| Date: Mon, 10 Sep 2007 11:24:07 +0100
| From: Nick Murtagh <nickm at go2.ie>
|
| Brian Foster wrote:
| >[ ... ] I believe this is known as “backscatter”.
|
| It's called a Joe Job, and there's not much you can do about it, short
| of disabled the email account or waiting till it stops.
disabling the mail account is NOT an option
(it's my _main_ account!). waiting until it
stops is what I've done in the past (more on
this below).
I've heard it refered to as a “joe job”, but
have always understood that term to mean a
_deliberate_ attempt to damage the services
or reputation of the victim. “backscatter”
is simply e-mail bounces sent to an innocent
(e.g., faked) e-address, which is what is
happening here. Wikipedia agrees with me:
“ Online, a joe job (or Joe job) is a spam attack
using spoofed sender data and aimed at tarnishing
the reputation of the apparent sender and/or induce
the recipients to take action against him (see also
e-mail spoofing). For a related phenomenon that is
not targeted directly at a particular victim, see
backscatter of email spam.”
— http://en.wikipedia.org/wiki/Joe_job
“Backscatter of email spam
The term "backscatter" is also used to describe a
side-effect of email spam [ ... ]. Since [ 2002 ],
a large proportion of malignant email is sent with
a forged sender address, but some mail servers do
not take this into account. They generate bounce
messages for spam or viruses - which of course go
to an innocent party.”
— http://en.wikipedia.org/wiki/Backscatter#Backscatter_of_email_spam
be that as it may, just waiting until the
storm passes is what I've always done in
the past. what makes the current flood
different is the sheer volume. I don't have
any numbers available ATM, but my recollection
is past incidences have been on the order of a
few hundred bounces over the course of a week;
this one is at most 12 hours old, has caused
perhaps an order of magnitude more bounces(!),
and appears to still be ongoing. ;-\
( I _suppose_ the magnitude hints it could be
a joe job in the Wikipedia sense — a malicious
attack me _me_ — but I haven't the faintest
idea why anyone would be doing that!? )
cheers!
-blf-
--
▶ ▶ I AM CURRENTLY LOOKING FOR A JOB! ◀ ◀ | Brian Foster
Experienced (>25 yrs) software engineer: | Montpellier, FRANCE
• Unix, Linux, embedded, design-for-test; | Stop E$$o (ExxonMobile)!
• Software/hardware co-design, debugging; | http:/www.stopesso.com
• Kernels, drivers, filesystems, &tc; Résumé (CV) & contact details:
• IDL, automated testing, process, &tc. http://www.blf.utvinternet.ie
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
