Date: Thu, 20 Jul 2000 23:20:50 +1000 From: Sue Blake <sue@welearn.com.au> To: David Schwartz <davids@webmaster.com> Cc: Brad Knowles <blk@skynet.be>, Brett Glass <brett@lariat.org>, Rahul Siddharthan <rsidd@physics.iisc.ernet.in>, freebsd-chat@FreeBSD.ORG Subject: Re: ORBS vs MAPS Message-ID: <20000720232048.E4376@welearn.com.au> In-Reply-To: <NCBBLIEPOCNJOAEKBEAKIEDMJNAA.davids@webmaster.com>; from David Schwartz on Thu, Jul 20, 2000 at 03:02:31AM -0700 References: <v0422080bb59c7463b629@[195.238.1.121]> <NCBBLIEPOCNJOAEKBEAKIEDMJNAA.davids@webmaster.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 20, 2000 at 03:02:31AM -0700, David Schwartz wrote:
>
> > At 1:40 AM -0700 2000/7/20, David Schwartz wrote:
> >
> > > So you are saying that if they are testing 'mail.foo.com',
> > > they don't try
> > > claiming that their mail is from 'foo@mail.foo.com'? If not,
> > > they wouldn't
> > > catch open relays that allow any mail with a local sender address.
>
> > No, that's clearly one of the things they do try, but I believe
> > that they use an envelope sender address something like
> > "orbs-tester@mail.foo.com", so as to give you an indication that this
> > is a test.
>
> > They aren't trying to hide their identity, and they aren't
> > forging the headers, because headers != envelope address.
>
> No law that I know of makes any such distinction. HR3113 is typical of
> anti-spam laws, and it states "... any domain name, header information, date
> or time stamp, originating electronic mail address, or other information
> identifying the initiator or the routing of such message ... is false or
> inaccurate.
>
> The are trying to trick your mail server into relaying for them. That's
> exactly the same thing the spammers do. They have no right to do so without
> permission.
>
> They specifically and deliberately provide incorrect information to obtain
> access to someone else's machine that they wouldn't otherwise have. The
> specific incorrect information they provide is the originator of a request
> for access or service. I think you'd find it hard to locate a country
> outside the third world where this is legal.
And so is mail bombing. They fired a barage of tests at my poor little
hard working 386 this morning, probably causing its entire resources to
be devoted to those processes for some time. A DOS attack, spam
attempt, _and_ attempted illegal access to a computer network? If only
they knew who they're messing with, they'd wet their nappies in fear.
--
Regards,
-*Sue*-
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000720232048.E4376>