[Techtalk] bogus bounces--WTF?
Michelle Konzack
linux4michelle at tamay-dogan.net
Tue Oct 14 23:50:09 UTC 2008
Hello Carla,
Am 2008-10-13 21:10:54, schrieb Carla Schroder:
> What's with all the skillions of bogus email delivery failures I'm seeing
> lately? All from .ru domains. Are they spams, and this is supposed to make me
> curious and read them, and then lose my mind and buy stuff? Most of them are
> unreadable anyway, they're either in bad HTML that doesn't render, or
> Cyrillic characters.
Ufff, -- I was some days offline and since Monday I am trying to empty
my Mailbox <linux4michelle> in a Internet Cafe but I can not get more
then 1600 per hour... and now I have problems with thenb 18.000 spams
or backscatters from "MAILER-DAEMON", "postmaster" and "noreply".
Currently I have over 56.000 (2008-10-14 18:05 CEST) to download...
Now I have installed a small procmail recipe (a little bit striped):
----[ '/usr/share/tdtools-procmail/FLT_backscatter' ]-------------------
:0
* ^To:.*(linux4michelle|michelle\.konzack|erotic4michelle|ml4michelle)@(tamay-dogan.net|freenet\.de)
* ^From:.*(MAILER-DAEMON|postmaster|noreply)
* ! ^From:.*freenet\.de
* ! ^From:.*pinguin-hosting\.de
* ! ^From:.*tamay-dogan\.net
* ! ^X-Loop:.*backscatter killer
{
VAR0=`formail -czx To:`
VAR1=`formail -I Return-Path: -I Sender: -r -t -czx To: |sed 's|.*@|@|'`
VAR2=`date --rfc-822 `
VAR3=`cat`
:0fw
| (formail -I "Return-Path:" -I Sender: -r -t \
-a "Message-ID:" \
-I "Return-Path: <>" \
-I "From: ${VAR1}" \
-I "To: abuse${VAR2}, postmaster${VAR2}" \
-I "Date: ${VAR3}" \
-I "User-Agent: tdtools-procmail v 2.0.0" \
-I "Mime-Version: 1.0" \
-I "Content-Type: text/plain; charset=us-ascii" \
-I "Content-Disposition: inline" \
-A "X-Loop: backscatter killer" ; \
echo "Hello backscatter sender." ; \
echo "" ; \
echo "You get this message since you have send me more then 5 of them." ; \
echo "" ; \
echo "Because I am 100% Linux User and your messages seems to come from" ; \
echo "Outlook, you are an asshole, sending me this backscatters. Your" ; \
echo "Mailserver is definitively broken since it does respond to Fake-Headers." ; \
echo "" ; \
echo "Do not spam me again with this shit..." ; \
echo "Otherwise you must calculate with a DoS on your Mailsystem." ; \
echo "" ; \
echo "###################### Original Message Follows ######################" ; \
echo "${VAR4}" |sed 's|^|> |g')
:0c
|sendmail -t
:0
.ATTENTION.${YYYY_MM}.FLT_backscatter/
}
:0
* ^X-Loop:.*backscatter killer
.ATTENTION.${YYYY_MM}.FLT_backscatter_oops/
------------------------------------------------------------------------
This is definitively radical, but it has not hit a singel False-Positive.
Oh, <abuse at googlemail> has found my Telephone number on my website and
gaved me a call to stop bombing there abuse/postmaster E-Mail with over
4000 messages... Since then I have not more received a singel
backscatter from <googlemail>.
I should notem that I have installed this script on my hosted Server and
I am downloading my messages normaly per GSM/GPRS/EDGE/UMTS/HSDPA which
is quit expensive (for the first 500 MByte 35 Euros and then for each
MByte more 0.10 Euro)
Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator
24V Electronic Engineer
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
+49/177/9351947 50, rue de Soultz MSN LinuxMichi
+33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
More information about the Techtalk
mailing list