Fighting Spam = Rolling Boulders Up Hills

Both times the people providing our network connection cut us off, meaning that no e-mail traffic whatsoever could come in or go out. Both times I found out because of voice mail waiting for me first thing in the morning.

Our e-mail server was set up correctly. It took us the best part of a day to confirm this with help from the vendor. Whoever was sending the spam was apparently using a real account and password. We had no choice but to change all passwords — everybody was affected. Changing people's passwords is painful because it exposes all the ugly underside of computing that they don't know how to deal with and try to ignore as much as possible. (Not to mention the problem of how to notify people that their accounts are going to be locked without using e-mail.)

We also took the opportunity to turn the logging level up a notch. Later that afternoon I started to see failed authentications in the log. Spammers were trying to use an account that had been created for administrative purposes but never intended for e-mail. It looks like the spammers had somehow stolen or guessed the password. Once we changed it they could no longer use our server but that did not mean they stopped trying.

Looking at the log, I could see spammers trying to relay e-mail through our e-mail server to third parties. These attempts were coming in at around one a minute, from a couple of dozen different places around the world. Those bastards!

We have a firewall that I'm not overly enthused about all the time, but it is convenient for blocking the most persistent spammers. Their attempts to connect to our e-mail servers now get ignored silently.

Many years ago I bought and read the first edition of "Internet Firewalls: Repelling the Wily Hacker". In some ways, things are better now. Not many people would dream of building their own firewall from scratch. In other ways, it's much worse. The cartoon on the cover of the second edition says it all: there are too many people attacking anything connected to the Internet. It's no longer very interesting to repel them; it's just necessary to keep basic services, like e-mail, working.