Bevan Rudge:
- Web developer at PreviousNext
- All-round Drupal Geek
- Free & Open Source Software advocate
Almost a month ago I blogged about how much spam I receive. At that time it was around one spam email per 100 seconds (average over the previous month). Since then I've updated my crude spam rate tracker twice and I'm now receiving approximately one spam every 90 seconds. If you look at the numbers carefully you'll noticed that today's count was less for all mailboxes except one; N L AR, the catch-all address for lucion.com.ar. The spam count for that mailbox increased dramatically from about 1000 to almost 4000. Most interestingly, I received almost 150 automated replies to spam messages from unused @lucion.com.ar addresses:
It would seem that a spammer is targeting lucion.com.ar as both a fictitious from address for their outgoing spam, and a spam recipient. Why would lucion.com.ar be targeted? Does anyone know how to foil this targeted spam? Should I turn off catch-all? Set up SPF?
I've also started receiving comment spam on this blog. Probably average about 3 per day -- all of the same style; usinge BB-code, random letters as titles and usernames and probably from the same botnet (they're from many unrelated IPs). Since I'm running this on drupal 6 RC1 I haven't put up any anti-spam defenses other than having all comments moderated. I assume that most or all of the best anti-comment spam contrib modules have not yet been ported to drupal 6. Are there any?
| Attachment | Size |
|---|---|
| lucion-christmas-mail2.png | 81.9 KB |
Bevan Rudge:
Recent Articles
- 1 of 26
- ››
Microblog
NZ is a developing country:
"can't serve high-resolution images. Cost too great—developing countries pay per Kb" http://t.co/Gz54oKLd
—
1 day 35 min ago
@steinmb not at the moment, but maybe late this year. You?
—
1 day 12 hours ago
@steinmb COME not gone
—
1 day 12 hours ago
@steinmb ah yes! :) when you gone and visit I'll make you one! :)
—
1 day 12 hours ago
@steinmb hmm, you are making my memory work harder than it's capable of. :(
—
1 day 12 hours ago
- 1 of 472
- ››
Comments
You are not specifically targeted
You are not selected!
Being spammed and having your addresses used for spamming is "standard practice" from the spammers. Usually they make up fake addresses though.
So if you can:
as said above, only accept mail to valid addresses and block the others
consider using blocklists (RBL) to not accept mail from known spamsites. You have to be careful in your selection, not to block valid mail.
use greylisting to weed out trojaned PC that are not yet in the RBL's
don't accept mail from senders persenting themselves with your "name" or IP
Don't ever accept a mail and then bounce it! If you do, you just add to the amount of junk, and you might get into blocklists for it.
/BoK
You could also create a white
You could also create a white list of email addresses you want to use, so that the spam mails to all the other aliases won't get to you.
Set up SPF
SPF record should help cut down on the people being able to use your domain as a from address.
Of course turning off the catch-all address would help as well - but this depends on your needs.