Strnge spammer 'attack'

[Pete Hickey <pete () SHADOWS UOTTAWA CA>]

It's coming from a botnet... tens of thousands of differrent IP addresses.

It's slow enough so that it does not noticibly disrupt our mail flow.

The To: is about 90% accurated.... seems like a regular spammers
list it's working from.

The From: is the interesting part.  All from yahoo.com and yahoo.com.uk.
The userid part is random... very random.... except for the part about
mixed case and special characters, they would make hard to guess passwords.
Each one is used once or twice.  There are hundreds of thousands of them.

I'm guessing that they're trying to break our graylisting database.
Filling it with so much garbage that it overflows.  It's the only
thing that makes sense to me.

Other ideas?


-- 
Pete Hickey                         
The University of Ottawa            "Everyone knows someone 
Ottawa, Ontario                      who knows someone else"
Canada