At 10:50 AM +0200 6/11/02, sascha imposed structure on a stream of electrons, yielding: >hi there. > >can somebody point me to a good link that >can explain to me the different programs >used in adress harvesting.
I don't have any good reference, because there's not much to a harvester. They simply try to send mail to invented addresses. There are a few such programs for sale, but a list of words (i.e. possible account names) and a few dozen lines of shell script will make a reasonably effective harvester, so many if not most of them are homegrown by the spammers. >why? >we are suffering from a constant attack >that would have drowned our mailserver >(on a steady dsl connection) if i would not >have built a firewall around it, thrown in >a couple of rbl`s and blacklisted manually another >300+ servers, constantly growing. > >these programs seem to invent new mailservers >every second. It sounds like either you are using an older version of SIMS or have set up an 'unknown' account or both. This is bad. >logs were up to 40 mb (and growing exponentially) >as opposed to a usual 500k >(we have only 50 users on our mailserver) >prior to those attacks. and they are still quite >heavy. so i am really curious weather this >is just one bot running wild, if somebody >included us as a testserver on his bulkmail >cd, or whatever might have happened, or >weather this is just something really regular >that just happens and you have to live with >it. > >in other words. do i have a chance of ever >being able to check my logfiles some day again on this poor >oldschool first generation power pc or should >i just stop caring about these half a million >mails to nonexistant users a day and buy a faster >computer? > >any help would be really welcome. You should definitely get a current version of SIMS (i.e. some 1.8* version) to get the harvesting protection and if you have any router lines mapping unknown accounts, REMOVE THEM. That feature may be useful to some people, but once the harvesters find you there is no hope in getting them to go away until you start telling them that accounts don't exist. -- Bill Cole [EMAIL PROTECTED] ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
