179,854Messages
9,130Senders
30Years
342mboxes
Search · subject · body · from · to
Advanced search
reset

← back to listing · view thread

From:
Lars Magne Ingebrigtsen
To:
IDM
Date:
01 Aug 1997 01:27:38 +0200
Subject:
(idm) Re: Re: Re: This guy sucks cheese off of.. ehh
Msg-Id:
<m23eou7qfp.fsf@proletcult.slip.ifi.uio.no>
In-Reply-To:
<"GamePrg."'s message of Thu, 31 Jul 1997 16:47:08 EST4EDT>
Mbox:
idm.9708.gz
"GamePrg." <buh@clark.net> writes:
quoted 6 lines How handy that this mailing list isn't stored anywhere so that he> >How handy that this mailing list isn't stored anywhere so that he > >can't quote you on this when he complains to your ISP. > > since I haven't mailbombed yet that's funny.. but see, mail is so easy to > fake that they wouldn't believe him, after the fact that he stole Gonzi's > page..
News is trivial to fake, but mail is darn difficult to fake. To snip from the header of your mail here: Received: from taz.hyperreal.org ([204.62.130.147]) by ifi.uio.no with SMTP (8.6.11/ifi2.4) id <XAA19871@ifi.uio.no> for <larsi@ifi.uio.no> ; Thu, 31 Jul 1997 23:18:23 +0200 Received: (qmail 7981 invoked by alias); 31 Jul 1997 21:18:05 -0000 Delivered-To: idm@qmail.hyperreal.org Received: (qmail 7966 invoked by uid 1); 31 Jul 1997 21:18:05 -0000 X-bandwidth-by: Hyperreal Received: (from majordom@localhost) by hyperreal.org (8.8.5/8.8.5) id OAA07912; Thu, 31 Jul 1997 14:18:00 -0700 (PDT) Received: from mail.clark.net (mail.clark.net [168.143.0.10]) by hyperreal.org (8.8.5/8.8.5) with ESMTP id OAA07772 for <idm@hyperreal.org>; Thu, 31 Jul 1997 14:17:47 -0700 (PDT) Received: from clark.net (root@explorer.clark.net [168.143.0.7]) by mail.clark.net (8.8.5/8.6.5) with ESMTP id RAA16753 for <idm@hyperreal.org>; Thu, 31 Jul 1997 17:17:45 -0400 (EDT) Received: from clark.net (buh.clark.net [168.143.6.214]) by clark.net (8.8.5/8.7.1) with SMTP id RAA24432 for <idm@hyperreal.org>; Thu, 31 Jul 1997 17:17:42 -0400 (EDT) Some of these headers may be fakes, of couse, but since most sendmail and qmail installations do logging, it's quite trivial for root on these machines to verify whether the mail actually passed through the site. If I received a 5Mb mail from you, I'd get in touch with clark.net and ask them to check their mail logs. If it turned out that you did send the mails, I'd ask them to slap your fingers. If you did it again, I'd demand that you were booted off. This isn't witchcraft. Vandalism is vandalism. Most likely youse guys are just making the mail spool area of his ISP overflow. Getting rid of unwanted mail is as easy as "echo > /var/spool/mail/whoever", so (unless the person you're mailbombing is technically incompetent, which he might very well be), the only people you're affecting are innocent bystanders who use the same machine as this "junglizt" guy. Let's hope for your (and I'm here referring to anybody who bombed his ISP) sake that "junglizt" is a moron and that the people who run his ISP aren't net savvy. You may very well be in luck. Who knows. -- (domestic pets only, the antidote for overdose, milk.) larsi@ifi.uio.no * Lars Magne Ingebrigtsen