On Sunday, September 8, 2002, at 07:00 PM, mji wrote:
> It's possible the Linux box was portscanned and probed, although I
> doubt
> that would be done just to send you some spam.
A port scan would hit a pretty thick firewall here. I think it's likely
they repeatedly tried name at lml.homedns.org with name replaced by a few
hundred of the most common names until they stopped getting errors
returned. I'm going to alter my sendmail configuration to silently
trash e-mail sent to unknown users at this domain instead of sending a
"no such user" error message.
> Also possible that there are
> user lists available from Dyndns that may be sold to spammers, who know
> those addresses are used primarily by home users, from there, a
> dictionary
> list would get something to you.
DynDNS has no way of knowing the user names on my system. But, it's
possible to dig at the domain and get all the subdomains of the form
xxx.homedns.org. Something like "host -l -v -t homedns.org" might do
it. (I tried it, but it times out on me.)
Also, DynDNS does not sell information to spammers. This is pretty
clear from their privacy statement:
>> It is the policy of Dynamic DNS Network Services, LLC ("DynDNS") to
>> protect the privacy of its Members. Therefore, DynDNS will not
>> monitor, edit, or disclose the contents of a Member's private
>> communications or data to a third party unless required to do so by
>> law or in the good faith belief that such action is necessary to:
>>
>> 1. Conform to the edicts of the law or comply with legal processes
>> served on DynDNS
>> 2. Protect and defend the rights or property of DynDNS
>> 3. Act under exigent circumstances to protect the personal safety of
>> its Members or the public
>> 4. Administer the system to maintain performance for Members.
>>
>>
>> DynDNS will never give out Member information to advertisers in any
>> form other than aggregate usage data. No personal information of any
>> kind will ever be shared with advertisers or other sponsors of >> DynDNS.
>>
>> Any financial data collected shall be stored in encrypted form, and
>> removed immediately upon user request.
>>
>> DynDNS does not share or sell marketing lists to third parties under
>> any circumstances.
--
Lee Larson, Mathematics Department, University of Louisville
Phone: 502-852-6826 FAX: 502-852-7132
The next meeting of the Louisville Computer Society will be September 24
For more information, see <http://www.aye.net/~lcs>. A calendar of
activities is at <http://www.calsnet.net/macusers>.
