Mailing List Archive

Anyone from instagram reading?
Instagram is enabling an harassment attack.

They are sending out "change in terms of use" statements, you've
probably received it.

Apparently they will send them to unconfirmed accounts, en masse.

So for example you own example.com and all email for *@example.com
goes to you.

And there are no legitimate email accounts for that domain so can't
possibly be confirmed accounts.

So you are receiving a firehose of "terms of use" emails to
randomstring@example.com apparently being generated by a script,
random+domain@domain like (from the actual emails tho not
example.com):

qiuncjhuxeexample@example.com
mazhjkmthexample@example.com

and so on and so on, each one different.

SOLUTION: Stop sending your terms of use update messages to
unconfirmed accounts. It's a trivially abused harassment vector as
we're seeing.

--
-Barry Shein

Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com
Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD
The World: Since 1989 | A Public Information Utility | *oo*
Re: Anyone from instagram reading? [ In reply to ]
Mailops?




-----
Mike Hammett
Intelligent Computing Solutions

Midwest Internet Exchange

The Brothers WISP

----- Original Message -----

From: bzs@theworld.com
To: nanog@nanog.org
Cc: bzs@theworld.com, abuse@instagram.com
Sent: Wednesday, December 2, 2020 1:03:13 PM
Subject: Anyone from instagram reading?


Instagram is enabling an harassment attack.

They are sending out "change in terms of use" statements, you've
probably received it.

Apparently they will send them to unconfirmed accounts, en masse.

So for example you own example.com and all email for *@example.com
goes to you.

And there are no legitimate email accounts for that domain so can't
possibly be confirmed accounts.

So you are receiving a firehose of "terms of use" emails to
randomstring@example.com apparently being generated by a script,
random+domain@domain like (from the actual emails tho not
example.com):

qiuncjhuxeexample@example.com
mazhjkmthexample@example.com

and so on and so on, each one different.

SOLUTION: Stop sending your terms of use update messages to
unconfirmed accounts. It's a trivially abused harassment vector as
we're seeing.

--
-Barry Shein

Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com
Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD
The World: Since 1989 | A Public Information Utility | *oo*