Greg Hewgill (ghewgill) wrote,
Greg Hewgill
ghewgill

mydoom update

Well I finally got around to configuring my mail server to send all mail addressed to Mydoom's set of 47 forged addresses, straight to the bit bucket.

Since sometime last night, I received 1415 incoming messages that were detected by my Mydoom filter and sent off to a specific folder. Only 183 of those were directly addressed to <greg@hewgill.com>, the rest were to addresses such as <ted@hewgill.com>, <maria@hewgill.com>, etc., which don't exist and were therefore sent to my own mailbox.

In the last two minutes my mail server has received 10 messages for linda, brent, jose, jack, ted, anna, michael, dave, serg, and sandra.

After having some trouble with my greylisting implementation over the weekend, I've turned it back on and the Mydoom activity may be subsiding. It might be too early to tell for sure though.

The conclusion for this morning is that delivering all misaddressed mail to your own mailbox amplifies the Mydoom problem significantly. (Yes, that's obvious. It's early, give me a break.)
Tags: spam
Subscribe

  • url blacklists

    One of the most useful antispam techniques of late has been the "URL blacklist". This compares all URLs found within a message body against one or…

  • another spam filter rendered ineffective

    A while ago I turned up as much spam and junk mail protection stuff as I could find in my Postfix configuration. Specifically, I had the following…

  • stock spam disclaimer

    I happened to read the disclaimer text at the bottom of a stock spam I got today. I was amused (emphasis mine): Information within this report…

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 3 comments