50 minutes later, and I'm almost 17% done downloading them all. Math says this will take about 4.6 hours
|someWord@myDomain.com, anotherWord@myDomain.com, |
Take care that your server does not receive more spam mails faster than you can retrieve them ...
So, as a first measure, it may be wise to switch 'catch-all' off ...
Over the years I have had different spam filters ranging from spam-assassin in our server, Postini and even a long list of custom filters on my mail server.
Strangely a few years ago I tried Yahoo as a webserver for multiple of our domains. When I left I think they sold our alias list of names because since then our spam quadrupled.
I recently changed over to www.spamstopshere.com and setup multiple domains to pas the MX records thru.
My SPAM is down from 1000ís a day to just a few a day. Their GUI is the easiest to use and well worth the $$$$$
Oh a quick note your server may be set as a "Open Relay" check into it as my old Cobalt year ago was accidently set and the flood gates of spam were pouring in.
A open relay is having a 3rd party use your server to distribute spam so they cannot be traced.
7:13 PM, and still downloading...
|7:13 PM, and still downloading... |
Do you receive emails from some of your websites? Do you have any type of .exe running that sends out a newsletter or promotion?
There was a time where I thought we were under a brute email spam assault. Come to find out, one of our .exe's for email promotions got stuck due to an invalid character somewhere in the email. The system didn't catch it and the emails bled out over a period of 5 hours before it was caught. All to the same recipient. Got us Blacklisted too. :(
Brutal. My sympathies. Be glad you're not on dial-up. If that happened to me, it would take days :-)
Have you checked to see if there's an IP# or range responsible that you can block?
Instead of downloading all these messages, why don't you delete them on the server ?
|Instead of downloading all these messages, why don't you delete them on the server ? |
My thoughts exactly.
I had similar problems while using my website mail service until I switched to Gmail.
Now I can quickly delete any problems BEFORE downloading to my computer.
With this type of attack, you're probably not the intended target. The spammer most likely intended for the messages to bounce the invalid account names instead of collecting in your "catch all" box. Certain MTAs, such as Qmail, will bounce these messages, with the receipient being the forged return header. So if you get rid of the catch all, your mail server may bounce the messages, basically sending out mail for the spammer, who's intended recipient is the forged return address.