|
|
|
Backscatter Spam Is Back
By: Brian Prince
2008-04-04
Article Rating: / 5
There are 7 user comments on this Network Security & Hardware story.
Spammers resurrected a tried-and-true method in March to wreak havoc on in-boxes, mail servers and networks, Symantec says.
Spammers increasingly used an old standby in March to reach e-mail inboxes backscatter.
The practice is back and Symantec researchers are calling it a wake-up call for MTA (mail transfer agent) administrators.
In Symantec's monthly State of Spam report, researchers reported that an increase in bounced messages had led to spammers forging sending e-mail addresses and putting them in the "From" header of their spam messages. The report noted that e-mail processing programs that fire back the full content of a bounced message to the apparent sender of an e-mail create another spam attack vector.
The report states, "Spammers take advantage of MTA (mail transfer agent) programs, which can be configured to send back not only a list of failed recipient addresses, and an explanation [of] why each address failed, but also a copy of the original message in its entirety. Spammers can then bounce their messages around the Internet until they end up in someone's spam folder, or worse, inbox. Since many users want to know if they have accidentally misspelled their friends' e-mail addresses by getting a failed recipient message, these bounced messages will often go unblocked due to configurations of anti-spam filters."
While the technique is not new, Symantec officials said MTA administrators should take heed.
"The effect on corporate networks in relation to bounce message spam is potentially an increase in bandwidth and an influx of unwanted spam messages in users' inboxes with a resulting loss in productivity," said Dermot Harnett, principal analyst with Symantec anti-spam engineering. "MTA programs could be configured so that they do not send back a copy of the original message in its entirety. Additionally, security protocols do exist [that] allow outgoing messages to be signed."
"If a bounce message occurs, the recipient will be able to determine if the message is a 'true' bounce message or if the bounce message has occurred as a consequence of spammer's actions."
The majority of the bounced e-mails observed by Symantec were Russian-language messages, though many of the originating IP addresses were from across the globe. The United States, however, continued to be the top country of origin for spam, leading the way with nearly 25 percent, according to the report. Overall, Symantec researchers found spam accounted for an average of 81 percent of all e-mail during March.
| | Reader Comments: Backscatter Spam is Back | | >>> Post your comment now!
| | Who's to blame?I think Dermot Harnett hit the nail on the head with his statement "MTA programs could be configured so that they do not send back a copy of the... Posted At: 05-20-08
By: Spamhurts | | | | | | Drop BouncesI think ISP's should drop mail to illegitimate mail addresses rather than bounce. Bounces and double-bounces are nothing more than a hassle. I have... Posted At: 05-05-08
By: Michael Heitland | | | | | | A user comment on this articleGoogle mail servers are responsible for a large amount of this backscatter:
http://tech.slashdot.org/article.pl?sid=08/04/08/2258246 Posted At: 04-10-08
By: Anonymous | | | | | | Bombed in MarchMy mail server was bombed during the last week of March. We were averaging 140k spam emails per day. Previously it was somewhere around 3k to 5k per... Posted At: 04-08-08
By: Anonymous | | | | | | A user comment on this articleHello. Sorry for the confusion. It was more of a general question - should ISPs be doing more to curtail spam? Posted At: 04-06-08
By: Brian Prince | | | | | | | | | | | | | | | | | | >>> Post your comment now! | | | | | |
|
 |
|
|
�������xr80�VӮc"u]RleMYǒPP$$M�z%Ο�� 7]hvUvuۖ�0Ld&�D��vv>$I�Ӟc-Jvg1;D�;;?!FP|o�S
�s�ѩe�軫�F]̉]�k����kHA�შ���:#:@�.Rs2
j9�뻲9&ԗoOne0��-ڶAq6)�j
�9a�?xh='@I�R�܇CѺ�8�P(�} c! [t�V�;v W*UFN�83py�f_0�Hz5E�xL#|x\�{仇�d+#J�=Vy?a/
w-,G�Z�U�X'�[vb�䅠1FE�8 wK�ՠLo$Gd`jI:@�"4Ԙ��#2R!p�5�`p*�)ZX�tGL#fK>1P:x }3~bA2xFaiH'�l6XB�RN`^_y�yN
�]tQV�_սkYo@בN�Au�ӱCԣz�r ˚79hey�n�J
bT/�_+{6{2Sug^o|?+T�U-�E���u7�Y}��m9Eu�9{'�rn}G��r ��� k�ɿ;0Q\�&*+Jx8K2�A�>,�B.rM7J�Qq�~Q-jR;ԓ,f3}�3�+i3�Y:AK~1�ˋNM�ӣN�/f٘Y^�J��d�T�Y1�LUIsIםv�Y3�a
�V�~k!�
�=v��>,rG=����j�iT%%+2OEL�xsLr,�e5h�g�پBd}#�7��ReQ
�oȱn>�@|Ӡd6
2T��~`��]v�j__Ѭ[c�W)���r�
4$yW��7��hr�
Ce)#p?S̓I��hJq�䰉c<ذ�1�"%̛ީҞy�e��,�}PEtBAͨ4
.�
If(;�/3�A.r)i �� 6=aL+^*뻹(-�.k�\G�֛esJ�Vt]�;5Eя0-�p�x=iv/z�~6LqJ�j�p�X.B2iKB0pjjj�ORa ^,+WL �F�̶-a[e)u�5}u�̆>��:NQ�m��5>l;4�}t>�$>hhƋMriOM�r�Ӈt��u4A�>~�{ͣn]=&tno7,AbG��a`Ψs>F�m�|�&6��l�d�$4(s�w[LL�σ�
�I#�ˋ�0���P�=�� �2/?6�a�xsܧP�}M�rA=39;ʹiǀxԘ�ڀ��r%Eab�n.G))�$C{$��hI#r�����
Bг�,`@o!`G`[X/w$]KI+\fD8�˛nO�u$9�g��ڹLX.QY,p[/ �͙JRdYU Q="`&�Qea*0pBKa�k`F\JQ-DzMCA��IqT8R/���Q=�<�_w�w4M��ұǞ�`�ϯM/Cw
Gx�}ljt0τ��{8ǷcS7a�xҜh�yF5&S瞈�@3~�~2ۇ�-}�آ�&5�mmf0&{b6g��{ΌA34�OP#'Կ���37u9\[N=��21 4fWo7���|(�n^ßf�1�d��_w\ճ&VAB
�gl)�Q OzBnehJʅUIY쩅*TR���լ
LqG).ESgFl㜜3F]s;tO{'OJb-yhֽ$Uv/:A'~/
B[+�(Y�&���ޒy�0p�ŗZZG"b j7�{\\1,#
l,>F4~hN/a2*)OSw�]�:6pȞc�>S�+EE.OӟB�xz#OoZP_J>ڹe3����%P͝�HWCJ$l%K�� w@�4-=�]OT�pϟ��
sFWyYF濙?O#~ԪbV=M�(aIV8Y+
:?cUQ@H.�ɡ3��S!ywz3iԛœυ!v8hk0�{]s\hμ�Wl^�L�c"O`��V$M_w2H|4G|%¬_,ŤOMqё,u�`�k�UQl�~4�V8f|�<�@?
v�#�C\4�<�}o�S�4�pf
mWqXJZJwg 唟`�Z7~675V`]b:|8.�o�J@;�(1ݼRZC#���dߊ�'&z��Gjy�%�9~܄ye`@m�<^�_�/19_���|փ�t8ߙ��TϘ�_/X37(p��[&#�?۹+e�m�2~ &:i1-aZ`'� ��Yn�AjAy̧`꙯[8g3�~%k滲NyT.�"�cr�(}�#�"#�N{�R k~O��s~7pY(�*"X5 Z_A�Ұg.s_�5u_&QX�yC[Vޫ1�Ze�Ro(SY-q'&F.҄^?k798$mvLTsdX�*�n�ȥG f�I4@{EY,..=IMX�JP/ETAtyUTckm`WPF4`�W�&s�ڜx&\_{sƋ�(bo)Q^~�D�]Rx*3nQ/eg!���P? �i��f qg5iv<[n$ve=E*kni���a
�F*͐[YQa'\$X+JJEt�>80xnD N��W�8pL\'e�M=JkO5{Oum{��<�$ɝ?5?p_P3|*;�I@ r;qG;a#5
�p��( JA)�ݣ,z$�d�0JP-Wn8L3A��z��
2vB�s9I<��"�UxhG���=a?up-<9�K�(j܈�xϰLc
V,VXŵyAhhqL��v/vv�j01@
EE@�jC߱?$
?���/E)?�PX1"NJE])�7�UM};�H'n��2`^}�~g�ab>$AA`�}݇,5.a�š�_y�R>$hwuޒ:6?�pȾYU$(��X�M��4qߵ�s'^i {{l:�K�6|v>���7�2CH"�r��z]�ۼ9�_>.!Cr9oK^��փ � Y�KBV�ϥ1ϧfٿh<&��m{pУ3YTJqkV�0?x�>6���z?$i^�K_��{Ow j�Eu�8LMàv)fT��xi'>�fax!w- qB;DHA2SEa~�=m2겨u]$L<1GN)tJȓ(�D�=�)�I"8IUF4A2�uIH?�Md4XPW
Hق/��'59۴8�^]~ܺm|d`�L`ql)Za"|)Nr
a9n�`e>�!G[yRb}�b%&h8W߅u^�4�~x��R̅2������Y�i^ϗ;Uv{3�=ұ<:x.�;�w�v��6x�}y�:b1��?ݾneټܱ?�jwh{操�~;j9vЛ�3Lp�j��`ֳ�s;[�Q��rЧx"64�lywy#sx�~4qjܘƄ�99T�n8:�˳1q1~<,�?4fڈb�iyo@g%i��&Gm_ |3�$?[Н�>�u?�{h&=)ǣAlΜh5挜71n7~wڻ�bO0�w+�'iv;}¶"CWq��: -`*1$�Dh�H^md_"+2�NI:˅Nth<>��i��,F��Jf�:��4hAxnl�Oo�C]pb]s!Tx:`o^k_eҰwߵ=
=z»�.+-R!EkE��7_�U��T⒫˳yuQ�Z�ȓG��D6K`!iv.R?;+�!bi4V3XTdO#@/-vci��2�/>
A#ؖrnbL�px�2��HB%O�7˶˷Fp7�N
/f_ σ��%�FJM-c-ی��!!¯�h�vpU<"�Zy&N0�? Wo��1֢�,G�|o(o&x6�VSg�o9oL_m�XS|�� \(�\=3q� x�
�zȓqi+"@wыK�-1-]�Mf�ֈi[a32OrԙF])Vʥ_|X`ˤ~[bO/^9'�L1�2Enc]�3~88p\R&�Hah1��emlT{c_*U^mPw!m(wf늇�f/���ϼ�m,?Cr;Y
awQa=ɛ�b
=(]FÝE ��77� +�Aj9�K:-5Ʉb"88 Cq�$d0XrK%5���1IsQQq
��-Dn�te�td�s/
�7 &[�Ľ NN^�>8VO"O.3�0k܆o�V!�Ɫg[
^US7��O6Fx�x&�yr?p\��w| NJL�-�WpbCX;>�XD"1c/F���bS��V܊JR"�7O�]TG<:k@�Dȏ�olr1�Qjdo50-GՇ]$BNa~KͲ�%�ϙI]ر�?�x(T�k�~��da�*aPQbX:��0�< !-cwb}PʦLVyu&$]8xBjzp
#
LlH_ܗ�fK~�u'���"���#,a-ښ�![ ؼ(R۔}>}j�̄[��~H)Em_ht��I�"�P�HoBdltc�ZܔjK�9b�?,],H%_zc,\�qi/vMT�dvHرR�5Z:�atnS�vΔvrJbi>E!��sI�4���qC�V'w,p�m���g�0}�,/g[۹1צR@"L/D+Kŕ�_x&҉`RB�&,`5�'t���k���%l&k{o
_!%_W�!��lS�$Pa6Jkѭm��љl=)���$�
� �iT峈.Cݐ^Y%H|R�V=XD��`04֕l8L\KmHǎ�l$��`JF3�-uZ��_N�# qPG�ltZ�9[#�0N?6v;s^׃!�W&(,҉(fcC�S�ف�/�xS$jţD�j�F۟
qWg!nbüR?�e�ƄP%Sǁq}��[IU/� Y�DY�#>��r��ݐ
jɌo�sc;q,T�x}S$F
}v�K% �H"@�L��I��z,Ɛ��ͻPy~HxER�c�pR-Cäș�̜^`˾�45�e6z�,臀ra3Ct7±I7.@
Omr&h�8^0n@Gd�|�y@=�0�$f��y6ǾyoZ�5 �wԖlXK�s[�Чf5u_���I@ )�Nh�r� 67Di�Z$�ge-�2>�p-+jzEfJg-X�@Ro` �!�шxY-Xi/xùy�ޕ:854HDYQ!i��S7!D$5B\ss#7ŵi?_0|*ӛvĮ�~�L=g>J?Ϥ�"nZ?��A@��I��aƙ�f�CLŽ+ޕ�A2lPo(%چe̽��ߞyUt`�Kix�) �>�%aՠÙi\�˵�tCZ%��ş
S�Od?su\ͲoKx7P�_|�X�ߚ˹18i&6��n2Sh�~w}V)˥j'1�v^el�j�_����ZRˬ�k $I1�Ʊ�'}N#*ΘhVP2WD�Ko�iQ`�C��|!i3 �^H��e��E.z?x�T�&ݦ!e�?�^-Y?6�O0q_7�n�z�y+o9q?�*{ga)�(�w'sg�� 3_¤�t'O|g9'd�)#��)7$-�f҆ N .�|Z�D0,u
rซذ4��Be��w4D�N۟(UNsq���PVôLmw'Ʈ,��!/�B^eq�aI{Ejt�yϹgL2[^gc4VƵ�5Śx
�K;<�zj�� �O��]�c�xc�)�+h�����AE!��A��ͤ<؎7Ӭ%4;a8F F(dѴË
B.]�sI
R}eb?=G/ttAk-c"]N1x}��[Ò+5fL -P;qU6'�a�Q�G�2vC`m
4,\�&�\πTn�[t\I�&�
/vW_�߽�+kjJJ
\c�gxjkN6OB�El#u��s eTUR5z$Mq1�,��K&t�d`(D�&ǵtxZڊ�bL�kO�~WZx�_%ʄ"<��1��\�TcЍ�B)˪M;InP~z�*ڟO�dh^n{q[!ʃZ+?LlE'ȚXW
t(´J �mkQL{�BE2o�V0��'qdIC�7�+�*=E-O\�I5����&̋XLt<.&:٤�6ȝ�V3"&s'{@Ir
�q,&
Ye)2.�փފ> rF@Yj!u+H]�U#
`�;��I͂!�3r韵�e�=<��y�LG07w4qG�=�
S�>^/ɂm# C�O�
2P[ty/���I9`?È�Gs�{�3�Z"XR1��@Q>s�eϤۭpx�X�0!<���RA~�9=Kn/�a�c�tknٌ6]#Glc0�N=r\01Fiŷ~(�l�;b21c|>Oc0��;0�H";O�C��
"P�F:�
/� �
s�!��)%n67p>9�/9[xmF�� �\�<+Loh30OqW�Ng#j� 3�ZgkR.ɖàzP�Y|oby�LgA~�\b�@Ԑ0���(JOIB�u�XRFB(6s�
�ҎN3==3P�]!FWXSSe/(��
@Ka1c�~PBM�Ф�PsFt1IXQq��+3YQ^*_سӄ^I+\QY��/ �PIj١�
W{uG1�50 }a3br�L5v�cѼ8LNzIN.mҿ:�_v.6{~8V-�J-�e�Z{�O: )�1 lL[d�_T
ΓQ�99ovNS�ʙ`Q{µ,��,�^;KKvU 3@cqq�^cg�|,�:'(%lFyї�U�1ͩ4�oL�7[vfS+�t�?͉t|[1]r��ZO-�6As���V
�CrYmn8~�(�hO�u۹FhR�3`dzOP)�(MfFy�{�-AQ~�O>'��WP~kv֗wZFQ�d�3r'Ƨ~Fg(�eٮ�.�Y�v>�t�n�]n�v?�2z5_gBiF?��](fg9yg_��O/C@2�E�\��_�\fO�g�����7�k}�U�]CuV9w5:~7P~U�{7MF77�$)c�f5/pv%sQ^52\�}~�)�P'�P*�(�Xi7z�ZeE�+\�W~�y�> sg#�KJ+ťW�
7YKxUy%+pۭ]��hq_l(%^a/��^敽�
Y�u"[~|^b%QH;әC_qot1j�m��1dѮ5�1|K�u̿�z:'g�_TMqkq%B4;Po6@c�mdC�"NM1<:8`�kf+ՇolB΄[�W迃*<�
K �Y-4פ��k`Y{﹩r��#6O�UE&O|u�I'LM�ɱw�|<")��R,��cV}<#��(�u�^Ӳ0�x%� �[�?�p���c2� C�Lg u�u��x�n'tM
H{"a5}*xCLt�sL�i�j�NG�[xAr#�rd9��U�ZCQ�'8݈qdf~")D|݆-g�g<<�T#0�?fu|qf+6�c类nǝ)Z^t˙4xZ
��Hv2uϦc5�Sv�ԥ��Fl/FxKT(O�D6��@ŝ\i��y&b�b P|_�|f�vC��ّC͞�fKH"L'6�i�}{�O�=
�54Id�`-߂98���9-C�{9B9��g!X3Wd]d
�A_d|bh>Zo.TLHd v"ё0plPFî/!�~U�5RFXk[MA�c�;ulȮEtV,A����f�&}c|VF^]1a)x�܃�AGR(FY5��:Z-5,l$9��A�Sh4�/W5���EXa%�i;j9.KPRJ��Vu.Q
?�fUSmO`�K�x�ov�=�B�^���p|"���7ezLU"zδ��wz�DiKAvޒێƾ(� ;Fⲁ%#:�`�
�s�l#اTt�r!���,NNL[u�U|ٲs]Ә1J1А8ٶ2COA#t
�XnI'\�k<1|4aehDS0T6y63*>�% �/�1-i+%:�9-��Y0^ p,�^f�tOG#m2�`͍G&J$߀)041Cr:��Y ��%6����~���0qMĦ2p�آ3g(\*],1Ał?�vLwKMN�lB��p�#Q��*Ԯ�^ x�9O�`^|˼+AѾYQ{Ku#+_2ҳE�>�v/-�G�J^�S.u�7tleb�@��ëx� >mE7#D**�k,^��zeX�ٿ 'Ps::hՆG��O0^qY�SR�l@�sxS
a�
O�˶��E=b농tEm�khT[_�)*l+S�
�)/߶S3pݼ¶"�yX��At'X3'5ȱ
ya1 g�{y瞲{~k�C'>f�k:ahl,eH&}+qd.'D�I
qk.-wv(ua4,Lb9 �"[^QI�(f�жX_�2>A� wVǰ�=BLN7��Po�3pRaL ���-h\l�};Mp,S0#Er츏,�E~�K'[]2*A-Z�12eo,gkV�"�N�께�#'yI����Ӱ�3=�v=ǘ mr?u,�r�?��s],S��c|Ʋ�c9br�r�W`0M�Z�.<�ȳ�(`)F,��dv"V�KjMΡmlqR!
a�cT 1L(�+�Y��דv!{�Zqʋ�|��E>�WNENE<<�Sf )VSL_Xџ�_<|ړT+Ow\`�Tb� T�.7?�KwcA;�<�fsTk�UN'�7/>!>D!6�xv`Eqw�#KoyQyK
+Z(K�- QwjA0�,}ELVzv�C&ȕ/�5F#x�oU��AF]Q+j5�Nb�j|�܊X�#iQg�rYO�Zq{mw>N�~늘p6JL?
۔9MR"G�Zi/%!&k+EiQm&'
sfan%nǝl| �n%96O`�[�
P�S���
|
Network Security & Hardware 
