Time to check the rate limits on your mail servers

Thu Feb 3 15:27:19 UTC 2005

> This is no POC, we have seen this happen many many times. Perhaps some 

Wrong, and I will tell you why in a second.

> drone networks are a little 'behind' but in general, they are perfectly 
> able to do this. Even with some static lists for some large ISPs 
> mailservers they can perfectly initiate it large scale. And yes, it does 
> limit, but with the number of bots we see controlled on the few botnets 
> we monitored the impact will still be hudge.

You have been seeing them try it, yes. But why should they use it when 
they can send 10,000,000,000 spam messages out with no trouble? The 
answer is because they will soon have to.

As much as some are capable of it, most are not yet there. They will be 
soon.

This is the first evolutionary step I can see that we pushed the 
spammers into doing, according to our wishes.

It may be a bigger "attack" on your servers, but it's nothing in 
comparison to spam messages out there where every available host sends 
the spam out.

Why SPF won't work? Why it is all useless (SPF, etc.) is because there 
are 100K and more drone armies out there, but don't kid yourselves - you 
ain't seen nothing yet.

>> Should I once again be stoned, or will others see it my way now that 
>> the tide is starting to turn?
> 
> 
> Its not turning, its happening.

You will know when it's happening. That will be when every spammer will 
be at the corner and will have to move to this way of working.

Just because you see a POC and some people are either more adavanced or 
bored to do it, and spam is a massive thing so you feel it, doesn't mean 
it's a trend.

	Gadi.