[Dshield] Undeliverable: 1hi20609

Josh Tolley josh at raintreeinc.com
Thu Nov 14 16:46:00 GMT 2002


I wonder if this is similar to backscatter you see when someone is
spoofing your IP address? For instance, say a spammer gets his filthy
mitts on my email address. He sends me 6000 advertisements for products
I can use to enhance my private relationships, I never respond, and
finally he gives up and moves on to someone else, meanwhile selling my
address to another of his despicable ilk for a healthy profit. Then he
starts building emails with tweaked headers such that they look like
they're coming from me (i.e. From: myaddress at mydomain.com and Reply-To:
myaddress at mydomain.com) and spraying them across the internet to any
address he can find. Some percentage might be bounced while his server
is talking to the targeted server, but some are probably bounced later
on, and the only address the target server can logically bounce back at
is my address buried in the email headers, so my inbox is filled up with
backscatter from address spoofing. Having said all that, does it really
happen? I haven't experimented with the idea, just thought about it. 

Josh Tolley, GSEC

> -----Original Message-----
> From: list-admin at dshield.org [mailto:list-admin at dshield.org] On Behalf
Of
> dom_netdata_default
> Sent: Tuesday, November 12, 2002 6:11 AM
> To: list at dshield.org H
> Subject: [Dshield] Fwd: Undeliverable: 1hi20609
> 
> hi guys
> 
> I am getting this strange E mail on my mailbox, telling me that a
message
> I
> sent was undeliverable.
> 
> right but I never sent such message to that recipient (eint (
> dave305 at aol.com)
> 
> 
> Do you have any idea how that happened please ?
> 
> I sick of hackers on my network, spamming of unwanted mail (sex,
> pedophilia
> whatever on top of that I never chat, and my only list is Dshiekd that
I
> do
> trust.
> 
> I love computers but really i getting sick of that c....p !!!!
> 
> Dominique "for once loosing it" Fiori
> 
> 
> 
> ----------  Forwarded Message  ----------
> 
> Subject: Undeliverable: 1hi20609
> Date: Mon, 11 Nov 2002 23:30:51 -0500
> From: System Administrator <postmaster at WoodRiverCapital.com>
> To: dominiquefiori at numericable.fr
> 
> Your message
> 
>   To:      Undisclosed Recipients
>   Subject: 1hi20609
>   Sent:    Tue, 12 Nov 2002 14:28:12 -0500
> 
> did not reach the following recipient(s):
> 
> cletusc10 at genie.net on Mon, 11 Nov 2002 23:30:45 -0500
>     The recipient name is not recognized
> 	The MTS-ID of the original message is: c=us;a= ;p=wood river
> capit;l=NYCMAIL0211120430WV01PJP7
>     MSEXCH:IMS:Wood River Capital Management:NYC_WOOD_RIVER:NYCMAIL 0
> (000C05A6) Unknown Recipient
> cletusc10 at geocities.com on Mon, 11 Nov 2002 23:30:45 -0500
>     The recipient name is not recognized
> 	The MTS-ID of the original message is: c=us;a= ;p=wood river
> capit;l=NYCMAIL0211120430WV01PJP7
>     MSEXCH:IMS:Wood River Capital Management:NYC_WOOD_RIVER:NYCMAIL 0
> (000C05A6) Unknown Recipient
> cletusc10 at genie.com on Mon, 11 Nov 2002 23:30:45 -0500
>     The recipient name is not recognized
> 	The MTS-ID of the original message is: c=us;a= ;p=wood river
> capit;l=NYCMAIL0211120430WV01PJP7
>     MSEXCH:IMS:Wood River Capital Management:NYC_WOOD_RIVER:NYCMAIL 0
> (000C05A6) Unknown Recipient
> 
> -------------------------------------------------------
> 
> 





More information about the list mailing list