Possible OT - mass increase in UCE

turnersloane

Verified User
Joined
Sep 27, 2006
Messages
52
Greetings all,

In the past few weeks, we've seen a mass increase in UCE coming from dedicated servers from various data centers in the US. I personally keep a close eye on where UCE originates, and in the past it seems most UCE came from DSL/cable modem users. But not now.

Many of the IP's I check are either Ensim or Plesk boxes fresh on the network. Any ideas as to what may be happening - as in, could it be these boxes are becoming part of a bot-net seconds after being fired up?

We'll see 3-4 UCE's in a row originating from one IP, then nothing more from that IP for days, if ever (we keep track of the IP's in a database). Then more UCE from a different IP. But the main issue seems not to be the UCE itself, but its origin. Quite a bit actually comes from EV1 servers.

Comments, suggestions?



Sloane
 
Yes, it's offtopic, but I think I'll leave it in the E-Mail section for now. It's an interesting post and may lead to an interesting thread.

Personally, we've seen a huge decrease in spam in the last few days.

Are you running SpamBlocker? If you are, are you using the default install, which uses SpamCop? While a lot of people don't like SpamCop, this is exactly the kind of spam it's meant to stop.

Jeff
 
Jeff, yes, we are using SpamBlocker but without SpamCop as we had some issues with lost/misplaced client email a few months ago. SpamBlocker works great, so no complaints about it from me. Any time our clients complain about spam, we provide a modified copy of the reject log that lists rejected spam to their email accounts. When they see how much is actually blocked, they are quite pleased.

Perhaps I've stepped on someone's toes and they are targeting my business domain since that's where most of the afore-mentioned spam goes....
 
Back
Top