Thanks for the feedback, everyone. The problem is real. I am getting up
to 150 spams per day on my old email. A small subset contains malware
files or links. Here is an screen clip of just one morning's garbage
(it's gotten much worse since then):
<http://gallery.leica-users.org/v/pklein/temp/Spam.JPG.html>
The bad guys are using the newer top-level domains such as .top,
.stream, .club, and .info. Plus .tk and (unfortunately) .us. The "user"
and "company" names appear to be generated from large lists of common
names and random character generators, or from the content of the spam.
The exact methods and IP addresses of origin change often. Fortunately,
I can filter email from all these top-level domains out using
Thunderbird rules. But I have to run my PC 24/7, revise my rules every
couple of days, and I still have to check to make sure I'm not blocking
someone legitimate.
All this started several weeks ago, when my former ISP's old mail server
crashed. They said that they could only bring it back up with spam
filtering disabled, and the server is too old to fix.
Up until then, only about a dozen spams per week got through their mail
server's spam filters. With those filters down, I started getting a
couple of dozen per day. That number quickly grew to about 150 per day,
which likely means something else is going on.
Possible reasons for the increase in volume:
- A friend posted my old email on Facebook, with their privacy set to
Public rather than Friends.
- The "mailto" link on my Web site was harvested.
- I may have mistakenly "unsubscribed" from a spammer rather than the
department store from whom I'd recently made a purchase.
- One of my mailing lists was crawled by a bot. For example, note that
this list's Web interface shows our addresses in clear text. Not good.
The LUG at least substitutes "at" for "@"
I don't think I'm being paranoid. Here's a cautionary tale:
<http://stateofthenet.net/2014/09/how-one-simple-mistake-turned-me-into-a-spam-magnet/>
The guy who wrote the story in the link above doesn't use mail
server-level spam filtering, because it might filter out a potential or
real client. Most ISPs have such filtering, and most of us use it.
That's our first level of protection. You could be getting spammed just
as hard as I am, but be completely unaware because your ISP has "shields
up."
For the stuff that gets through the mail provider, we have third-party
security programs on our computers, and anti-spam and learning features
in our email clients. Combine those three things, and you have a good
solution most of the time. Lose one of them, and you will be spending a
lot of time checking piles of spam for the occasional legit email.
Anyway, I will only have to put up with this spam barrage for a while
longer. Then the old address will be terminated, and I will have two
emails, this gmail for commercial relationships and email lists, plus a
personal email. Both will have server-level spam filtering.
If you're interested, here is the results of a German fellow's
experiment. He set up a Web site with nine different email addresses,
one in clear text, the rest obscured in various ways. Then he waited a
year and a half and posted how much spam each one received.
<http://techblog.tilllate.com/2008/07/20/ten-methods-to-obfuscate-e-mail-addresses-compared/>
Based on those results, I'm changing the Mailto link on my site to a
graphic. It couldn't hurt...
--Peter
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
|