Dear lazyweb, this morning I got bitten by fake Delivery Status Notifications. You’ve probably seen this a thousand times:
- Spammer sends mail to non-existant user in existant domain.
- Idiotic mail service accepts mail, even though:
- My domain’s SPF record is telling them not to.
- Destination address doesn’t even exist.
- Another component of idiotic mail service (hurray for qmail modularity!) realizes this address is invalid, and generates a DSN for the mail sender, even though they don’t really know who that is.
- I receive a gazillon of bounces informing me that some mail I didn’t send couldn’t be delivered.
Do you know of any blacklist containing all hosts and/or domains that do this?
Alternatively, I think a blacklist containing all qmail domains would probably cover most of it.