Mail Viruses Junk Spam Phishing and now Dark?



Okay, I’ve seen a new term come across the horizon in the battle of the email inbox. First there were viruses, then junk mail, which became known as Spam and then Phishing attacks now we’re up to DarkMail. According to scmagazine , an IT security focused publication, the earmarks of darkmail are similar to junkmail but greater in volume. According to the article one domain withstood 10 million messages in one day as the sender went alphabetically through addresses on the domain.


In some cases this is used simply as a Distributed DoS (Denial of Service) attack, but more often now as a way of brute forcing the message through junk filters. With a DDoS it’s possible to filter out the source IP addresses and just drop connections from them. (Most seem to be residential virus laden/trojan infected machines.) However, as the numbers of machines involved grow it becomes frustratingly tedious to block them all. Plus, there’s a bit of know how involved with filtering out offending IP’s. Maybe mail server software should have an automatic “pacing”. In other words if you receive too many connections from the same machine in a limited period of time, block it for a longer period to cool its heels a bit. If it’s a legitimate transaction, most of those would be one or two messages at a time, but if it’s a mailing list it could be more. Even so, a legitimate user wouldn’t mind the delay. As the intensity of incoming messages from a single IP continues perhaps the delay should continue to get longer?

Related Posts

Blog Traffic Exchange Related Posts
  • Strange net problems with a Netgear FS608 switch This was weird and now that the switch is replaced I haven't been able to duplicate it, but let me explain. There was a netgear fs608 (8 port unmanaged) switch plugged into a linksys router (model number not noted.) The cable was straight (although the fs608 has support for link......
  • Network administration over the holidays Nobody wants to be tied to their job over the holidays, but what if someone has hacked your servers and is using your machine to scam thousands of people a day? Does that keep for two weeks? Does someone monitor the abuse address? Incidents.org has a post on messages they've......
  • How do I email lots of people without all their addresses showing up? OK, I'm prompted to post this because for the 2nd time this month I've received an "I'm changing my email address" message. In both cases, what appear to be 100-200 email addresses were all in the To: field and I cringed as I skimmed the list and found my more......
Blog Traffic Exchange Related Websites
  • Creating and Hosting Blog Carnivals When it is done properly, creating and organizing your own Blog Carnival is a practice that can be truly rewarding. This is especially true if you are trying to increase your blogging experience, and by proxy, your traffic. The Blog Carnival is one of the finest innovations in the blogosphere......
  • Microsoft Security Bulletin Summary for July 2010 MS10-042 - Vulnerability in Help and SupportCenter Could Allow Remote Code Execution (2229593) "This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if......
  • Microsoft Issues “Cyber Monday” Security Shopping Tips for Consumers Monday, November 29 will be this year’s Cyber Monday,  the Monday following the Friday after Thanksgiving Day, and the second busiest online shopping day of the year in the United States.  Cyber Monday is also one of the busiest online shopping days in the United Kingdom, Germany, and France. For the millions of shoppers worldwide......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site