqNyCVPf07CHDNq9MMQ14i3JV2 z4EuBlfVp/UuaTTJ1lcCPJYlgYos9qwG9NAhhCnjY3J88tPBKp/RRoj2DGh3mM6sE0Sk DcN6CrinpSSZMkXGjMXPnCrKcSgX+1Z2BDJH3qDuzYE/RIHD68cKjsOMOh7oia5KI6Dl XbGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-transfer-encoding; bh=LF0KG065cHe6Dl74kuGOygi6DyVkWfM9xVUMDHeuZF0=; b=TL1jNpvtIGf7aMMaavi5Pz3XwJOT58Nl2WYD8xSTjgR7PnJzW5NKgUV4cQp5GuVMiD DxGjjnn088unwkiu9gP/ZO1YexbROy3a8PYoXqlC3BHL47zqJPYApVLFob7DyOjsQEFt kM03Qe3cu+FA/kS6fUjLFe5maDgiKuNtHjlwOgt+2Ug11H5L1MKcrttEHii1y5HY5doQ JgEdO1H7UM7Uif59ORKnLjQfSCb7Br1RMDBIyqnJxGrDwx5i0BtXxHWu/ZlyOOSxKGMh 2Dntfws0oCAPSG9vuVt67YiRxbHGANANSVAvM5dI+bLLR6FuC5Bzk0kQIwNCskXdg4uM hTEQ== X-Gm-Message-State: ALyK8tJAz1RPUjLK1ns5Mk/tn1ULRX+CnRG+K12zt6QrS+bgjH6e9oo0CzwAuyCdxENCkA== X-Received: by 10.36.90.73 with SMTP id v70mr18339449ita.10.1465233478687; Mon, 06 Jun 2016 10:17:58 -0700 (PDT) Received: from localhost.localdomain ([50.243.4.3]) by smtp.googlemail.com with ESMTPSA id v36sm5124343iov.35.2016.06.06.10.17.56 for (version=TLSv1/SSLv3 cipher=OTHER); Mon, 06 Jun 2016 10:17:57 -0700 (PDT) Message-ID: <5755B043.9090303@gmail.com> Date: Mon, 06 Jun 2016 11:17:55 -0600 From: jd1008 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Undeliverable: Re: sh[it] and What am I missing here? References: <5754C2E0.5090606@gmail.com> <7d120d78-53ab-a9df-9fe6-019d4e14a06d@columbus.rr.com> <5754D3E1.5070305@gmail.com> <726b9c4d-2f90-a3d8-d9c2-16a2bb3636e6@radel.com> <57081.76.193.16.11.1465182258.squirrel@cosmo.uchicago.edu> In-Reply-To: <57081.76.193.16.11.1465182258.squirrel@cosmo.uchicago.edu> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2016 17:17:59 -0000 The harvester IS the very domain from which the spam is bouncing at us. If someone would please unsubscribe the user whose email is at that domain, we can all move on from this. On 06/05/2016 09:04 PM, Valeri Galtsev wrote: > On Sun, June 5, 2016 8:40 pm, Jon Radel wrote: >> On 6/5/16 9:37 PM, jd1008 wrote: >> >>> If the fake user is at the server in question, that server replies to >>> the list with a spam. >> Actually, in this case it appears that the "fake" bounce messages are >> sent to the sender, not the list. >> >> I suspect I'm about to find out. Unless, of course, my spam filters are >> up to snuff. > >From all what you guys said it sounds like something on this mail list is > harvesting poster's e-mail addresses, and then [likely different server] > sends each of the posters this sort of spam directly. There is virtually > no way to catch the harvester. As far as the server that spam comes from > is concerned, all we can do is to block it on the side of our own servers. > I will likely to find out more detail, namely the IP that delivered these > messages after my post comes through and I receive my personal spam > message. Once I get that myself, then I will block them on the side of my > servers. It doesn't matter for me whether it is just rogue server, or some > brain dead "sysadmin" poorly configured his server, which is just sending > so called "backscatter". Either way, the box will be blocked without > regret. > > Sorry about adding to background nose ;-( > > Valeri > > PS Some people prevent this sort of abuse by doing the following. They > create aliases for each mail list they subscribe to, and then, whatever > comes to that alias is being thrown away, except for mail coming through > that particular mail list. You should be careful and always post From > particular alias... >