Monday, March 17, 2008

Spam Domains on Blogger

We have been working on some new scheme's to trace spam by it's payload
My project names are ( ( and (
There have been many very interesting things uncovered and I think we have a way to product better blacklists.

Currently my server is getting about 15 Gb of SPAM per day, and almost out ways all of my web traffic combined. Thank goodness Q-mail is solid.

Every since we started to post a list, there has been a sharp increase in DOS attacks, random password guessing and the like. As well as several letters including threating legal action!!!

Interesting thing is almost no one have even viewed the page with that list! So it seems it only the spammers them selves paying attention.

How are we sure these are spams? Simple. These were sent to Domains that don't get E-mail.
or nonexistent user accounts. These are domain that were never previously owned, so it's not some legacy thing either. For example they will send to , and and
Well there has never been any of these accounts, they just guessed them or someone just made up some and sold it to some poor sap that now is trying to spam to these worthless not legitimate Email accounts.
Others are honey pots, where the addresses are hidden on pages in white text on a white background, so only bot's could find them, or also hidden in comment fields.
There are other tricks too.

In the mean time we found many of these spam payloads send users to this very Google blog site! Yes blogspot, aka !!!Below is the list we have so far.

686 subdomains!

No comments: