[LINK] spam impact

Craig Sanders cas at taz.net.au
Sun Apr 26 22:36:28 AEST 2009

On Sun, Apr 26, 2009 at 02:08:56PM +1000, Martin Barry wrote:
> Most spam these days is sent by compromised PCs via their ISPs
> outbound relay (malware just looks for the setting made by popular
> email clients).

actually, no, that's not true.

almost all spam IS sent by compromised Windows PCs. that bit's true.

but they tend(*) NOT to use the ISP's outbound relay because that relay
would be both a bottleneck (what point in compromising 1000 client
machines if they all then spam through the one relay?) AND somewhere
where decent spam filtering (or even just simple rate-limiting) could
block the entire spam run from that PC (and all other PCs connected via
that ISP).

the latter reason is presumably also why they don't trawl through the
PC's config files looking for gmail/hotmail/yahoomail etc logins &
passwords to spam through them (which would be fairly easy to do) - the
spam run would be brought to a global halt within minutes.

spam-filtering would be so much easier if spammers were dumb enough to
do either of these things.

(*) as in "almost all" - i would say all, but it's theoretically
possible that some do.


craig sanders <cas at taz.net.au>

More information about the Link mailing list