Full Disclosure mailing list archives
Re: leaking
From: "Gary E. Miller" <gem () rellim com>
Date: Wed, 12 May 2004 09:41:04 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yo Jimmy! On Wed, 12 May 2004, KUIJPERS Jimmy wrote:
I see no reason whatsoever why I should generate the e-mail address in a cryptographic manner... .whatever that may mean (since when do we create an email address via a "cryptographically-secure" way and w hat is the relevance?
That is because spammers do not even bother to check for valid email accounts anymore. They run dictionaries of known usernames, millions of them, against all know domains. This is why Hotmail was so screwed up last week. Hundreds of emails to invalid email accounts for every valid one. Their poor server could not stand up to the load. Someone asked me set up a new account "greg" on a lightly used domain name. His old email was getting too much spam and he figured that since greg () example com had never been used he should be spam free. So I checked the email logs. Several dictionary spamers had visited in the last few days, sending millions of emails, with millions of usernames, to a domain that never had more than 5 active usernames. Guess what? greg () example com was already being sent spam! Also greg1@, greg2@, greg3@, etc. were also being sent spam. So changing his email to any of those would only slow down his spam a little for a short while. Unless you set up a test account with a big long random number there is no hope that it is not already in one of these dictionaries. RGDS GARY - --------------------------------------------------------------------------- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 gem () rellim com Tel:+1(541)382-8588 Fax: +1(541)382-8676 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAolOm8KZibdeR3qURAr6hAJ0WaaivNEfiuCgMwko4eIJSdCQe1gCfSDa4 9y3ERoqoXn653xveMxma6lQ= =79d2 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- leaking Felipe Angoitia (May 12)
- Re: leaking KUIJPERS Jimmy (May 12)
- Re: leaking Dave Horsfall (May 12)
- Re: leaking KUIJPERS Jimmy (May 12)
- Re: leaking Gary E. Miller (May 12)
- Re: leaking Valdis . Kletnieks (May 12)
- Re: leaking Gary E. Miller (May 12)
- RE: leaking Aditya, ALD [Aditya Lalit Deshmukh] (May 12)
- Re: leaking Ron DuFresne (May 13)
- Re: leaking Dave Horsfall (May 12)
- Re: leaking KUIJPERS Jimmy (May 12)
- Re: leaking Dave Horsfall (May 12)
- Re: leaking sith (May 12)
- RE: leaking Alerta Redsegura (May 12)
- Re: leaking sith (May 12)
- RE: leaking Alerta Redsegura (May 12)