Jason Granat wrote:
Yeah, and here's the kicker. He personally has two separate email accounts. One is published in every Thomas Register, trade journal, phone book, etc... No brainer for spam there. It's also the one he uses as his primary account. The other address is unpublished and "rarely used", according to him, so it should receive very little or no spam at all in his opinion. Howver (anyone surprised?), both are getting the identical same spam at the same time, so he has concluded in his mind that someone has either broken in to our network and "harvested" the addresses, or someone internally (should I feel pressure here?) is doing something fishy on purpose.
That's a common feeling from people who have been told "never give out your email address", but never see mail logs.
Spammers know your domain exists, we know that. I'd bet that his double-secret address isn't exactly the MD5 hash of the lyrics to his favorite song. Enough dictionary attacks have been going on for the last few months at least for spammers to discover *every* email address on your server.
Hell, I once caught a dumbass trying to brute force my server's user list... started with aaa, went to aab, aac... was up to four or five letters before I noticed (this was back before I discovered BAD_RCPT_THROTTLE).
End users sometimes like to think that email admins are selling lists of addresses. I haven't shopped around, but I doubt you could get more than a penny per name. Let's do the math... is it likely you're pissing off your entire user base (and creating headaches for yourself) for an extra... oh $10 a month?
