Well, if I was putting the same time and energy into what I do, except for free, I suppose I would be a little more than frustrated too. :-)
He did respond to my email , he was very cool about things. His first email was kinda stern sounding, but he sounded much more relaxed after my response - probably relieved that we actually answered our postmaster box with a real person instead of an autoresponse. - Tony > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Matthew Lohr > Sent: Friday, March 08, 2002 3:13 PM > To: [EMAIL PROTECTED] > Subject: MISSING_REVERSE_DNS:Re: [Declude.Virus] Identifying the right > postmaster to sendvirus notifications to > > > i got the same message from him alot of spammers are using that > mypersonalemail.com as theri spoofed domain. He runs a free > email service by himself and i had exchanged a few more emails > with him. He is a pretty nice guy really just pissed off with > what spammers are doing to him > > > ---------- Original Message ---------------------------------- > From: "R. Scott Perry" <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > Date: Fri, 08 Mar 2002 11:11:08 -0500 > > > > >>Below are the headers of a message that got caught by the CR > vulnerability > >>test in Declude Virus. I got an email from the > >>[EMAIL PROTECTED] bitching me out because I was an > idiot, as an > >>admin I should know how to read headers, and that the headers clearly > >>indicate that this email had nothing to do with > @mypersonalemail.com, and > >>that my bounce messages getting sent to him are just as bad as > the spam they > >>are generated from. From what I can tell, he's really right > (except about > >>the idiot part. :-)). > > > >The remote postmaster bounce messages by default go to the postmaster at > >the domain that was used to send the message, which is often NOT > shown in > >the headers. That's the "return address"; the same address that bounce > >messages will go to. > > > >>X-Intouch-Note: Sender:[[EMAIL PROTECTED]] > > > >In this case, the spammer used an address at mypersonalemail.com > for bounce > >messages to go to, so that is the address that Declude sent > >to. Unfortunately, spammers often forge addresses that they > use. This can > >cause collateral damage to the postmasters at those domains (who people > >will send spam complaints to), as well as notifications such as these. > > > >>How can we handle this? We don't want to disable notifications > altogether > >>(and I think that's our only option in D.Virus, on or off). > Most (if not > >>all) of the CR catches are SPAM. Can notifications for ALL > other tests that > >>Declude Virus does be seperated from the 'generic' virus > notification, much > >>like the bannotify.eml does? > > > >That is something that we are planning to add. In the meantime, it is > >possible to turn off the Outlook CR Vulnerability test (with a line > >"BANCRVIRUSES OFF" in the virus.cfg file). > > -Scott > > > >--- > >[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > >This E-mail came from the Declude.Virus mailing list. To >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and >type "unsubscribe Declude.Virus". You can E-mail >[EMAIL PROTECTED] for assistance. You can visit our web >site at http://www.declude.com . > ________________________________________________________________ Sent via the WebMail system at lohrtech.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com . --- [This E-mail was scanned for viruses by http://www.intouchmi.com] --- [This E-mail was scanned for viruses by http://www.intouchmi.com] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .
