I have been receiving a new kind of spam/dos attacks on my email recently. I’m sure this new way of doing it is not going to be illegal so I’ll post it here and see if we as a development community can think of a solution to it.
I have an internet account which gives me my own domain for emails. I can then make up as many email accounts as I like in the form of firstname.lastname@example.org
The issue with this is that people have found a way to DOS others and me at the same time. I heard recently in the British press that sending hundreds of thousands of emails to different non-existent accounts isn’t illegal under european anti-spam law as although you are hitting the same email servers repeatedly, you arent hitting the same address so the emails can’t be grouped together as a large spam attack. This affects me because people have started to send emails to any old email address at their target, coming from any old email address at mydomainname.myispname.com. This means that everyday when I check my email, I get hundreds (and i mean HUNDREDS) or return mail messages.
This is really starting to annoy me and I wondered whether I had done something specifically to be targeted or whether this happens to other people. I also want to here peoples suggestions as to how this kind of spam can be beaten.
I had a couple of ideas to this end.
- Have mail servers count the number of undelivered emails from a source domain compared to delivered, and if the ratio is ridiculously large then drop all remaining emails from that domain which are undelivered without notifications for 24 hours. Its the checking of the ratio which would stop this affecting normal people.
- Make all mail servers check the DNS MX record for the domain an undelivered email comes from and compare it to the IP address they got the mail from. If they consistently get mismatches then send the returns to the source ip, not the domain name. This would make the spammers get their own crap back.
- Hunt them down from their IP and shoot them.
Let me know your thoughts
Thanks for reading