[nsp-sec] Bounce message backscatter attack against abuse mailbox
Arttu Lehmuskallio
arttu.lehmuskallio at teliasonera.com
Thu Apr 24 10:07:38 EDT 2008
> Just FYI more than anything, we're seeing the second bounce message
> backscatter attack targeted at our abuse@ mailbox in 12 hours.
>
> Wondered if anyone else is seeing an increase in rate of this sort of
> thing?
Oh yes. We've received few thousand bounces/day to our abuse@'s,
starting last monday. Spams themselves seem to be your basic variety of
viagra, penis enlargement pills, replicas etc (e.g. not just a single
joe job, like they usually are).
> We already correctly recognise them as bounces and don't open cases
> for them anyway.
Given the number of crap abuse@ gets, we changed our workflow system
to opt-in years ago, meaning that we handpick the mails we want to
automatically throw into the database (dshield, mynetwatchman, spamcop
etc) and deal with the rest manually, rather than deleting hundreds of
spams from the workflow every day. Or are you running a spam filter in
front of your abuse@? ;)
Arttu
More information about the nsp-security
mailing list