The Fight Against Spam, Part 1
Subject:   Even the first (trusted) account is at risk
Date:   2004-05-19 14:01:07
From:   Chirael
I'm really starting to get the impression that web site harvesting bots aren't the only way spammers are getting addresses but that a new, more insidious form of address harvesting is at work.

Specifically, instead of system crackers installing viruses and DDOS agents, that they have cracked a few of the more central servers on the net (central in terms of mail flows) and simply extract addresses from every piece of e-mail that passes through the server, either logging the addresses to a hidden file on that server or (far more likely) sending them out to the smam harvest server surruptitiously.

Why would I get this impression? I've created a few accounts with very, very random addresses, on servers I've controlled (i.e., not Hotmail/Yahoo/etc.), only sent a few messages, and STILL started to get spam.

Could it be spammers trying a TON of random users on my hosts and eventually getting it right? Could be. But as I said, I'm really getting the sense that a few mail servers out there are in "promiscuous mode" and harvesting addresses even from mail between trusted persons.

1 to 1 of 1
  1. Even the first (trusted) account is at risk
    2004-07-19 17:07:27  nat0 [View]

1 to 1 of 1