Live Free or Die Hard

Spoiler alert. This past weekend, I got a chance to watch the 4th installment in the Die Hard series, Live Free or Die Hard.  I hadn’t seen the whole thing end-to-end before, only parts of it.  It was nice to finally get a chance to see the whole thing. Overall, I like it.  It’s so…

4

The evolving MAAWG

MAAWG is an organization that started up in response to the spam problem.  Its official name is the Messaging Anti-Abuse Working Group, and they are meeting this week in Philadelphia to discuss all things abusive.  I didn’t go this time around, but maybe in the future I will secure my attendance.  DarkReading has an interesting…

1

What’s waledac up to these days?

Just for the fun of it, I decided to check some statistics on the waledac botnet.  I got the total number of distinct IPs sending us spam and broke them out by how much spam they were sending us, by country, for Oct 22, 2009.  Below are the results. What’s interesting about this list of…

0

Things we can learn from Animaniacs

Does anyone remember that cartoon from the 1990’s, Animaniacs? It was a pretty good cartoon for its short run.  One of the segments that they aired was called “Good Idea, Bad Idea”.  It was a short clip segment.  It would go something like this: It’s time for another good idea, bad idea.  Good idea: giving…

3

Keeping track of botnets

A couple of months ago, I posted a one-day snapshot of how much spam we see from individual botnets.  I’ve been keeping track since July 29 on the biggest ones that have names, and only for IPs that get past our RBLs.  At the time of my first post, I thought that the stats wouldn’t…

0

I don’t know what it is…

I don’t know what it is, but whenever I hear the name of the waledac botnet, I always think of Wario from the Super Mario Bros. series.  Something about both starting with the letters Wa, both being three syllables, both being bad guys, both using nefarious tactics to accomplish their goals… I came across the…

0

Fooled today… almost

Today, I got a spam in my junk mail folder that nearly fooled me.  Below are the headers with some information removed to protect trade secrets: Received: from VA3EHSMHS008.bigfish.com (unknown [10.7.14.235]) by mail29-va3.bigfish.com (Postfix) with ESMTP id 0C2D9368054 for <munged@microsoft.com>; Fri, 16 Oct 2009 23:46:34 +0000 (UTC) Received: from waledac (110.46.151.204) by VA3EHSMHS008.bigfish.com (10.7.99.18) with…

0

Best practices for sending outbound mail

One of the questions that I am frequently asked is if we get a sudden burst of outbound mail from a customer using us to send outbound, will we throttle their mail?  Throttling is the process of slowing down outbound mail such that a sending organization can only send a certain amount of messages in…

0

How to reclaim your sender reputation, part 10 – Results

Results Forefront Online (ie, us) has come a long way in reclaiming its outbound reputation. The question now is this – has it worked? I will report on some anecdotal evidence. The Good To determine whether or not we have gotten better, I prefer to check 3rd party sources. While we may think that we…

0

How to reclaim your sender reputation, part 9 – disabling offenders

Continuing on in my 9 part series, the process of mitigating an outbound spam problem occurs in a two-fold manner. Usually they are mutually exclusive, but one can lead to the other. Cutting off mail only for the offending email address This is the default position. If only one email address is responsible for sending…

0

Are we seeing more spam from Gmail, Hotmail and Yahoo?

Last week, I commented on the the Gmail/Hotmail/Yahoo username and password leak.  The question we now ask is whether or not we are seeing an increased amount of spam from those services.  The folks from All Spammed Up recently posted that various experts were claiming that this is the case. I disagree. Below are the…

0

How to reclaim your sender reputation, part 8 – More pattern analysis

Islands Islands are named that way because their appearance looks like an island – a time zone infraction in which the middle sticks out above the others. Another term for this pattern is the head-and-shoulders pattern. Islands are the most ambiguous scenarios because while they indicate that a problem existed in the past, it is…

0

Yahoo, Gmail, Hotmail compromised

I wasn’t going to comment on this until later, but the story is spreading; there’s a link off the Yahoo Canada homepage.  10,000 usernames and passwords were posted this past week, victims of a phishing scam.  From Computerworld: If (technology blog) Neowin’s account is accurate, the Hotmail hack or phishing attack would be one of…

0

How to reclaim your sender reputation, part 7 – Pattern analysis

Mountains A mountain pattern is when each subsequent monitoring of an outbound spam problem is worse than the previous time. It looks like you are climbing a mountain. Once a threshold is crossed, an alert is generated. Mountains generate the most obvious tells that a problem is occurring. If the amount of outbound spam keeps…

0

The multinational nature of spam

I received a spam message the other day that went to my Junk Mail Folder.  I decided to take a look at it and dissect it piece by piece.  It really is amazing to see how spam crosses so many international borders and exploits so many different machines.  Spammers have their own globally redundant infrastructure. …

0