cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SPAM Surge

peterp
Dabbler
Posts: 23
Registered: ‎01-12-2007

SPAM Surge

‎29-10-2008 11:00 AM

Yesterday (Tue-28-Oct-2008) I suffered a surge of SPAM messages.
795 got through to my Inbox (compared to ave 0.1 per day over last 4 weeks), plus
949 got into my SPAM folder on SquirrelMail (compared to ave 27.4 per day over last 4 weeks).
Most of the excess messages are in the form of "Failure to deliver" or "Out of Office" messages, with a high percentage of Russian and French addresses involved as the apparent people I had been trying to send email to.  Most of these excess messages are also to my coventry-walks.org.uk domain, with hardly any to my other two domains.  Most were received between 08:00 and 09:00, but with a gradually reducing number continuing all day and into this morning (9 in my Inbox and 10 in my SPAM folder so far today).
A similar type of surge occurred on 29-Sep, but then only 20 messages got through to my inbox plus 117 to my SPAM folder.  The following day or two had a few repeats, but with only 2 more getting to my Inbox.
Anyone else had similar surges?
Any explanations?
Any advice?
PS - Started new topic because I could not find an active topic on this subject.  Maybe that's a good sign that Postini/PlusNet have been doing well in recent months.  I thought so  - thanks for all who helped.
Message 1 of 23
(3,469 Views)
0 Thanks
22 REPLIES 22
pierre_pierre
Grafter
Posts: 19,757
Thanks: 3
Registered: ‎30-07-2007

Re: SPAM Surge

‎29-10-2008 11:05 AM

it a problem of faked sender address, nothing I am afraid you can do about it, normally only lasts a day - Were they marked as spam, they are not normally
Message 2 of 23
(1,194 Views)
0 Thanks
peterp
Dabbler
Posts: 23
Registered: ‎01-12-2007

Re: SPAM Surge

‎29-10-2008 12:11 PM

Of yesterdays messages, 949 were marked as spam, 795 were not.  A superficial analysis fails to find much difference between those marked as SPAM and those not marked (other than of course the SPAM score!).  All the messages are innocuous, looking like genuine messages from some mail system - except of course they refer to a message that I know I never sent.   I have kept all, and might download all those marked SPAM and attempt better analysis later.

cp:quote
Message 3 of 23
(1,194 Views)
0 Thanks
zubel
Community Veteran
Posts: 3,793
Thanks: 4
Registered: ‎08-06-2007

Re: SPAM Surge

‎29-10-2008 12:26 PM

This effect is known as Backscatter
It basically means that a spammer decided to use your address as the "return" address.  Badly configured mail servers then added to the effect by bouncing the mail back to you.
Backscatter is definately spam, of a sort.  However, because it looks exactly like legitimate bounce emails (well, it is!), then spam-identification software is a bit hit-and-miss on whether it will identify it.
It will die down within 24-48 hours.
B.
Message 4 of 23
(1,194 Views)
0 Thanks
peterp
Dabbler
Posts: 23
Registered: ‎01-12-2007

Re: SPAM Surge

‎31-10-2008 6:34 PM

Quote from: Barry
This effect is known as Backscatter
.....
It will die down within 24-48 hours.

Thanks Barry - I now know I'm suffering from Backscatter, not just ordinary SPAM!
Unfortunately it lasts longer than 48 hours.  I'm still getting replies from services which first answered (e.g.) "Could not deliver, but will keep trying for 4 days".  All those including a date of original message in the repeat attempts confirm root cause started on the 28-Oct, so hopefully this surge will end tomorrow.
What does the sender get out of this?  Only I know about the duff addresses, or the people working in Paris who are out of the office till next week, or etc.  Or do they get a copy as well?  Or are there some hidden links to nasty sites in some of the messages?
All I can do is hope I don't get repeat surges every two weeks, with each surge generating 40 times more messages than the previous one.  If this happened, I would soon be unable to find my real mail in the noise, my download link would be overloaded, and I'd only be able to read my mail at off peak times when I could leave the PC downloading for hours before I started searching for a useful message.  I hope someone can tell me such predictions are impossible?  And if this is happening to other people, the network for everyone will soon get overloaded.
Message 5 of 23
(1,194 Views)
0 Thanks
pierre_pierre
Grafter
Posts: 19,757
Thanks: 3
Registered: ‎30-07-2007

Re: SPAM Surge

‎31-10-2008 6:55 PM

You never know with back scatter,  you might never get it again, you might get it in two weeks.
I thought the undelivered message give what was in the original.  That should give you a clue that it is indeed a nasty.
attached is one I recieved, note the original is at the top as Google Walks
Out of interest it should have been head of Enterprise and Culture at Braintree Council. but I mistyped it - so dont bother telling me its not hidden
To look at an e-mail without opening it, Right click on it in index, select properties, then message source.  Never open suspect mail
Message 6 of 23
(1,194 Views)
0 Thanks
community
Grafter
Posts: 666
Registered: ‎31-07-2007

Re: SPAM Surge

‎01-11-2008 7:35 AM

Just to add to this spam surge experiences......I have for a week now been receiving much more spam than previously.
This occurs sometimes but it has only lasted a couple of days.
Now I am continuing to get it every day....but what really p****** me off is the fact that some are from my own email address. Angry
Message 7 of 23
(1,194 Views)
0 Thanks
pierre_pierre
Grafter
Posts: 19,757
Thanks: 3
Registered: ‎30-07-2007

Re: SPAM Surge

‎01-11-2008 8:47 AM

my genuine spam for October was a lot higher than in the preceding two months, about three times more.
When you said from your own e-mail address, what exactly did you mean?  dont confuse it with back scatter
I have a PN supplied address of Username.me.uk, If I send that to username.free-online.uk, that occasionally gets marked as spam, Postini has not been set up to recognise that as PN to PN
Message 8 of 23
(1,194 Views)
0 Thanks
coastergrotto
Grafter
Posts: 1,016
Thanks: 5
Registered: ‎01-08-2007

Re: SPAM Surge

‎01-11-2008 10:03 AM

I thought it was against Forum rules to quote the post immediately before your reply.  Personally I don't agree with it but it is in the rules and, as such, both quotes in this thread should have been removed.
Isn't it time this rule was reviewed as I don't find it annoying at all?
Message 9 of 23
(1,194 Views)
0 Thanks
198kHz
Seasoned Hero
Posts: 5,731
Thanks: 2,779
Fixes: 41
Registered: ‎30-07-2008

Re: SPAM Surge

‎01-11-2008 10:09 AM

The rule actually says:
Only quote the full content of a post if :-
a) it is NOT the post immediately before your reply
Murphy was an optimist
Zen FTTC 40/10 + Digital Voice   FRITZ!Box 7530
BT technician (Retired)
Message 10 of 23
(1,194 Views)
0 Thanks
coastergrotto
Grafter
Posts: 1,016
Thanks: 5
Registered: ‎01-08-2007

Re: SPAM Surge

‎01-11-2008 10:18 AM

4Candles:
The first quote was the full content of the previous post.   
Message 11 of 23
(1,194 Views)
0 Thanks
198kHz
Seasoned Hero
Posts: 5,731
Thanks: 2,779
Fixes: 41
Registered: ‎30-07-2008

Re: SPAM Surge

‎01-11-2008 11:04 AM

@coastergrotto  True, but the second one wasn't.
I do agree with your views on the rule.
Murphy was an optimist
Zen FTTC 40/10 + Digital Voice   FRITZ!Box 7530
BT technician (Retired)
Message 12 of 23
(1,194 Views)
0 Thanks
coastergrotto
Grafter
Posts: 1,016
Thanks: 5
Registered: ‎01-08-2007

Re: SPAM Surge

‎01-11-2008 11:12 AM

@4Candles:
Thanks for your comment, so how does one put a suggestion forward to have the rules amended.?
Message 13 of 23
(1,194 Views)
0 Thanks
mal0z
Grafter
Posts: 3,486
Registered: ‎02-10-2008

Re: SPAM Surge

‎01-11-2008 11:22 AM

Quote from: coastergrotto
so how does one put a suggestion forward to have the rules amended.?

http://community.plus.net/forum/index.php/board,48.0.html
Message 14 of 23
(1,194 Views)
0 Thanks
coastergrotto
Grafter
Posts: 1,016
Thanks: 5
Registered: ‎01-08-2007

Re: SPAM Surge

‎01-11-2008 12:14 PM

@mal0z :
Thanks for that.  Have done as you suggested.
Message 15 of 23
(1,194 Views)
0 Thanks