FW: Apache bounced my email

[Chris Santerre <cs...@MerchantsOverseas.com>]

Passing this on....

>-----Original Message-----
>From: jdow [mailto:jdow@earthlink.net]
>Sent: Monday, September 20, 2004 8:57 PM
>To: Chris Santerre
>Subject: Apache bounced my email
>
>
>Please pass this along to the list. Apache.org is using the dsbl.org
>blacklist that is basically a DoS attack on ISPs. All anybody needs to
>do is forward one message from anyplace through the Earthlink mailers
>to one published destination address, listme@listme.dsbl.org. It then
>adds every server that was involved in the path to their list. All
>ANYBODY needs to do to deny service to Earthlink customers, 
>for example,
>is relay one message through Earthlink's servers.
>

*snip angry statement* :-)

>
>{+_+}    (Can you tell I'm pissed off at the stupidity of it?)
>----- Original Message ----- 
>From: "Mail Delivery System" 
><Ma...@grouse.mail.pas.earthlink.net>
>To: <jd...@earthlink.net>
>Sent: Monday, 2004 September, 20 14:31
>Subject: Mail delivery failed: returning message to sender
>
>
>> This message was created automatically by mail delivery 
>software (Exim).
>>
>> A message that you sent could not be delivered to one or more of its
>> recipients. This is a permanent error. The following 
>address(es) failed:
>>
>>   users@spamassassin.apache.org
>>     SMTP error from remote mailer after RCPT
>TO:<us...@spamassassin.apache.org>:
>>     host mail.apache.org [209.237.227.199]: 550
>http://dsbl.org/listing?ip=207.217.120.116
>>
>> ------ This is a copy of the message, including all the 
>headers. ------
>>
>> Return-path: <jd...@earthlink.net>
>> Received: from ar39.lsanca2-4.16.240.206.lsanca2.elnk.dsl.genuity.net
>([4.16.240.206] helo=kittycat)
>> by grouse.mail.pas.earthlink.net with smtp (Exim 3.33 #1)
>> id 1C9Vl2-0002u8-00
>> for users@spamassassin.apache.org; Mon, 20 Sep 2004 14:31:36 -0700
>> Message-ID: <03...@kittycat>
>> From: "jdow" <jd...@earthlink.net>
>> To: <us...@spamassassin.apache.org>
>> References: <61...@mail.hbinc.com>
><41...@hepcoe.com> <03...@kittycat>
><41...@nucdc.org>
>> Subject: Re: Mozilla Headers
>> Date: Mon, 20 Sep 2004 14:31:35 -0700
>> MIME-Version: 1.0
>> Content-Type: text/plain;
>> charset="iso-8859-1"
>> Content-Transfer-Encoding: 7bit
>> X-Priority: 3
>> X-MSMail-Priority: Normal
>> X-Mailer: Microsoft Outlook Express 6.00.2800.1437
>> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
>>
>> From: "Jamie Pratt" <ja...@nucdc.org>
>> > jdow wrote:
>> > > From: "Kevin Peuhkurinen" <ke...@hepcoe.com>
>> > > To: <Ma...@hbinc.com>
>> > > Cc: <us...@spamassassin.apache.org>
>> > > Sent: Monday, 2004 September, 20 11:20
>> > > Subject: Re: Mozilla Headers
>> > >
>> > >
>> > >
>> > >>Matthew.van.Eerde@hbinc.com wrote:
>> > >>
>> > >>
>> > >>>David Brodbeck wrote:
>> > >>>
>> > >>>
>> > >>>
>> > >>>>On Mon, 20 Sep 2004 10:40:39 -0400, Kevin Peuhkurinen wrote
>> > >>>>
>> > >>>>
>> > >>>>
>> > >>>>>Mozilla Mail and Thunderbird add X-Mozilla-Status and Status2
>> > >>>>>headers to all emails they recieve.   I do not 
>believe they are
>ever
>> > >>>>>added to outgoing emails, even if you are forwarding 
>an email that
>> > >>>>>already has them.
>> > >>>>>
>> > >>>>>
>> > >>>>
>> > >>>>(And the little light goes on...)
>> > >>>>
>> > >>>>Is this why I've been receiving spam that's marked as 
>already read
>in
>> > >>>>Thunderbird?  I've been wondering about that.  I suspect the
>> > >>>>idea is to try to
>> > >>>>get around Thunderbird's junk mail controls, since they're
>> > >>>>only run on unread
>> > >>>>messages.
>> > >>>>
>> > >>>>
>> > >>>
>> > >>>MUA's creating headers for their own internal purposes 
>is a dangerous
>> > >
>> > > idea.  But many do it.  This may be the tip of the iceberg here.
>> > >
>> > >>>
>> > >>As a test, I created an email to myself with the headers:
>> > >>
>> > >>X-Mozilla-Status: 0001
>> > >>X-Mozilla-Status2: 02000000
>> > >>
>> > >>And sure enough, the email showed up as read and marked 
>"Important"
>> > >>(highlighted in red).   Think I'll open a new bug in bugzilla.
>> > >
>> > >
>> > > Um, let me see if I understand this correctly. These two status
>messages
>> > > appear only after the MUA has gotten its metaphorical 
>hands on the
>> email.
>> > > So it should never appear on spam in your MTA where the anti-spam
>tests
>> > > are run. It seems to me that those two header lines are 
>prime meat for
>> > > SpamAssassin rules, aren't they? Under what 
>circumstances would they
>> > > ever possibly appear in a legitimate email? Do they 
>appear on Mozilla
>> > > mail that is forwarded or does Mozilla properly remove 
>them before it
>> > > sends them out?
>> > >
>> > > {^_^}
>> > >
>> > >
>> > >
>> > >
>> >
>> > Yes, mozilla/tb adds them after downloading I presume - 
>yes, they all
>> > appear on mail that is forwarded and yes, the app(s) don't 
>remove them.
>> > at least on thunderbird, anyhow. So, I guess the only 
>place they should
>> > appear in legitimate email are in Fwd'ed stuff, (unless 
>any appear in my
>> > own headers above of course, because I can't tell.) The latest tb
>> > release also adds this new one to distinguish between 
>internal MUA mail
>> > accounts (lovely):
>> >
>> > X-Account-Key: account1
>>
>> Ick, until those MUAs learn to strip those headers only a twit would
>> be found using Mozilla or TB, IMAO. That is not information I want to
>> send out to the net for privacy reasons. It's nice to know. It should
>> be "advertised heavily" and people should remark about using it as a
>> spam rule. Maybe the Mozilla and TB folks could learn a little sense.
>>
>> {O.O}
>>
>
>