Deluged with spam

· by Steve · Read in about 2 min · (345 Words)

SpamI normally get a fair amount of spam. This is mostly down to owning a number of domains and having the default address set to me in case someone decides to email a random address like guru@ogre3d.org - spammers frequently scatter-shot emails at popular domains or use those domains as spoof return addresses for spams to others. I’ve pretty much just resigned myself to dealing with this, and recruit several layers of filtering using the likes of SpamAssassin, Exim filters and Thunderbird to keep me sane.

However, I’m not sure what the hell happened in the last couple of days, but there’s been a huge jump in the spam I receive. Normally I get about 50 or so a day (most of which are automatically junked), in the last 48 hours I’ve had in excess of 8,000. Yes, there isn’t an extra zero on that - it really is eight thousand pieces of junk mail. I’m lucky that my automatic defenses dealt with around 95% of them, but that still left a couple of hundred to process manually. Most of which were ‘out of office’ or ‘please validate your email’ auto-replies - my filters catch error bounces caused by people spamming others using a forged return address from one of my domains, since SMTP error codes are predictable, but there are much larger variations of these sorts of automatic replies and some slip through. Normally that’s just a handful a day, but the sheer volume in the last couple of days has been crippling. I’ve observed before that spam volumes appear to run in cycles - presumably as they get shut down in one place, or a security hole allowing the creation of spam zombies is discovered / blocked etc.

I’ll now have to be more ruthless and just reject mails to anything but valid addresses on my domains, and expect people just to make sure they get it right. It’s nice to have a nice fallback but when spammers forge 3000 variations of tastywheatnnn@oneofmydomains.com as a return addresses when spamming others, enough is enough.