Jason, if the name on the second account is something like
j34klp23_ddmth and it gets the same amount of spam as john_doe
then somebody harvested names. If the names are something like
jdoe and john_doe then the spammers merely guessed at names and
are spraying widely. That can be partially guessed by the "no
such account" email that sendmail has dealt with.
Of course, ONE usage at just the wrong time and place gets the
name out to the spammers and you have to change it.
{^_^}
----- Original Message -----
From: "Jason Granat" <[EMAIL PROTECTED]>
> Yeah, and here's the kicker. He personally has two separate email
> accounts. One is published in every Thomas Register, trade journal,
> phone book, etc... No brainer for spam there. It's also the one he
> uses as his primary account. The other address is unpublished and
> "rarely used", according to him, so it should receive very little or no
> spam at all in his opinion. Howver (anyone surprised?), both are
> getting the identical same spam at the same time, so he has concluded in
> his mind that someone has either broken in to our network and
> "harvested" the addresses, or someone internally (should I feel pressure
> here?) is doing something fishy on purpose.
>
> Some people just shouldn't be allowed to use computers...
>
> Paul Boven wrote:
>
> > Hi Jason,
> >
> > Jason Granat wrote:
> >
> >> I am under the gun to prove a point. We have a spambox account that
> >> catches roughly 500-700 spams per day, company wide. We have about
> >> 10 highly active email users. My boss thinks it's rediculous that so
> >> much spam is being sent to us. Very little spam actually gets to the
> >> users. He's upset that spam comes in at all. He thinks it's just
> >> our organization that receives all this spam. What I would like to
> >> have is some typical statistics to show him that it's not just our
> >> orginization that receives spam. Are there any resources out there
> >> to look this up? Would any of you be willing to divulge your spam
> >> statistics?
> >
> >
> > I pity you for having to work under that kind of management. ;-)
> >
> > Here are some stats from our mailserver, for the last week:
> >
> > inbound ham spam rej
> > Per day 4699 2035 1178 1486
> > % 100 43 25 31
> >
> > Spam-filter performance:
> >
> > seen ham spam FN FP
> > Per day 3123 2035 1178 30 0
> >
> > The spam-filter only gets to see the messages that have not been
> > rejected. FN and FP are false negatives (undetected spam) and false
> > positives (incorrectly marked as spam). So how well is SpamAssassin +
> > Bayes doing in this case? There are several ways to calculate.
> >
> > % of mail that was misqualified:
> > 100% * (FN + FP) / seen = 0.63%
> >
> > % of 'bad' mail that still makes it to the user:
> > 100% * FN / (spam + rej + FN) = 1.11 %
> >
> > % of mail that was misqualified by SpamAssassin:
> > 100% * FN / (ham + spam) = 0.96%
> >
> > % of received spam that didn't get tagged:
> > 100% * FN / (spam + FN) = 2.48%
> >
> > Take your pick of any of those four numbers, they all mean the same
> > thing. The actual performance of the filter in my opinion is 0.63%,
> > but just looking at their spam-folder and inbox, a user might claim
> > that the filter is only 2.48% effective.
> >
> > Regards, Paul Boven.
>
