Hi Mike, >Just to prove a point, I once set up a hotmail account, never mentioned it >to anyone, never used it, never sent any email from it, yet two weeks >later it overflowed with spam. Of course Microsoft never allows spammers >to use their mail addresses, so I haven't got a clue how anyone knew to spam >it.
One way to collect email addresses is to do a "dictionary Attack" on a mail server. An email engine just attempts to send email to a specific domain using every name and name/funnyletters/number combination it can think of. It then looks at what bounces back and what is accepted and assumes that what doesn't bounce is probably a real email address so that goes into the "good email address" list. <subtleplug>Being a _full_ hosting provider</subtleplug> we see this happening all of the time on our mail servers. Roughly a Gigabyte of traffic a month typically, and all just scanning rubbish. It used to a _lot_ more but we implemented a scheme where if a particular IP address tries to send more than a fixed number of emails a second to us then we ban that IP address for an hour and that will make the scanner go away and try somewhere else. It also stops spam engines quite effectively :-) -- Yours, Kym --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004
