Virus flood

1084231649000

Yesterday I recieved nearly 300 viruses in a 30 minute window. This mailer apparently send the virus to [email protected], where randomname was a name or sequence of letters chosen at random.

Out of laziness I had configured my qmail installation to forward [email protected] to my own address. I need no further proof that this is a bad idea. I immidately reconfigured my server to bounce all unwanted messages and created forwards for all the addresses that I do want to recieve mail on. The number of virus mails dropped drastically.

Another point worth mentioning is that the from and sender email addresses in these messages are forged. It's a quite common tactic with spammers.

Many mail servers and desktop mail clients have blacklists that reject mail from supposed spammers. Unfortunately some of these systems black list the email address and not the originating mail server. As a result thousands of perfectly innocent people get into these black lists and find that they cannot send legitimate mails to some addresses.

comments powered by Disqus