[svlug] Sudden increase in spam volume
Rick Moen
rick at linuxmafia.com
Thu Dec 7 12:40:23 PST 2006
Quoting Kevin Smathers (kevin at ank.com):
> Just wondering if anyone else has noticed a sudden spike in low-quality
> spam at your domains.
Some botnet has recently deployed a huge number of newly zombified IPs
on broadband, etc., and is using them to crank out both pump'n'dump
stock-fraud scammail and attempts to poison people's bayesian filters
using nonsense text.
Manually fed bayesian filters will help. (Turn off autolearn.) DNSBLs
of the DUL (dial-up list) variety, ditto. And greylisting. And of
course rejecting non-RFC-compliant mail of all sorts (just because
that correlates highly with spam and malwaremail, though it's your
policy call about willingness to deal with the false positives as
one-off approved exceptions).
Secondary effects such as erroneous DNSs to forged addresses are hitting
the Net heavily, too -- especially many mailing list hosts and other
forwarders.
> I would just ignore it, but it is consuming a fair amount of bandwidth....
Yours and everyone else's. ;->
More information about the Svlug
mailing list