fpsupport (was Re: segmentation violation in fp)

Bill Vermillion fp at wjv.com
Wed Aug 18 18:55:01 PDT 2004 

I know you'll find it hard to believe, but on Wed, Aug 18 19:50 , Fairlight
actually admitted to saying:" 

> You'll never BELIEVE what Kenneth Brody said here...:
> > Fairlight wrote:
> > [...]
> > > Well I guess it's a good thing I opened up my /dev/null rule for
> > > Mailer-Daemon then, or I'd never have seen it.

> > If you /dev/null all bounces, how would you get "real" bounces?  I
> > would think that you would at least whitelist your ISPs bouncer
> > address, even if you blacklist everyone else's.

> When I did it, I'd had enough. I didn't -care- anymore. Since
> Kelly and I are the only ones that send legitimate mail from
> fairlite.com, and we actually know what we're doing, I just
> said forget it, if I screw up, it's my mistake.

> Bill Vermillion and I were having a discussion about such
> miscellania about a month ago and after that talk I decided to
> exchange it for a less draconian block, so now if any of our
> legitimate addresses are also found in the body of a bounce,
> we'll get them.

> > > fairlite.com (for whatever reason) has been "hijacked"
> > > in several spam campaigns, where they just spam a
> > > continent-load of people with random-letter addresses like
> > > alkhgasdww at fairlite.com, and -I- get all the bounces.

> > It happens to every domain at one time or another. Rather
> > than generating entire user at domain names, they send random
> > usernames, but fix the domain name for a while. Then they
> > proceed to forge another domain name.

> Yeah, but it's happened to me THREE times in the last year.  I'm...a
> -little- peeved.  :)

When you have a domain that comes up #1 on Google and MS with no
hype it gets nasty.

I was averaging over 300,000 spam emails a day to random user at
springbreak.com. I'd see emails with a list of alphabetically
sequenced names. So all legitimate names were removed from the
web pages, and any contacts were in graphics and NOT using the
domain name. There are legitimate places on the site to find
contacts.

Then I removed all MX records for that domain, and I dropped down
to 50,000-60,000 spams per day.   They would send mail to the IP
of the web site.

So - I did something unorthodox.  I aliased a name onto localhost
and used that as the MX record, so that when someone tries to send
name to that domain, it uses 127.0.0.1 and never leaves the local
machine.  I just checked a moment ago.  I got 148 bogus emails
today - 22 hours.  And all those get routed to /dev/null.

But that many emails day was causing the machine to wheeze a
little.  It was not my most powerful machine and is in reality just
a secondary MX for other domains.  But that was still a lot of
bandwidth - and two processes for each incoming mail to boot.

And it does impact the monthly bandwidth charges to some degree.
I'll do the math for you.  300,000 * 30 = 9,000,000 bogus emails
per month.  Considering it's probalby the worlds smallest ISP it
got a LOT of mail.

Bill
-- 
Bill Vermillion - bv @ wjv . com

More information about the Filepro-list mailing list