It’s no secret that much, possibly most, of the spam today originates from infected PC’s. Instead of spammers renting 3rd world server space (China and Taiwan had been the leaders in this field), they just buy access to zombified PC’s and let loose¹.
I’m not sure why, but most of these spam programs try to get a bit of legitimacy by forging quasi-real return addresses. That, unfortunately, is where I come in. The last 48 emails I’ve received, and 147 of the last 148 have been spam!
Most of those have actually been bounced mails – spam sent to non-existent mailboxes, or refused for other reasons. They come to me because I own their return address.
Here’s an example:
Received: from cernmxlb.cern.ch (cernmx06.cern.ch [137.138.166.160])
by mail7.cern.ch (8.12.1-20030924/8.12.1) with ESMTP id i5K0jq1g010036
for
X-Authentication-Warning: mail7.cern.ch: Host cernmx06.cern.ch [137.138.166.160] claimed to be cernmxlb.cern.ch
X-External: man_on_the_moon_ex
Keywords: CERN SpamKiller Note: 43 Charset: west-latin
X-Filter: CERNMX06 SMTPGW CERN Spam Sink v1.0
Received: from ipvpn102098.netvigator.com ([203.198.211.98]) by cernmxlb.cern.ch with Microsoft SMTPSVC(6.0.3790.0);
Sun, 20 Jun 2004 02:45:08 +0200
Received: from h2ot.com (HELO seminoleequipment.com) (33.148.68.142); Sun, 20 Jun 2004 10:42:27 -0700
Message-ID:
Reply-To: “Rhoda Gill” juqbvtxvx@geofffox.com
From: “Rhoda Gill” juqbvtxvx@geofffox.com
To: cristina.lara@cern.ch
Cc: iztok.ropotar@cern.ch
Subject: get your die t me ds here
The originator of the emails claims to be: “Rhoda Gill”
Netvigator.com seems to be an Internet Service Provider in Hong Kong.
39/F PCCW Tower Taikoo Pl. 979 Kings Rd
Taikoo Place
Hong Kong
Quarry Bay 00000
HK
This isn’t Netvigator’s fault (though they certainly could and should stop it). It is someone’s home or office computer that’s become infected.
It is driving me nuts. And, if it’s driving a little guy like me crazy – imagine the strain on a large business or ISP whose accounts have been forged this way.
We can’t continue like this. I have said before, the proliferation of spam will be the death of email. We need to do something sooner, rather than later. It’s going to have to be a total change from our current method of mail service, where everyone is trusted to be who they say they are.
Since I began this blog entry I have received 7 more spams!
¹ – This is the topic for another day, but some virii or malware, often downloaded with what seems like an innocent program, can also install unwanted software on your machine. All of a sudden, your PC is a zombie, doing the bidding of someone else – probably sending spam or infected email.