Mail Viruses Junk Spam Phishing and now Dark?



Okay, I’ve seen a new term come across the horizon in the battle of the email inbox. First there were viruses, then junk mail, which became known as Spam and then Phishing attacks now we’re up to DarkMail. According to scmagazine , an IT security focused publication, the earmarks of darkmail are similar to junkmail but greater in volume. According to the article one domain withstood 10 million messages in one day as the sender went alphabetically through addresses on the domain.


In some cases this is used simply as a Distributed DoS (Denial of Service) attack, but more often now as a way of brute forcing the message through junk filters. With a DDoS it’s possible to filter out the source IP addresses and just drop connections from them. (Most seem to be residential virus laden/trojan infected machines.) However, as the numbers of machines involved grow it becomes frustratingly tedious to block them all. Plus, there’s a bit of know how involved with filtering out offending IP’s. Maybe mail server software should have an automatic “pacing”. In other words if you receive too many connections from the same machine in a limited period of time, block it for a longer period to cool its heels a bit. If it’s a legitimate transaction, most of those would be one or two messages at a time, but if it’s a mailing list it could be more. Even so, a legitimate user wouldn’t mind the delay. As the intensity of incoming messages from a single IP continues perhaps the delay should continue to get longer?

Related Posts

Blog Traffic Exchange Related Posts
  • Network security - how safe is your network? Looking at ARP A while back I did a network security series and one of the points that I mentioned was that it's important to know what is normal for your network. In other words, what machines are NORMALLY connected, what services are normally running, etc. Well, I'm about to start a serious......
  • More on the virus/trojan front I have a couple new things to post. One, in my futher investigation of the server logs, from the last big topic.... (read the entries below.) I've discovered at least one MAC, so this should be a warning that no one should take system security for granted. Likely someone has......
  • Strange net problems with a Netgear FS608 switch This was weird and now that the switch is replaced I haven't been able to duplicate it, but let me explain. There was a netgear fs608 (8 port unmanaged) switch plugged into a linksys router (model number not noted.) The cable was straight (although the fs608 has support for link......
Blog Traffic Exchange Related Websites
  • Microsoft Issues “Cyber Monday” Security Shopping Tips for Consumers Monday, November 29 will be this year’s Cyber Monday,  the Monday following the Friday after Thanksgiving Day, and the second busiest online shopping day of the year in the United States.  Cyber Monday is also one of the busiest online shopping days in the United Kingdom, Germany, and France. For the millions of shoppers worldwide......
  • Creating and Hosting Blog Carnivals When it is done properly, creating and organizing your own Blog Carnival is a practice that can be truly rewarding. This is especially true if you are trying to increase your blogging experience, and by proxy, your traffic. The Blog Carnival is one of the finest innovations in the blogosphere......
  • Protecting WordPress - 7 Indispensable Security Steps For Every Blog Step 1 - Upgrade WordPress So the first important security step is to upgrade WordPress to the latest version. Sometimes these new versions are released to fix security problems that have been uncovered, let's say users able to get more access than they should. And when WordPress is up to......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site