Magnus Holmgren wrote on Thu, 17 Nov 2005 19:04:06 +0100: > Spammers need to clean their address lists once in a while, lest they > end up with a very low proportion of valid addresses, right?
They do not care at all, at least not those which make up for the majority of spam. They don't even care that they can't deliver a single mail for years to whole domains. I have a customer who got joe-jobbed about two years ago (= spam mail that was sent with his domain as sender). The influx of bounces from these was so high we had to take the domain not only of the mail but also off DNS (by moving his dns records right-away to the registry which is possible in Germany). When I checked a year later we were still getting something like 50.000 bounces a day, so I deactivated him again. I just tried again and have already received nearly 10.000 delivery attempts (spam, not bounces this time) during the last hours. As Matt says, all of that are dictionary attacks. That domain was pointing to 127.0.0.1 for two years, nevertheless they spam at it in incredible masses. What makes me wonder the most is why there are a few domains which so heavily attract spammers for years and in such big numbers. This domain doesn't have anything special about it and is not widely known. If other domains would only get ten per-cent of that spam they would already be more or less useless. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com IE-Center: http://ie5.de & http://msie.winware.org