Over the weekend I dealt with a (rather massive) spam campaign side effects.
These messages come in at an incredible rate where they contain the original headers you can see they are spammed from all over the address space (so it's likely to be a botnet sending it out). The error messages are in at least half a dozen languages.
The spams were spoofed to come from random names at a domain and all those responses from the victims only create more victims.
So in order to keep the Internet a place where we all can survive it is critical:
How do you survive this onslaught? You stop accepting the catch-all email and refuse all those incoming messages and/or -for those addresses you need to accept email- you start to drop all of those unwanted messages in a filter. Dropping MX records only works if you have no A record, but it might be an option. And no: you don't reply to any of them, there have been enough victims.
Personally I feel it's long overdue to really start implementing a usable alternative to the current email system. One of the requirements would be sender authentication and inability to create just a new identity after you got blacklisted.
Next comes that you might not be able to send much email anymore as there will be enough people who are misguided in assuming you or your domain in fact did send that message (the header forgery was not that bad, so some might even believe you relayed the messages).
If you do think you absolutely need fallback MX records, need DSN, ... well I'm sure you might sing a slightly different tune when are the victim of 10K messages in the first few minutes, and still going strong after many hours.
Swa Frantzen -- Section 66
Oct 8th 2006
1 decade ago