Recent SPAM problems - when bad gets worse!

Since early on Saturday (9th Feb, 2002), we have been the innocent victim of a major spam attack, with up to 5,000 messages per MINUTE being received by our mail servers. Fortunately, none of our customers are being affected by this, however thousands of people worldwide have been affected and are incorrectly blaming us!

Most of this spam is sent through open relays or deliberate spam-relaying servers located (predominantly) in Korea, Canada and Poland, however new servers are appearing all the time.

In technical terms, what is happening is that mail is being sent by these spammers to addresses all over the world - some of which exist, many do not - yet the spammers are FORGING fake addresses at our domain.
Mail servers are unfortunately trying to notify the (forged) sender when mail is undeliverable - by sending it to our mail servers. Most of these forged addresses seem to be of the form maxwell8673216740@albury.net.au (where the number part is changed each time). We're also seeing "blade", "jeff" and possibly others to replace the "maxwell" part. All are fake, none have ever existed here.

People who are receiving this abuse mail are often incorrectly believing the spam has come from our domain - and complaining to us about it. Some get quite abusive. I say again, THIS MATERIAL DID NOT ORIGINATE FROM ANY OF OUR USERS, NOR HAS IT PASSED THROUGH ANY OF OUR SYSTEMS.

If you have received one of these mail messages, please check the full headers and use one of the recognised spam-analysing services. Two reasonable ones are http://3dmail.com/spam/ and http://spamcop.net/.

If you still wish to report spam, please use the RFC-specified address specifically for the reporting of spam and other network abuse - abuse@albury.net.au (or abuse@ whatever domain you find the REAL source is)


(Published on 15-Feb-2002 08:46 by RossW, read 791 times)
Missed an article? Check the archives