Re: [mailop] signup form abuse

2016-05-24 Thread TR Shaw
You might want to checkout e-hawk.net as Franck suggested. Or checkout others in area. > On May 24, 2016, at 9:53 PM, Robert Mueller wrote: > > >> I wonder what the point is. How does the bad guy monetize it, or is it a >> coordinated attack against a specific victim? What

Re: [mailop] signup form abuse

2016-05-24 Thread Robert Mueller
> I wonder what the point is. How does the bad guy monetize it, or is it a > coordinated attack against a specific victim? What other nefarious > issues? Making the address useless or burying some other mail in the > midst of the junk would seem to be a possibility. > > If an attack against a

[mailop] Yahoo! issues for a while today?

2016-05-24 Thread Frank Bulk
We saw a few messages backed up with our email server logging these items: Site yahoo.com (63.250.192.46) said in response to MAIL FROM (451 4.3.2 Internal error reading data) Site yahoo.com (98.136.216.25) said after data sent: 451 Resources temporarily not available - Please try

Re: [mailop] signup form abuse

2016-05-24 Thread Michael Wise via mailop
I suspect it's the hiding angle, but it's hard to tell. It does seem to be someone offering a, "Service" out of Eastern Europe. If the lists were unconfirmed, we'd block them; so the attack needs to use confirmed lists, and just bombard the target with what is, at least in theory, unblockable

Re: [mailop] signup form abuse

2016-05-24 Thread Jay Hennigan
On 5/24/16 12:26 PM, Michael Wise wrote: We're still seeing cases where a malicious actor, typically in Eastern Europe, will try and sign up a target email address for thousands of lists all at once, flooding their mailbox with confirmation traffic , perhaps to hide some other nefarious

Re: [mailop] signup form abuse

2016-05-24 Thread Vladimir Dubrovin via mailop
You definitely need anti-bot protection because currently you produce bounce SPAM and may be used for targeted SPAM / DDoS, especially if you reflect some user input (e.g. First name / last name). Currently, bots of this kind do not bother to emulate user behavior and checking user have visited

Re: [mailop] signup form abuse

2016-05-24 Thread Michael Wise via mailop
We're still seeing cases where a malicious actor, typically in Eastern Europe, will try and sign up a target email address for thousands of lists all at once, flooding their mailbox with confirmation traffic , perhaps to hide some other nefarious issues. If we could standardize the

Re: [mailop] signup form abuse

2016-05-24 Thread Jay Hennigan
On 5/24/16 10:17 AM, Vick Khera wrote: As an ESP, we host mailing list signup forms for many customers. Of late, it appears they have been getting pounded on with fraudulent signups for real addresses. Sometimes the people confirm by clicking the confirmation link in the message and we are left

Re: [mailop] signup form abuse

2016-05-24 Thread Franck Martin via mailop
Not new story, people have devised systems to avoid the creation of such accounts: http://bits.blogs.nytimes.com/2013/04/05/fake-twitter-followers-becomes-multimillion-dollar-business/?_r=0 You could for instance use data from http://www.e-hawk.net/ (I'm not endorsing them, just a company that

[mailop] signup form abuse

2016-05-24 Thread Vick Khera
As an ESP, we host mailing list signup forms for many customers. Of late, it appears they have been getting pounded on with fraudulent signups for real addresses. Sometimes the people confirm by clicking the confirmation link in the message and we are left scratching our heads as to why they would