1 post tagged “collusion”

Email downloading

I hate days that start like this. Last night, about 20-odd spammers decided to collude and put in one of our addresses—not one of our firm, but one which I get cced on—in the ‘From’ header in their email. Where do the bounces go? Right here.
   I’ve received roughly 2,300 bounces in the last 24 hours.
   My spam filters are pretty good but it’s the sheer time that one needs to download. The morning one was the above—945 messages to download, with roughly 850 of them bounces overnight.
   We had probably reported all of the spammers to SpamCop automatically, and our filtering software probably filed a second report, so it is annoying that so many ISPs left open proxies and unprotected servers for spammers to exploit.
   Many of these were with respectable American firms (e.g. Verizon), plus the usual suspects in Thailand, Red China, Poland, Italy, Hungary and South Korea.
   I’m annoyed at the bounces but I cannot see a second way out. I hate it when I get no bounce from an invalid address or if my email has been delayed. But surely ISPs can recognize offending IP address from blacklists and conclude, ‘Right, this is spam, it is selling Viagra, and we won’t bounce it because there’s a blacklist match.’
   We filed our SpamCop reports when the count was around 400 so I am disappointed that so many ISPs left either their server proxies open or failed to check with their blacklists. Even we have a blacklist that we use here on the work server. As a result, another 1,900 bounces came in during the next 22 hours. Seven megabytes’ worth of traffic.
   The spammers’ techniques themselves are fairly clever: by colluding on spamming (and there was no consistency to what was sent—it included porn, fake watches, Viagra and fake handbags) they try to ensure that if you shut down one, there are still another 20 operating.
   But it gets annoying with the sheer quantity of bounces. I believe this is the third such incident in as many weeks, so I’m waiting for these idiots to move to another domain! They probably have no idea that the latest domain is even connected to us.
   Hey, spammers, instead of creating even more negative karma for yourselves, why don’t you stick in some non-existent addresses into the ‘From’ header? You are assholes already but did you have to go even lower down on the food chain?
   And with all that there were two people, perhaps out of 10,000 spam bounces over the last three weeks, that wrote to us to complain. That’s not too bad. We simply explain to them, as they seem unaware of the nature of spam, that spammers forge ‘From’ fields in email.
   Roughly 40 spam bounces since I began typing this post.