Neil Turner's Blog

Blogging about technology and randomness since 2002

The Bane of Bounces

Some lovely spammer has decided to use random addresses at this domain as return addresses for spam that has been sent out from a zombie computer on an American broadband ISP, and as such I’m getting a few bounce messages from mail servers. What annoys me is that these messages are bouncing back when the headers on the original mail are obviously faked. Take for example this line:

Received: from neilturner.me.uk (user-xx-xx-85-254.knology.net [xx.xx.85.254]) by imsantv03.netvigator.com (8.12.10/8.12.10) with SMTP id i79HTQNs020335 for <xxxx@xxxxxxxx.com>; Tue, 10 Aug 2004 01:29:28 +0800

All the mail server would have to do is lookup neilturner.me.uk to find that its IP address is completely different. It would then realise that this email is probably faked and as such there’s no point in bouncing it. Of course, if the mail server had a proper spam filter it would realise it was spam anyway and would have disregarded it.

One Comment

  1. I’ve been getting a TON of those too! I was actually wondering when spammers would get smart enough to realize that a domain like metzener.com can potentially have millions and millions of addresses.
    I agree with you on the mail server being smarter. It seems amazing to me that the developers haven’t made that change yet. Is it that hard to check the server name with it’s IP address? Isn’t it just a query to a DNS server? The test would fail when a webhost is being changed. Seems hard to believe that this would be the only reason that the code hasn’t been changed.
    Ah well…