Some @n@l orifice is sending out spam using my long-time email address as the return address. So I get all the bounces. Typically, it’s about a thousand emails, in addition to the usual spam, and this is the third time this week (which makes me wonder how many of them don’t bounce, and actually get through). And I can’t filter it, because I have to know if email bounces, in case someone I was actually trying to send email to bounced.
But when these attacks happen, I have to just delete it all, because life is too short to go through them on the off chance that one in a thousand will actually be a legitimate bounced email.
I know Clark’s law (no, not Clarke’s Laws). The one that says that any sufficiently advanced amount of cluelessness is indistinguishable from malice, but it’s hard for me to believe that this is not intentional. I don’t know if my having to deal with all of this extraneous unfilterable email is the intent, or it’s just a side effect of the desire to make me look like a purveyor of p3nis enlargement devices and drugs.
Anyway, if I seem unusually testy, you know why.
I had the same thing happen yesterday to two of my accounts, one far more than the other. About a thousand “Undeliverable” bounces. It has tapered off a fair amount today.
I doubt it’s intentional. I own multiple domain names and every one has been hit by this multiple times over the last few years.
I doubt it’s intentional. I own multiple domain names and every one has been hit by this multiple times over the last few years.
So have I. I can deal with domain name attacks by restricting which usernames I see. When I was seeing this thing with domain names, it would be thousands, rather than hundreds a day, and the spam would go out as randomnonsensename@domain.com. This was a specific attack by my specific email address (myname@mydomain).
All emails “from” you should have your mailserver in the MESSAGE ID field. If the email is FROM: you but doesn’t have your mailserver in the Message ID field, bit-bucket it.
It is even better when you get spam messages from yourself. Gotta love those worm viruses and their nifty little mailer daemons.
happens to me all of the time. Spam (I even get my own spam!) from my specific email name. Highly doubt it’s directed specifically at you.
Actually, it is intentional. Spammers often use real addresses as the “from:” address (sometimes with the real name attributed to the address, usually with a fake name attributed to the address). I believe that what is happening is that they take the address from their list of addresses to spam, on the grounds that it prevents people from effectively filtering on “from:” names or domains. And as another plus, the spammers don’t have to deal with the bounces.
Here’s the thing: email is fundamentally broken, to the point of being nearly useless. The signal is now so low in the sea of noise that it is almost unrecognizable, and both I and a lot of my friends (techies all) are nearly to the point of not using email any more. And it’s not just email: how much spam has to be filtered from any blog that accepts comments? What is needed is a fundamental infrastructural change.
Some argue that email can be tweaked (usually by crpytographically signing the mail) to create non-deniability, though that has a hole: you can’t really know the keys of everyone who might send you mail, and nothing would stop spammers from rotating through many signing keys, and it doesn’t solve the problem of spam in other contexts. I tend to argue that IP needs to be reimplemented to be non-deniable (thanks, MS, for making sure that IPv6 was stripped of its security provisions). That way, any IP that sends spam can be definitively removed from being allowed to send you traffic, and any given compromised IP would only be a problem (to any given admin) once. In any case, though, the legitimate traffic on the internet is somewhere down around 1% of the total traffic, if I can believe various router logs, and at some point that has to get fixed.
Jeff, obviously it’s intentional. My question is whether or not it’s personal. Are they deliberately targeting me, or would any email address work for their purpose, and I’m just unlucky?
I agree on the point that email is broken, perhaps beyond repair. Unfortunately, too many people that I do business with continue to use it. I’ve tried to get people to move to private blogs, with limited success.
I don’t know but would tend to doubt it’s targeted as a personal attack.
However your problem increases my curiosity on anti-spam measures because there seems to be solutions that actually work. I don’t run my own mail-server (and know little about them) and I don’t know the specifics but I see the results: I get zero spam on the accounts hosted by my ISP. No lost mail of importance either (none at all as far as I know). I used to get plenty of spam but they changed something because a few years ago all the spam just disappeared.
Just saying there must be solutions out there (don’t know why Google doesn’t use it, I get tons of spam over there, mostly correctly presorted but not always and thus still a pain).