| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: j.riden at massey.ac.nz (James Riden) Subject: Spam sent via spambots? Nick FitzGerald <nick@...us-l.demon.co.uk> writes: > J.A. Terranson wrote: > > <<snip>> >> > And further, does anyone have any idea how to pick apart how much of >> > that is simply relaying type activity vs.dedicated spam-bot activity? >> >> Does it matter? > > Yes, as many of the former are simply due to (legitimate user) > misconfiguration and do not provide any form of backdooring to the > system, whereas the spammers are much more actively involved in > "managing" the latter and can actively update/replace/supplement the > code running on them. Thus the latter are much more likely able to > avoid (or perhaps "survive") "fixing". Very little spam seems to come from traditional open mail relays these days. A lot of the stuff I look at has come direct from the spammer themselves, or from dynamic space, or university resnets. I can't give accurate statistics though, because we're rejecting mail at our MXs using sbl-xbl.spamhaus.org, which is specifically designed to stop this kind of thing in the first place. (Last time I checked, XBL was a composite of CBL, http://cbl.abuseat.org/ and OPM, an open proxy list - see http://www.spamhaus.org/xbl ) cheers, Jamie -- James Riden / j.riden@...sey.ac.nz / Systems Security Engineer Information Technology Services, Massey University, NZ. GPG public key available at: http://www.massey.ac.nz/~jriden/
Powered by blists - more mailing lists