Dr. Frederick B. Cohen forwarded: > Subject: HP bomb barded my email with it FAQ (fwd) > To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM> > > From firewalls-owner@GreatCircle.COM Wed Jul 19 22:37:13 1995 > > From: Douglas Ramsey <dramsey@us.DHL.COM> > > Date: Wed, 19 Jul 1995 18:34:58 -0700 > > Subject: HP bomb barded my email with it FAQ > > [snip] > > I am now getting email from people that are not sending the mail to me, this > > includes many > > news groups and the like. We have been tracing down all the route tables that > > could have been > > hosed. As of yet we have not found anything that suggests what is wrong. > > Another side effect is > > that a friend of mine is being sent some of this misguided mail from our > > gateway. If anyone has > > seen this problem before and know of an answer, please let me know. > > Thought bugtraq might be the right place for this. I have indeed seen something like this before. The FAQ mailbomb is standard fare, unfortunately. The spurious email thing is done by particularly pernicious individuals, and is difficult to deal with. In my case, I posted something which offended a few members of a fringe group with a Usenet posting, and one of them emailed a threat that I would receive spurious email until I said something to make him feel good about himself, or whatever. I did receive blind-CC:'s of various strange email and also Usenet postings from groups I don't subscribe to. I forwarded the original threat to the postmaster of the site it came from, with the explanation that the user had made good on his threat. Also, this was on my home site, where I have a frontend filter to RMail which processes killfiles for users, and I stuck every user I got strange unsolicited email from into that killfile, resulting in the unsolicited email being sent back to them unread. It took awhile to get rid of all of it, but I did, eventually. If you can't make or obtain a frontend filter, or are receiving the mail via SMTP, I would suggest posting your problem to a couple of Usenet newsgroups: news.admin.net-abuse.misc and alt.current-events.net-abuse are a couple I can think of. Also read news.admin.net-abuse.announce. I hope you find what you need... -- ------------------------------------------------------------------------------- Allen J. Newton BASIS International Ltd, (505)-345-5232 5901 Jefferson NE, Albuquerque, New Mexico 87109 anewton@basis.com