Marilyn Saarni wrote:
> One of the ways I figured out the source of the problem was that the
> non-profit's website email has never generated spam before--these email
> addresses are NEVER placed into chat rooms or vendors' lists or other
> typical spam harvester haunts. They redirect to other addresses, and
> it's the auto-bounceback, non-deliveries that highlighted the very
> recent problem--just within the last 3 days.
>
> One can't tell from the campus website whether the same happens there,
> but Aron's suggestions certainly will let me test that site's issues.
> But I'm using the same javascript in both sites so I suspect it's
> happening with the campus email addresses; it just doesn't show up
> except as increased spam volume.
One way that spammers are harvesting addresses these days is via spyware. If
your address happened to be in the To: or From: address of someone's Outlook
mailbox or address book, and their machine got infected with spyware, that
spyware may have been reporting back your address to a spammer somewhere.
I've also seen evidence of compromised email servers being mined for
addresses; especially if you have a machine that does both HTTP and SMTP. For
example a user-level exploit of a PHP page (say, an old version of Mambo)
could be used to send the contents of /etc/mail/aliases to the spammer.
-- Tom Holub (tom_holub_at_LS.Berkeley.EDU, 510-642-9069) Director of Computing, College of Letters & Science 249 Campbell Hall <http://LS.berkeley.edu/lscr/> ----------------------------------------------------------------------- The following was automatically added to this message by the list server: Webnet information is available at http://webnet.berkeley.edu. Email sent to this list is archived at http://ls.berkeley.edu/mail/webnet/ . This archive is open to the general public and browsable by search engine spiders, email-address harvesting robots, your bosses, etc.Received on Tue Nov 14 2006 - 17:17:32 PST
This archive was generated by hypermail 2.2.0 : Tue Nov 14 2006 - 17:17:32 PST