Today is the day before Thanksgiving. I am thankful for a lot of things (a job for one) but today I am thankful for spam, or rather the lack thereof. A few weeks ago a concerted effort was made to shut down the biggest spam ring in the world, where it is suspected some 50-75% of the spam was being generated from. It appears that a group of vigilante network specialists found a way to shut down two ISPs where most of the spam comes from. The coolest part (in my opinion) is that this was not done by law enforcement (but of course they’re more than willing to go get Grandma for a file-sharing app, not spammers, something’s wrong here) but by those “security researchers” that pinpointed the spam origination and summarily got their stream cut from the folks above them. Every small server farm/ISP relies on the bigger Internet to get connected. This is where the shutoff happened.
As a result of the shutdowns, I went from having over a thousand spam mails a day to a measly 100. How great is that? Thanks crazy network hacker guys.
I originally was going to post about ‘bounceback scatter’ but it seems temporarily that spam isn’t an issue. But I still want to talk about the bouncebacks, because it always scares me into thinking our email server has been hacked, which hasn’t been the case. We did have a small open IP relay issue with a client that was a bot, but that’s another issue entirely. Bounceback spam or ‘backscatter’ is a way of forming spam so that it appears to be a bounceback message. Bouncebacks are usually a rather official email that appears to come from a server where your message could not be delivered, due to whatever factors. In this case, these spammers make the email appear to be bouncebacks so that they don’t get caught by spam filters. It also makes it look like your email is sending out a number of bad emails. This is where it looks scary, because it looks like you’ve been infected with an email sending virus. In the end, after examining the messages, you are in the clear, but it’s still annoying. Now there is still a chance that you are indeed infected, and should promptly run a virus scan, both on your computer’s current virus protection (you do have one right…?) and an online scan (not the same company as your virus protection), just for good measure.
Happy Turkey day everyone!