On 29 Jan 2005 at 9:24, Noel Stoutenburg wrote: > Christopher's report: > > > I enabled a new address a few months ago, but didn't use it, or even > > configure it, for a couple of weeks. The first time I entered all my > > information into Mail and went to check that it was operational, I > > had two pieces of spam waiting for me, dated one week previously and > > two weeks previously (remember that I hadn't given this email > > address to ANYONE yet!) I was a little taken aback, to say the > > least! > > leads me to the speculate a bit. When you set up an email account, > your ID is placed in some table. Now if a person, not necessarily > associated with your ISP knows the address of that table, and how to > access it's contents, it would be trivial to read the table on a > routine basis, and find out the new user names, and determine which > are no longer in the table.
The only place that an email address is kept is in the configuration data for an ISP. By default, those files should be inaccessible to outsiders. It would depend on the email username Christopher set up, but my guess is that the source is either an algorithmic crack (using common email usernames) or the address was actually published somewhere, like in a WHOIS listing. I set up dfenton.com in early December and set up a half dozen or so email addresses. I have yet to receive a single piece of spam. I certainly see a number of machines connecting to the site (even though it's never been publicized anywhere), but I assume those somehow got their information from WHOIS and that most are attempted exploits of Windows-based web servers running the execrable IIS (which my host is not -- Apache all the way!). I have only one address on my domain protected by challenge/response, the address I most want to protect from spam (and which I'm never going to use publicly). That address could be algorithmicly constructed from my domain name, and that's why I have locked it up and intend not to use it. I don't think Christopher's case is one of the ISP's records being compromised. I think it's more likely that the ISP provided the address to someone who published it in a manner that allowed it to be harvested by a spammer. That's why I'm glad my ISP knows nothing about the email addresses I'm setting up on my domain. -- David W. Fenton http://www.bway.net/~dfenton David Fenton Associates http://www.bway.net/~dfassoc _______________________________________________ Finale mailing list Finale@shsu.edu http://lists.shsu.edu/mailman/listinfo/finale
