On Mon, Dec 02, 2002 at 11:49:09PM +0100, Andreas Fuchs wrote: > Right. I just thought up a scheme to exploit this, based on the fake > source-IP address approach you find in descriptions of ping-floods.
Wow, you're pretty smart. Nobody has thought of this before, especially not the authors of said programs. > a) Spammer finds an autoresponder > b) Spammer sends many mails with Reply-To: header chosen from a > know-to-work address list > c) Reply-To:ed people receive the bounced mail and are annoyed. d) Andreas Fuchs figures out how the programs he is bashing actually work. > Thus, my conclusion: These things are evil. Don't use them or somebody > might use them against you, eventually. This sounds vaguely like religion -- you haven't even taken the time to see how these filters work yet you are decrying them as "evil". They happen to be the most effective filtering solution at present, and they definitely beat the "everyone registers their SMTP server" solution that's currently being pushed in certain technical forums. Someday this type of software may be rendered ineffective by some new spammer invention, and at that time it will be easy enough to just turn it off and use something else. --Adam -- Adam McKenna <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
