Return-Path: <crobinson@rfgonline.com>
Received: from border.rfgonline.com ([65.171.123.242] verified)
  by logan.com (CommuniGate Pro SMTP 4.2b1)
  with ESMTP-TLS id 3153479 for flyrotary@lancaironline.net; Thu, 08 Apr 2004 18:19:29 -0400
Received: (qmail 14259 invoked from network); 8 Apr 2004 18:12:45 -0400
Received: from unknown (HELO EXCHANGE.rfgonline.com) (192.168.150.101)
  by 192.168.150.1 with SMTP; 8 Apr 2004 18:12:45 -0400
Received: from rfgonline.com ([192.168.150.90]) by EXCHANGE.rfgonline.com with Microsoft SMTPSVC(5.0.2195.6713);
	 Thu, 8 Apr 2004 18:19:28 -0400
Message-ID: <4075CFF4.8080509@rfgonline.com>
Date: Thu, 08 Apr 2004 18:19:32 -0400
From: Chad Robinson <crobinson@rfgonline.com>
User-Agent: Mozilla Thunderbird 0.5 (X11/20040208)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Rotary motors in aircraft <flyrotary@lancaironline.net>
Subject: Re: [FlyRotary] Re: Network abuse
References: <list-3153429@logan.com>
In-Reply-To: <list-3153429@logan.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Return-Path: crobinson@rfgonline.com
X-OriginalArrivalTime: 08 Apr 2004 22:19:29.0018 (UTC) FILETIME=[8F186DA0:01C41DB7]

Ed Anderson wrote:
> Hi Dale,
> 
>     Don't know if your conclusion correct or not.  I do know my e mail was
> not only harvested but "Hijacked" in that it has been used by Spammers as
> the origin for messages I certainly did not send.  However, I get the
> "bounces" from their use of my URL returned to me and indications that some
> providers are now blocking my URL due to its use by the spammers.  I am
> convinced that the spammers got my e mail from a Yahoo list I joined.   I
> also noted in one case that a harvester had gotten into the address list of
> my own service provider.  My service provider is now blocking virus on its
> on and fortunately I rarely see one that has not been "disabled" already.
> 
>   So the fact that you might get a message from me containing Spam or worst
> yet a virus, don't mean it came from me.  I use Norton's anti-virus to scan
> both incoming and outgoing mail and have a hardware firewall, so its very
> unlikely it would come from me, but it could some from a spammer or others
> that have "Hijacked" my e mail URL.
> 
> Frankly, I don't know what you can do about it.  Switching URL is certainly
> a pain.

It certainly is. I can add a little data on the hijacking side. Some people 
worry when they see this that somebody has taken over their account. The truth 
is that SMTP, the protocol used to transport e-mail between systems on the 
Internet, is inherently unsecure and does basically no checking of the source 
and target. You can make them anything you want - I could send you a message 
from Newt Gingrich and you wouldn't be able to tell the difference without a 
close examination of the message headers, which people rarely do.

What spammers are doing is an anti-spam-filter trick. Most spam filters 
"whitelist" the e-mail addresses at their own sites, so sending from, say, 
chad@somewhere.com to nicole@somewhere.com doesn't get filtered. Spammers thus 
use identical domain names on different accounts on their target lists to 
identify users at the same sites, then pick one at random as the source, and 
the other as the target. Unfortunately, it works more often than it doesn't 
which just encourages them to do it more.

As some people have pointed out, the only thing that will stop the junk is 
people not buying into it. Spamming works. People actually buy this cr....p.

I use a very aggressive spam filter at work, and change my private e-mail 
addresses (used for purchasing things online, among other things) several 
times a year. It helps a lot, but it's annoying as heck.

Regards,
Chad