North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: backscatter hosts

  • From: John Capo
  • Date: Wed May 19 12:21:22 2004

Quoting Steven Champeon (schampeo@hesketh.com):
> 
> It's not really my business why a hotmail.com MX accepted mail it
> couldn't deliver. I could care less /why/. It's up to hotmail to fix
> their systems - I don't care how they perform that background check on
> quota. 

Exactly.

> 
> It's my business that over the past sixty days, we've had to reject over
> 23K of these, and had rejected some 130K in three weeks during March, at
> the peak of the joe job. At one point, backscatter accounted for 70% of
> my inbound email traffic on one host. Almost made the usual spam and
> virus look like background noise.
> 

36K backscatter rejects from hotmail yesterday but only 2K from
AOL.  AOL has really got their act together compared to hotmail,
verizon, comcast, and the like.

May 18 00:00:05 mx1 postfix/smtpd[11977]: 6F8F315DC0: reject: RCPT from mc1-s21.bay6.hotmail.com[65.54.163.161]: 550 <xjlljuzisexmj@tuffmail.co.uk>: Recipient address rejected: User unknown; Probably forged by Alan Ralsky; from=<> to=<xjlljuzisexmj@tuffmail.co.uk> proto=ESMTP helo=<mc1-s21.hotmail.com>

It was 80K daily from hotmail till I dropped the MX records for 4
of the domains being forged.  If anyone would like to test their
capability to reject 1+ million a day I can point the MX records
to your servers. :-)

John Capo
Tuffmail.com