Hi,
We are being spammed by a botnet to a single email address which makes
it difficult to block. Spamhaus catches about 1/2 of them, but the rest
are blocked via postfix becuase this is an old account and does not have
a mailbox.
Why would a botnet waste resources by sending tens of thousands of spam
to a single e-mail address? The only thing we can think of is that the
botnet is messed up. This is interesting because whoever runs it
doesn't even know what the botnet is doing. Wouldn't it be normal to
monitor your botnet and fix the issues so that it can spam more
recipients? I could also addd thousands of infected hosts to a BL, but
is it worth the time and which list would be best for this?
Any insight into this would be nice.
Thanks,
Randy Ramsdell
