Hi, Greg Wooledge wrote: > The "forged bounce messages" (for lack of a better term) are coming > from someone who *is* subscribed. They've set up some sort of auto-responder > which is generating one of these messages every time they receive a > message from the list.
This would be a novel application of mail Bounce Attack aka Backscatter, which is normally used to smuggle spam content around the filters. If so, then not you get spoofed but rather the Debian list server is too credulent towards DSN messages. This would also explain why the headers of the quoted message from postmas...@vps268904.ovh.net do not look like a message that was resent from debian-user. Instead it was payload of a forged bounce message. Have a nice day :) Thomas
