[Mailman-Users] Bounce issues with Yahoo

Jon Krause data2 at cablespeed.com
Wed Mar 1 22:23:40 CET 2006

Wednesday, March 01, 2006 3:57 PM - Greg wrote:

> > Why not disable those notification messages completely and discard the
> > incoming messages from nonmembers?
> Because I have a lot of users with several email addresses who forget
> which one they're subscribed as. I care about every posting.
> > By silently discarding it, I am not confirming for them that there
> > is a live e-mail address there and (hopefully) reducing the number
> > of attempts to spam the address in the future.
> Almost all of the spam I get has a faked return address, so this
> reasoning does not apply.
> -- greg
> ------------------------------------------------------

    Imagine I'm evil-spammer-dude.  Once I have your mailing list addresses
imagine I generate 20,000 spams to one or all of your lists.  Each spam has
a forged address from the @yahoo.com domain.  Your list in turn "replies"
most courteously to the "forged address" that the address is not a member
and can't post to your list.  Now ~you~ are spamming Greg!
    Well, as evil-spammer-dude, I could not thank you more!  You are helping
me get my spam into the yahoo.com network.  You see Greg, as
evil-spammer-dude I don't care how it gets there, it doesn't have to look
pretty.  It can come packaged as a bounce.

Yahoo is doing what they have to do, sorry about your luck.

Have you received similar emails in your personal mailbox?

    I work at an ISP were we have been targeted with a form of this
"attack".  Thanks to IDP and mailserver tuning we have been able to keep our
60,000 email accounts flowing fairly smoothly with little hardware impact.
I have heard of other ISP's that have not faired so well.  Don't be
surprised or angered if you get targeted by one or more of these people and
it brings your servers to a screeching halt.  You are apparently on
someone's radar....

Best of luck, Jon

More information about the Mailman-Users mailing list