[sniffer] Re: Increase in spam

[Matt]

My connection traffic doubled over the course of two weeks.  This started on about the 9th, and seems to have peaked and leveled off last week.  The increase was mostly due to a new brute force spammer (a.k.a. dictionary attack), but static spam seems to have also increased by about 20%.  I believe the static spam increase is Scott Richter lighting his companies back up, mostly at carolina.net, in addition to the brute force zombie spam and massive increase in backscatter that these attacks are causing.  About 10% of connections to our gateways are the result of backscatter, with 30% of that coming from FrontBridge alone (bigfish.net). The new brute force spamming is not just simply higher volume, it also has more targets than before.  This has helped to expose several customer's accounts that had a domain aliased with a catch-all and forwarded to an account that we were protecting.  Previously, we never saw this since those domains weren't being attacked.  I have no clue as to why anyone is still providing catch-alls, especially mail forwarding services like BulkRegister.  It just seems like a good way to limit the capacity of a server by 75% or more. Matt Pete McNeil wrote: Hello Andrew, Wednesday, October 25, 2006, 1:33:20 PM, you wrote: For another organization's graph of spam trends as received by them, check out the updated graphs at TQM cubed: http://tqmcube.com/tide.php Their graph shows a sharp uptick at the end of June 2006. ...and a new upward trend around 0917. That's consistent with what we've seen. _M ############################################################# This message is sent to you because you are subscribed to the mailing list <sniffer@sortmonster.com>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>