Spam from oconnor.cx
Sympathy for anyone who’s received spam from firstname.lastname@example.org — some spammer has been using such addresses of late. Basically, this spammer (or these spammers) make up an email address at this domain, and then proceed to put such addresses in the From header of their spams.
This sort of spammer behavior is especially painful for me — I frequently say (to company) that my email address is email@example.com. In order to keep such addresses working, I basically have to receive all mail to firstname.lastname@example.org. Which means that I’ve been wading through many, many “out of the office” messages, SMTP server bounce notices, and the like.
I’ve seen several of the form Gnus-generated-Message-ID@oconnor.cx, so I imagine those ones at least were harvested from Gmane or other mailing list archives out there. This is an old trick.
I’ve just enabled SPF on my domains.
In addition, I've been
adding lots of entries to my virtusertable, to ensure that all known
faked addresses get bounced.