I have a user who has found a way to pester and annoy everyone on one of my
lists. Basically, he simply takes every message and forwards the message
to a bogus user at another site (sites and names hidden to protect the
innocent). The remote site bounces the message with "No such user" ,
ordinarily no problem, but the site incorrectly routes the error to the
sender of a message rather than the address in the errors-to header of the
The consequence is, every time a subscriber posts to my list, they get this
error message sent to their email address. As you can imagine, this upsets
the subscribers immensely. I currently am trying to isolate the address
doing this forwarding, by trying to sync maillog times and the times the
error message returns, but have not had any luck(over a thousand
subscribers and this method only narrows it down to two hundred or so).
I have band-aided the problem by having the remote system admin add the
user so it is no longer bogus, but obviously it is only a matter of time
before he picks a new address and does the same thing again. Does anyone
have a suggestion or war story that help me isolate the weasel? Some ideas
come to mind, like sending sequenced mail that impersonates list mail to
each of the two hundred possible subscribers mentioned above and then
watching to see which sequence number returns. I don't know how to go
about doing that (or how ethical it is) though.
Thanks in advance,
Plow the Net!