Spammers must die. Redux.

wsuffa · Oct 21, 2008

Struck again this morning. I got something on the order of 8,000 reject messages over the course of an hour (130+ per minute). Maybe more - the server throttled back during the attack. Adjusted the server side filter to /dev/null the most common reject subject lines.

Looks like they hit a directory harvest on IBM - over 1000 of the rejects came from the IBM US mail gateway.

Die, spammer, die.

mikea · Oct 21, 2008

wsuffa said:
Struck again this morning. I got something on the order of 8,000 reject messages over the course of an hour (130+ per minute). Maybe more - the server throttled back during the attack. Adjusted the server side filter to /dev/null the most common reject subject lines.

Looks like they hit a directory harvest on IBM - over 1000 of the rejects came from the IBM US mail gateway.

Die, spammer, die.

No reason that IBM would know how pointless and a bad practice it is to send rejects to spam messages. Where do I sign to have them manage my IT for me?

Keith Lane · Oct 21, 2008

Same has happened to me this week. Anywhere from 500-1500 "Mail Delivery Subsystem" rejected errors per day. I guess somebody who had my e-mail address in their Outlook got hacked and the bot started sending out everything Viagra.
I agree, Spammers Must Die (a slow, painful death. :yesnod:

wsuffa · Oct 28, 2008

Let's see: it's been 7 days. Apparently they're recycling addresses every 7 days.

I learned today what it takes to bring down a Unix-based email-filtering server (with 10 GB of allocated space on the slice): 15,000 reject messages over the course of 2 hours (125 per minute). I've just spent an hour cleaning it up.... there appear to be more trickling in, but I've got the filters now set to silently discard (as opposed to going to quarantine). Looks like I'll be reallocating drive space soon.

Some are "undeliverable" messages, some "out of office", and some "no such account".

Spammers must DIE.

Ghery · Oct 29, 2008

Got an e-mail from Comcast (at least, it claims it's Comcast) claiming that my computer is infected and has been sending spam. Gives steps to stop it.

Interesting. Outlook is NOT running on my computer at home at this time, and hasn't been run for over a week. How do I know? I'm in Osaka and I'm able to read my Comcast mail over the net. That gets cleared out anytime Outlook fires up and downloads my e-mail. I guess I'll just have a phone conversation with them when I get home on Thursday.

I agree, spammers must die.

wsuffa · Oct 29, 2008

It took a bit, but I determined the reason that the filter server got whacked: it's using Postfix and Cyrus. Apparently one database in Cyrus ran out of space and couldn't clear itself because it was full. Took 15,000 messages to bring it down. Deleted the .db file, restarted Cyrus, and the system restarted. Even with the filters, 1100 reject messages still came through.

jesse · Oct 29, 2008

Ghery said:
Interesting. Outlook is NOT running on my computer at home at this time, and hasn't been run for over a week. How do I know? I'm in Osaka and I'm able to read my Comcast mail over the net. That gets cleared out anytime Outlook fires up and downloads my e-mail. I guess I'll just have a phone conversation with them when I get home on Thursday.

I agree, spammers must die.

Keep in mind that many of these 'turn your computer into a spam bot' viruses or whatever you want to call them will be sending e-mail on their own. They don't need you to have Outlook open.

It is entirely possible that you're infected with something that is doing it--or it is possible that the message wasn't even from Comcast--or it is possible that Comcast is just wrong. Don't you love it?

wsuffa · Oct 29, 2008

jesse said:
It is entirely possible that you're infected with something that is doing it--or it is possible that the message wasn't even from Comcast--or it is possible that Comcast is just wrong. Don't you love it?

And on that note, I've recently acquired a domain for a business venture. I have a pending transfer from one registrar to the registrar on which I keep our other domains. To facilitate the transfer, I have to have the domain unlocked (and, it turns out, that the "losing" registrar has no phone support number and takes up to 1 week to process the transfer EVEN AFTER the EPP code is issued).

Get an email today in my admin contact mailbox from GoDaddy asking me to confirm that I am requesting that I want the domain transferred to them. GoDaddy is NOT my registrar. Some scumbag is trying to steal the domain out from under me. And I can't lock it up (because of MY own pending transfer), and I can't get to customer support for the losing registrar. I sure hope that MY transfer is accomplished quickly so a lawsuit is unnecessary.

Ghery · Oct 29, 2008

jesse said:
Keep in mind that many of these 'turn your computer into a spam bot' viruses or whatever you want to call them will be sending e-mail on their own. They don't need you to have Outlook open.

It is entirely possible that you're infected with something that is doing it--or it is possible that the message wasn't even from Comcast--or it is possible that Comcast is just wrong. Don't you love it?

Well, that's why I'm going to call Comcast tomorrow when I get home (sitting at NRT right now). I'm not impressed. And I've done this with them before, so the machine shouldn't be a problem. Part of their fix is to make it necessary to use the password to send messages, and that's not available on my machine outside Outlook. Oh well...

Oh, and why are your posts so wide, when everyone else's aren't? It's annoying having to scroll left/right for your posts. Just checking...

jesse · Oct 30, 2008

Ghery said:
Well, that's why I'm going to call Comcast tomorrow when I get home (sitting at NRT right now). I'm not impressed. And I've done this with them before, so the machine shouldn't be a problem. Part of their fix is to make it necessary to use the password to send messages, and that's not available on my machine outside Outlook. Oh well...

Oh, and why are your posts so wide, when everyone else's aren't? It's annoying having to scroll left/right for your posts. Just checking...

Ah--probably because of my signature image. My laptop is wide enough that I don't notice that problem. I didn't consider it busting the page for lower resolutions.

KennyFlys · Oct 30, 2008

jesse said:
Ah--probably because of my signature image. My laptop is wide enough that I don't notice that problem. I didn't consider it busting the page for lower resolutions.

I set my IE window for the average page width. You could always cut the signature graphic down a bit?

ScottM · Oct 30, 2008

jesse said:
Ah--probably because of my signature image. My laptop is wide enough that I don't notice that problem. I didn't consider it busting the page for lower resolutions.

it is a little annoying having your posts push the right edge envelope.

Ghery · Oct 30, 2008

jesse said:
Ah--probably because of my signature image. My laptop is wide enough that I don't notice that problem. I didn't consider it busting the page for lower resolutions.

Not an issue on my home computer, but my T42 doesn't understand the concept of wide screen on its display.

Spammers must die. Redux.

wsuffa

Touchdown! Greaser!

mikea

Touchdown! Greaser!

Keith Lane

Pattern Altitude

wsuffa

Touchdown! Greaser!

Ghery

Touchdown! Greaser!

wsuffa

Touchdown! Greaser!

jesse

Touchdown! Greaser!

wsuffa

Touchdown! Greaser!

Ghery

Touchdown! Greaser!

jesse

Touchdown! Greaser!

KennyFlys

Guest

ScottM

Taxi to Parking

Ghery

Touchdown! Greaser!