Message Board

Tracking Harvesters/Spammers

firstname.lastname mails arriving

Author: J.Healy (29 Oct 11 2:16pm)

Hi there,

I've recently noticed a lot of activity where a variety of third-party servers are attempting to send mails to addresses of the format firstname.lastname@mydomain.com. The mails are coming from lots of different mail servers, and lots of different names are attempted.

These stand out because there is no valid mail account on my server with this format. I'm at a loss as to where they are coming from. If it's a brute force spamming attempt, it would seem to be a pretty expensive one for the spammer - the rate of misses would be enormous.

Then it dawned on me, could these names have been triggered by the honeypot on my server? Can I check?

Thanks.

Re: firstname.lastname mails arriving

Author: R.Woolley2 (11 Mar 12 1:08pm)

An old post, however...

Over past years it has been a common attempt to flood "CATCH-ALL" mail boxes this way. A bonus is when the recipient (web site owner) clicks an unsubscribe link or responds in any other way thus providing a "confirmed" address to add to sold lists etc.

These days most decent hosting accounts offer "catch-all" mail boxes, essentially unlimited addresses for the given hosted domain name as "anything"@thedomain.dom is received. Whether the hosted account owner wishes to leave the mail boxes as "catchall" or override it by setting up one or more specific email accounts and "black-hole"ing all else is up to the individual (usually the specific accounts individually can be redirected back to one common inbox too... which becomes a sorta controlled catch-all) .

Hope that helps. Regards.