E-Mail Bounces Back with Malware November 10, 2006
Posted by eastvalleygeeks in Uncategorized.comments closed
Imagine your incoming e-mail volume suddenly leaping 360 times above normal. It’s not spam, not strictly speaking. It’s a misdirected bounce attack.
Bounces used to be a good and useful thing. When you send an e-mail to an invalid address or make some other sort of error, you want to know that it didn’t go well. But along the way, bounces got abused just like everything wholesome about e-mail to the point where you had to avoid them as a matter of course.
First, bounces became accomplices to spamming through directory harvest attacks. In this attack, a spammer picks a domain and sends out a large number of messages, guessing at the user name portion of the e-mail address and probably pulling a lot of them out of a directory of names (e.g., john@foo.com, martha@foo.com, etc.). If the spammer gets a bounce on a message, then it’s not an address in that domain. The messages that don’t bounce are real addresses, and then you spam them. Because of this threat, many domains don’t send back bounces for wrong addresses anymore. finish story here
