Difference between revisions of "SPAM and Backscatter"

(Added "Phishing" portion here)
Line 1: Line 1:
==SPAM, Backscatter, multiple MailerDaemon messages==
==SPAM, Backscatter, multiple MailerDaemon messages==

Revision as of 09:04, 22 September 2008

SPAM, Backscatter, multiple MailerDaemon messages

The problem is quite complicated. We refer to it as "backscatter". This happens because your e-mail address has found its way onto a SPAM list. A spam list is a long list of e-mail addresses that spammers use to send bulk e-mail. Unfortunately, there isn't much you can do to decrease the number of such messages. The best step to take is to delete them. We may be able to help you set up a rule that will automatically move mailerdaemon messages into a separate folder, outside your inbox. Note that not all mailerdaemon messages are bad, there may be legitimate ones. See below for an explanation of how these messages get generated, and why there may be legitimate ones.

Almost every e-mail system has a "robotic" mailerdaemon account that automatically responds when an e-mail address listed in a message is NOT found (there's no person behind the mailerdaemon account). This mailerdaemon account has valid uses. Take this for example: Joe sends a message to an e-mail list (that consists of jim@middlebury.edu, jack@middlebury.edu and bob@middlebury.edu). The message arrives in our (middlebury) mail system, and our (middlebury) mailerdamon finds that bob@middlebury.edu doesn't exist, so it goes ahead and e-mails the other people on the list (including the sender, Joe) that bob@middlebury.edu doesn't exist in our e-mail system. The message from mailerdaemon can help the sender to figure out why bob@middlebury.edu doesn't exist (maybe the sender made a typo, and the correct address is bobm@middlebury.edu). Having some indication that the message did not reach bob@middlebury.edu, is better than having no response and thinking that the message got there successful. That's how the mailerdaemon messages get generated, and why these messages may have valid uses.

So imagine the spammer sending a bulk e-mail message to a long list of people on different e-mail systems. If some of those people on the list don't exist, the mailerdaemon of each e-mail system will respond back, saying so. And since there's no person behind this account, there's no way to control these responses.


Warning About Phishing Messages
March 14, 2008
Phishing email warning

The College (like many other institutions) has been a target of fake (or "phishing") email offers/warnings. These malicious messages are meant to trick users into sending sensitive information to spammers. The best thing to do with these email messages is to delete them.

Here is a transcript of such a "phishing" message. If you receive a message such as the one below, do not reply to it, do not forward it, simply delete it.

-----Original Message-----
From: EDU ACCOUNT UPGRADE TEAM [mailto:arippy@purdue.edu] 
Sent: Friday, March 14, 2008 6:35 AM


Dear Email Account Owner,

This message is from educational messaging center to all our email
account owners. We are currently upgrading our data base and email account
center. We are deleting all our edu email accounts to create more space for new

To prevent your edu account from closing you will have to update it below
so that we will know that it's a presently used account.

We have been sending this notice to all our email account owners and this is
the last notice/verification exercise.


Email Username : .......... .....
EMAIL Password : ................
Date of Birth : .................
Country or Territory : ..........

Warning!!! Account owner that refuses to update his or her account
within Seven days of receiving this warning will lose his or her account

Thank you for using edu!
Warning Code:VX2G99AAJ
Edu Account Upgrade Team
Powered by MediaWiki