It's just this little chromium switch, here... (derspatchel) wrote,
It's just this little chromium switch, here...
derspatchel

JOE-JOBBED!

Recently I noticed a spike in the number of "Undeliverable" messages being dropped in my inbox. I've been getting maybe two or three a day now, and I just got three in the last few hours alone. Normally I don't touch 'em and just delete them outright, because the last time this happened, it was due to a virus sending out fake bounce messages with the payload in an attachment. Shrug, says, I, and just delete em.

Only today I bothered to open one and read it. It was a legitimate bounce, all right ("no such user exists at this address") and was sent to a gibberish username on my hosted domain (as spatch.net is a catch-all for email, all mail sent to anything@spatch.net will come directly to me.)

This was the headers on the mail that they bounced back to me:
Received: from scl8vwall01.int.exodus.net ([66.35.230.240]) by
    ussc8bh02.Global.Cwintra.Com with Microsoft SMTPSVC(5.0.2195.5329);
         Thu, 15 Apr 2004 05:20:53 -0700
Received: from 204.71.7.11 by scl8vwall01.int.exodus.net (InterScan E-Mail
    VirusWall NT); Thu, 15 Apr 2004 05:20:53 -0700
Received: from 221.124.71.195 ([221.124.71.195])
        by usrp1ry01-int.global.cwintra.com (8.12.9/8.12.9) with SMTP id
    i3FCKSDM008707
        for <jeremiel@cwusa.com>; Thu, 15 Apr 2004 05:20:32 -0700 (PDT)
Date: Thu, 15 Apr 2004 05:20:28 -0700 (PDT)
From: "Hamlet Boganski" <nmrakvpakykmbn@spatch.net>
X-Mailer: The Bat! (v1.53d)
Reply-To: "Hamlet Boganski" <nmrakvpakykmbn@spatch.net>
X-Priority: 3 (Normal)
Message-ID: <8949925454.20040415072035@spatch.net>
Subject: dr..ugstor..eoffer ##.. che.apmedicine ..... 3  !
Now here's where I get mad. If you can't decipher it, that's all right. Here's what's happening.

The spammers have grabbed my domain, spatch.net, and thrown it into a program that generates fake email headers, inserting my domain into the From:, Reply-To: and Message-ID: headers (you can tell I did not send the message due to the IP and host, exodus.net, in the first "Received:" line there.)

The worthless spammers are now doing their job hidden under my domain's name, as well as, one can imagine, the domains of many other innocent people. Instead of your email address being harvested just to sell to, now your address can be harvested and exploited as well! My god, I love technology.

Now I wonder how many catch-all automatic "we don't care, the name was on it" blacklists my domain's been placed on (sup SPEWS, you completely fucking worthless service) and how many email messages may have potentially never gotten to their intended destination because of this. If I've lost even one potential job offer because my emailed resume was never received, then that's grounds for nothing but sheer and unrestrained anger.

I mean, it's one thing to grab my email address and send me ads I don't want. Big deal. I delete 'em, they don't bother me. I get annoyed if the signal:noise in my inbox goes above comfort levels, but still, I can just add some more procmail recipes or something if it really gets bad. But to have my domain used by spammers? Even if in name only? To have my domain misrepresented and exploited so that, with one more layer of subterfuge, they remove themselves from the heavy burden of receiving "undeliverable" bounce messages? That's when I get mad.

Only I can't do anything. Tracking one dood down by his IP and yelling at his ISP won't do me a damn lick of good. He'll just find another provider, or go to another account already set up. There's no legal recourse (oh, how laughable) and no way of getting any kind of satisfaction or justice from this. All I have is cheap obscenity-tinged "fleas on amoebas on rats" rhetoric and not much else, besides the mental image of "bulk email deployment specialists" being taken out onto the street and given curbies, American History X style.

Good god, I'm pissed. SMTP seems useless nowadays. I mean, it wasn't created with the abusive kinds of personalities in mind. It worked far better when everybody actually used it properly. I think it's time to shut down the Intar Web and start all over again.
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 12 comments