Wouldn't the most easiest thing to do is to redirect the messages to nick.bolton(a)clear.net.nz which is the administrative contact name under mailwasher.net?
They will soon get the picture,
*snipped whois* I'm glad you rethought this on your followup, Garrett. :) As Simon pointed out, you'd need to be able to determine if a message was infact created by mailwasher or not. The whole point is that these are fairly hard to tell apart from the real thing - thus the whole 'forgery' thing. As much as it'd be poetic justice to forward the messages back to them theres a whole other can of worms: - You're contributing to the problem - You're encouraging them to disable and/or ignore their admin address (so where do you send genuine abuse reports about their network?)- You're probably risking your own T&C adherence by engaging in what might be construed as 'excessively annoying behavior' by redirecting those messages. If an end-user enables the 'bounce' then they themselves are responsible for their conduct, adherence to their ISP Terms and Conditions and/or general 'annoyingness'. A bit like how we can't blame car manufacturers for the fact that cars are capable of exceeding 100km/h - we blame the driver who chooses to exceed the limit. The difference here, of course, is that many users can plead ignorance. Thus two things come to mind: - Strict enforcement by ISPs, and - Emphasis on educating users about what construes 'bad behavior' online. So I would hope that ISP and Network admins in networks where Mailwasher may be in use would take all cases of Mailwasher use and/or abuse seriously. I realise theres a tendency to 'dismiss for higher priority cases' but in my view theres no case too small; especially as single cases can have far reaching impact. (IRC Drones anyone?[1]) Mark. [1] Refer http://news.netcraft.com/archives/2004/09/08/botnet_with_10000_machines_shut... for an example of how 'isolated cases' can quickly become a problem....