Women in Technology

Hear us Roar

  The Fight Against Spam, Part 1
Subject:   Even the first (trusted) account is at risk
Date:   2004-05-19 14:01:07
From:   Chirael
I'm really starting to get the impression that web site harvesting bots aren't the only way spammers are getting addresses but that a new, more insidious form of address harvesting is at work.

Specifically, instead of system crackers installing viruses and DDOS agents, that they have cracked a few of the more central servers on the net (central in terms of mail flows) and simply extract addresses from every piece of e-mail that passes through the server, either logging the addresses to a hidden file on that server or (far more likely) sending them out to the smam harvest server surruptitiously.

Why would I get this impression? I've created a few accounts with very, very random addresses, on servers I've controlled (i.e., not Hotmail/Yahoo/etc.), only sent a few messages, and STILL started to get spam.

Could it be spammers trying a TON of random users on my hosts and eventually getting it right? Could be. But as I said, I'm really getting the sense that a few mail servers out there are in "promiscuous mode" and harvesting addresses even from mail between trusted persons.

Full Threads Oldest First

Showing messages 1 through 1 of 1.

  • Even the first (trusted) account is at risk
    2004-07-19 17:07:27  nat0 [View]

    I think it more likely that the server you send and receive the mail through (the one your accounts are on) is untrustworthy, maybe it has worms or maybe the company or an untrustworthy employee is selling addresses.