Wow…. Let me just say that I have typically been inundated with junk mail on my primary address. It’s associated with this domain and has been hosted in an older sendmail setup for quite some time (not really by choice, but because that’s what was installed on the old vps.) I’m currently migrating to postfix which I’m a bit more familiar with and had used successfully to at least tag my junk mail as SPAM for sorting at home. Well, my older postfix system didn’t have too many options to add on and tweak and so this weekend I’ve invested some time in migrating the main mail server over to a newer postfix install with amavis and postgrey and a few other tools.
Tag: Spam
-
Huge Spam Operation Shut Down Thanks to TheSecurityFix
Thank you Brian Krebs of the Security Fix. He has just made the internet a little better place. He’s worked for several months investigating a group that is believed to have been hosting provider for up to 75% of the Internet’s junk email as well as child porn websites, rogue anti-virus software and who knows what other slime. Great work Brian. He essentially contacted the service providers of the group in question and presented them with the evidence that he and others uncovered.
-
Great tip for Dealing with SPAM email
In reading over at the Gmail Blog, I came across this suggestion to try with Gmail. The idea is, let’s say your address is johndoe@gmail.com Okay, next time you sign up for a mailing list, or need a free website login, use johndoe+freelogin@gmail.com or johndoe+spam@gmail.com or any other unique identifier (something you’ll be able to track.) The idea is this… gmail ignores anything after a + in the address and the mail will still get to your inbox, but… here comes the cool part.
-
Spam storm
Wow… just took a glance at the error_logs and saw numerous errors from Trackbacks and started browsing to find that the last few days we’ve been weathering a spam storm. Thanks to akismet and another tool I’ve only had maybe 2 comments stuck in moderation that were spammy, but several thousand have made it to akismet (and if I recall my OTHER filter catches 90% of the spammy stuff before akismet sees it…) So, I hope someones having fun…. realistically they seem to be coming from a variety of machines, likely a botnet. I saw one machine belonged to a netblock owned by the state of Ohio for public schools. There was another residential broadband in Texas… etc. etc. etc. So, surprise, there are still botnets in the wild and being used for spam.
-
Another trojan using WMF exploit in SPAM
F-Secure is reporting on another SPAM attack that tries to get people to click on a link to a site with an exploit-crafted WMF file. The message is along the lines of a claimed Professor at Yale announcing the unfortunate vandalism over the New Year holiday, the link purports to be pictures of the act in the “hope that someone may recognize the culprits work”. I’m sure this won’t be the last of that sort….
-
Workaround for the critical WMF zero-day exploit
The Windows Meta File (WMF) zero-day (0-day) exploit is apparently, VERY nasty, no user intervention required (unless running firefox or opera). Just VISITING a malicous site (viewing a malicious email with image…) would be enough to get the system owned. It sounds as though a FULL reinstall is the best solution. Sunbelt has had some coverage…
-
Porn Spam indictments…
The Security Fix is reporting that the Justice department will imminently indict four people accused of sending large volumes of porn spam in violation of the CAN-SPAM act which requires explicit junkmail to be specifically labeled “SEXUALLY-EXPLICIT” in the subject line.
-
Junk mail can be REALLY nasty
As if you needed another reason to not like SPAM ( no, not the hormel product, we’re talking junk mail here.) A couple days ago I mentioned a post at the sans institute talking about an email that was circulating and the link within that email took you to a malicious site (redirected) and attempted to exploit one of the recently disclosed Windows vulnerabilities. The Security Fix talks about another in the recent round of expoit attempts and this one comes disguised as junkmail.
-
Ways to deal with Junk Mail (1 of 2)
Who hasn’t ever seen junk mail? From the offers for prescription drugs to offers for who knows what. Some mail programs give you a way to filter out different senders, but the senders of junk mail are always changing (like viruses.) So what other tools are there? (more…)
-
Mail Viruses Junk Spam Phishing and now Dark?
Okay, I’ve seen a new term come across the horizon in the battle of the email inbox. First there were viruses, then junk mail, which became known as Spam and then Phishing attacks now we’re up to DarkMail. According to scmagazine , an IT security focused publication, the earmarks of darkmail are similar to junkmail but greater in volume. According to the article one domain withstood 10 million messages in one day as the sender went alphabetically through addresses on the domain.
(more…)