Cloud-based scanning

Glenn Steen glenn.steen at gmail.com
Mon Mar 9 12:42:56 GMT 2015


As said, potential spam reflector... Yuk.
Good explanation Steve, thanks for that!

Cheers!
-- 
-- Glenn
Den 9 mar 2015 12:26 skrev "Steve Freegard" <steve.freegard at fsl.com>:

> On 06/03/15 19:12, Denis Beauchemin wrote:
>
> > 2- it looks like emails to invalid addresses are handled correctly as
> you can see in the following email I received after sending from gmail:
> > smtpe2.usherbrooke.ca rejected your message to the following email
> addresses:
> >
> > toto at usherbrooke.quebec
> > The email address wasn't found at the destination domain. It might be
> misspelled or it might not exist any longer. Try retyping the address and
> resending the message.
> > If that doesn't work, contact the recipient (by phone or instant
> messaging, for example) to check that the address is correct. If the
> problem continues, forward this message to your email admin.
> >
> > For Email Administrators
> > For more tips to help fix this issue, see DSN 5.1.1 Errors in Exchange
> Online and Office 365.
> >
> > smtpe2.usherbrooke.ca gave this error:
> > <toto at usherbrooke.quebec>... User unknown
> >
>
> Unfortunately - that isn't really the 'proper' way.   They're doing what
> I expected they'd do - they're accepting the message and bouncing it
> afterwards (instead of rejecting it outright at receipt and making the
> originating hop bounce it without it leaving their system).
>
> Basically - if a spammer decided to send mail to a bunch of old expired
> (or simply invalid) userbrooke.queuec addresses as recipients with a
> spoofed-but-valid return-path, then the poor owner of the spoofed
> address would get a load of backscatter in return (from Microsoft).
>
> Helpfully too - Microsoft attach the original mail to the bounce (I just
> tried it myself), so it could potentially be used as a crude way to make
> Microsoft send a load of spam (e.g. send the mail with a return-path of
> the victim and intentionally make the recipient invalid, then Microsoft
> will bounce the message to the victim with the spam payload attached).
>
> Kind regards,
> Steve.
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150309/36fc964e/attachment.html 


More information about the MailScanner mailing list