How do you combat "joe job" without enabling BATV.

Unanswered Question
Aug 8th, 2009
User Badges:

http://en.wikipedia.org/wiki/Joe_job

Just got a new attach from da....mail.net, they are sending completely forgery mails that act like bounce email to a specific user account.

That mailbox now received ~8000 emails. Seems to be all "looks" like bounce. And actually it is so dedicated crafted spam email that just waste bandwidth and attempt to DoS you (or your user mbox).

The spam email seems all coming from one domain, that we dont normal receive high volume of emails. So we are still able to spot it.

Evil Client ---> crafted as buonce email ---> Evil Relay (~0.0 SBRS) ---> "well-known" mailbox address (not floodingly).

The bad thing about this bounce are that, we may be mis complained to the innocent authoriy for "bounce" orign.

Comments welcome.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion