Comments | ljspeaks: (без темы)

adameros in ljspeaks

(Untitled)

Dec 17, 2008 15:31

This is something I wrote in my journal, after once again getting spam routed through LJ. I've reported this to abuse a few times and they say "we can't do anything about it. So I sent them code to use in Mimedefang, which would stop the spam. So now I'm hoping a public posting might get more action. If you are getting forged mail from your lj ( Read more... )

Comments 9

unkickablekitty December 18 2008, 00:14:31 UTC

Hey, could you put the code bits under a cut? :)

adameros December 18 2008, 00:18:51 UTC

Done.

unkickablekitty December 18 2008, 00:19:28 UTC

Thank you!

the_cynic December 18 2008, 13:03:43 UTC

ummm....poor initial assumptions here....

No one is telnetting to LJ's SMTP ports to send you Spam. You're receiving the mail from LJ's SMTP cause that's how email forwarding works. Any mail addressed to you@lj.com is gonna come from there.

adameros December 18 2008, 14:50:48 UTC

It is being forged because both the To and From address say adameros@livejournal.com. But the mail headers show the mail is coming from some non-livejournal ISP.

Here are the relevent headers from the last one I got:

Received: from mail.livejournal.com (smtp.livejournal.com [208.93.0.50])
by mx.google.com with ESMTP id s27si3002532qbs.11.2008.12.17.15.01.49;
Wed, 17 Dec 2008 15:01:49 -0800 (PST)
Received-SPF: pass (google.com: domain of adameros@livejournal.com designates 208.93.0.50 as permitted sender) client-ip=208.93.0.50;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of adameros@livejournal.com designates 208.93.0.50 as permitted sender) smtp.mail=adameros@livejournal.com
Received: from 74.sub-75-200-132.myvzw.com (196.sub-75-203-1.myvzw.com [75.203.1.196])
by mail.livejournal.com (Postfix) with ESMTP id B3E101E2535
for ; Wed, 17 Dec 2008 23:01:47 +0000 (UTC)
To:
Subject: Look out in window )
From:
The like I said, the mail is To: and From adameros@livejournal.com, but the mail ( ... )

the_cynic December 18 2008, 15:19:17 UTC

And how exactly is it LJ's problem that email headers are being forged? I can send an email claiming to be anyone I want to be. If the email you received was from "president@whitehouse.gov" would you be calling them to update their filters? The whole point of a forwarding system is that the ultimate recipient should be responsible from Spam/Virus checking, not the forwarding agent.

adameros December 18 2008, 15:51:27 UTC

Because, if they don't want to get block by the RBL's, they should to reasonable action to prevent their hosts from being spam gateways.

As a mail admin, I fight this crap on a daily basis, and I can say this is one of the easiest forms of spamming to block, if they relay being used by spammers are willing to take responsibility for their own servers.

Thread 6