Date: Mon, 18 Jun 2001 08:58:06 +0300 From: Konstantinos Konstantinidis <kkonstan@duth.gr> To: "G. Adam Stanislav" <adam@whizkidtech.net>, chat@FreeBSD.ORG Subject: Re: Identity theft Message-ID: <3B2D986E.C590D002@duth.gr> References: <3.0.6.32.20010617140158.00e445b0@mail85.pair.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"G. Adam Stanislav" wrote: > > Some damn spammer has just stolen my identity! > > I have received a bunch of "returns" of undeliverable spam, all > having a "From: zen@buddhist.com" field (that is one of my emails). > > Among other things, the spam says, "Call 800-395-7379 to order > by credit card." I called that number to complain, but get an > answering machine with a full mailbox. (Feel free to call them > and give them a piece of your mind, too--how else are we going > to stop this nonsense!) > > Arrrrrrrrrrrrrrrrrrrrrgh!!!!!!!!!!!!! > > Adam There is nothing more annoying than a list you participate into getting spammed with a forged email using *your* domain. Very, very nasty, and it happened very recently to me, with one of my private domains :( Anyway, having spam bounce back to you is absolutely evil. In one case that both me and another senior admin were away for several hours, suddenly spam started flooding in and by pure bad lack it was bouncing to a really old DEC 7000 running OSF/1 that was chugging along with some mailing lists among other things. Anyway, it was way to slow compared to the flow of bounces, and didn't last long either. We got to see the most outrageously large queues ever on our MXs. We're talking several orders of magnitude more traffic than we usually do. Solaris simply could not handle it. When I took over it was panicing, and right after booting rapidly reaching loads in excess of 30 and promptly panicing again. We're talking hundreds of thousands of which is really way out of proportion for our site. If that's not a DDoS, I don't know *what* is. The entire known universe, and then some, seemed to bounce spam to us at a ridiculous rate. After fighting with it for a good half hour I gave up - I just went over there and quickly set up a FreeBSD 4.1.1-RELEASE box on a fast intel box to take over as an MX so that mail flow could resume, and then tried to tweak sendmail so that it would slowly process the queue, but to no avail, try as much as I could, the result was either an outrageous long estimated time of getting over with it (in the order of days), or panics. I finally set another FreeBSD box up, transfered the mail queues over and let it process it overnight... Whoever tells me again that spam is harmless, it isn't a big deal to hit "delete" a few times a day or whatnot, will receive a punch in the face. Honestly. Currently my /etc/mail/access is >1000 lines like this: foo@bar.ourdomain \ 550 We didn't sent this and we don't want it either. It grows quite fast too! Wouldn't it be nice if we could just sue the spammers for damages? Heck, it's becoming a full time job nowadays to keep your MXs from wasting resources on stuff like that, and I know of several other incidents where mail access to several domains just went down for hours due to spam activity... That, and the fact that you get loads of abuse reports for spam that you had nothing to do with, and in fact you were more of a victim than anyone else that bothers to complain but can't figure out who is at fault... Sure, they get an auto-reply explaining a few things so that we don't have to respond to each one of them, but still it does damage your reputation as well as placing unnecessary burden on personel, hardware and bandwidth... --kkonstan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B2D986E.C590D002>