[Mimedefang] Testing and dictionary attack..
john at essenz.com
john at essenz.com
Fri Jul 9 15:25:00 EDT 2004
Very true... However, spammers are definitly aggressive when it comes to
finding new addresses on your server.
When I first started doing spam filtering on front-end machines, I would
just relay everything to the backend. So if spammers were sending email to
randomly generated accounts (bob.smith at domain.com) I was not returning a
550 even though that address did not exist. As result, Mr. Bob Smith has
become popular and now I can't get spammers to believe that he is gone!
Now, I always explicitly relay per address to prevent this type of
harvesting.
-john
----------------------------------------------------
>From : David F. Skoll <dfs at roaringpenguin.com>
To : mimedefang at lists.roaringpenguin.com
Subject : Re: [Mimedefang] Testing and dictionary attack..
Date : Fri, 9 Jul 2004 14:44:10 -0400 (EDT)
> On Fri, 9 Jul 2004, Kelson Vibber wrote:
>
> > - Many spammers don't clean up their lists anyway.
>
> I was recently at an anti-spam conference. I met an e-mail admin
> who ran a domain that had been inactive for two years. That is, for
> two whole years, the domain "xxx.ca" had NO published MX records, and
any
> e-mail to anyone at xxx.ca would fail. (xxx.ca is not really the domain;
> I obscured it for privacy reasons.)
>
> Out of curiosity, the admin published an MX record for that domain.
> He was *immediately* flooded with 100,000 spams/day.
>
> I believe this settles the discussion as to whether spammers clean
> their lists.
>
> Regards,
>
> David.
> _______________________________________________
> Visit http://www.mimedefang.org and http://www.canit.ca
> MIMEDefang mailing list
> MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
More information about the MIMEDefang
mailing list