The Boston Diaries

The ongoing saga of a programmer who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Tuesday, September 05, 2006

Perhaps the solution is to disable any form of bounce back message

I awoke to a phone call from a frantic Smirk, trying to get one of our new servers under control from a deluge of email (if I sounded angry today Smirk, that's because I got up a bit early, and it took nearly two hours for me to eay my way through lunch, so let me apologize).

The end result will probaby take as long to explain as it took to handle.

The server was drowning in email being sent to We don't host the website for Nor do we handle email for In fact, we have nothing, nada, zip, zilch, nothing what so ever to do with, except for a ton of email trying to be delivered to from our server.

Got that?

Read that paragraph again.


Now, why were we trying to send email to Good question. At the time, the MX record for (which contains the address of the server(s) that handle email for were resolving to

Now, the IP address is a special IP address—it's the “loopback” address; any network traffic sent to IP address is sent to the box doing the sending—the data “loops back.”

So our server sent the email to to IP address, which, since that's the “loopback” address, was sent right back to our server. Our server accepted the email because, hey, it has the permission to send email to itself. But since we don't host, or in fact, have anything to do with, the email got requeued up for delivery again.

Which begs the question why we were trying to send email to in the first place. In checking the email logs, it seems that one “Nicholas,” who has the email address of, sent a bunch of spam to all the sites on our server. And in typical spam fasion, it was sent to a whole bunch of addresses, the majority of which don't exist!

That's right. “Nicholas” here was sending email to,,,, etc. etc. with a return email address of

Now, our email server, like every other email server in existance, is configured to send an error notification back to the sender when the email address doesn't exist. So each spam that “Nicholas” sent that didn't get delivered because the destination address didn't exist created a message to saying as much.

So that's why we had thousands upon thousands of messages attempting to be delivered to, which, because the email server for was set to the “loopback” address, were being delivered right back to our server for yet another attempt at delivery.

Beautiful, huh?

Now, that's not to say that the owners of were the actual spammers—most likely they're not and they're the victim of a “joe job.”

So now the question is: who's doing more damage here? The original spammer “Nicholas?” Or the owners of when they changed their MX records to (not that I can blame them for doing that—it keeps a bunch of useless email from being sent to them and wasting their bandwidth) And what can we do to keep this from happening in the future?

I suppose one way would be to immediately delete any email destined for a site we have nothing to do with, but with an MX record of

Does anyone know how to get sendmail to do that?

Obligatory Picture

[The future's so bright, I gotta wear shades]

Obligatory Contact Info

Obligatory Feeds

Obligatory Links

Obligatory Miscellaneous

You have my permission to link freely to any entry here. Go ahead, I won't bite. I promise.

The dates are the permanent links to that day's entries (or entry, if there is only one entry). The titles are the permanent links to that entry only. The format for the links are simple: Start with the base link for this site:, then add the date you are interested in, say 2000/08/01, so that would make the final URL:

You can also specify the entire month by leaving off the day portion. You can even select an arbitrary portion of time.

You may also note subtle shading of the links and that's intentional: the “closer” the link is (relative to the page) the “brighter” it appears. It's an experiment in using color shading to denote the distance a link is from here. If you don't notice it, don't worry; it's not all that important.

It is assumed that every brand name, slogan, corporate name, symbol, design element, et cetera mentioned in these pages is a protected and/or trademarked entity, the sole property of its owner(s), and acknowledgement of this status is implied.

Copyright © 1999-2023 by Sean Conner. All Rights Reserved.