Post Feed
Comment Feed

About Me

My MP3 Player

Dream Theater - Octavarium Coldplay - A Rush of Blood to the Head The Sounds - Dying to Say This to You Tool - 10,000 Days

New Comments

2017 Archives

All Archives...

Spammed by a University

Monday, May 22nd, 2006

While looking through my server logs this morning at work I noticed a bunch of email from a server at Loyola University. I looked a little closer and the email was coming from the a bunch of bogus addresses (random@gmail.com, random@hotmail.com and random@comcast.net) and all aimed at 1 user at Harley. Once I saw the from addresses I knew it was spam so I emailed Loyola letting them know they have a problem, including some entries from my logs as proof.

While I was waiting for a response I stopped up and talked to the teacher getting all of this spam and she told me she was a Loyola alumnus. I looked at some of the actual messages and found they were addressed to one of their alumni mailing lists. It looks like the university was running a mailing list that was completely open to the public. This means Joe Spammer can send 1 email to this list and Loyola will forward it to all their alumni, making the spammers job that much easier! Bah!

A little while later I get an email back from someone at the school saying that the person spamming was on the IP address 24.97.xx.xx. They said they forwarded my complaint to Road Runner's abuse department because that IP address is registered to RR and told me that they added the address to their blacklist. The problem was that the IP address above is MY mail server's address! This guy obviously had no clue what was going on and I couldn't email him back to tell him this because I was blacklisted. So I dug up a phone number online and gave this guy a call. By the time I got to talk to him he had figured out that he made a mistake and that someone on Bellsouth's network was doing all of this.

I added their server to Harley's blacklist until they stuck cork in it, which took an additional hour and a half after my phone call.

I assumed a University to be more on the ball about this stuff, but maybe that is too much to expect.

Comments (2) Subscribe

JR
#1 - May 23, 2006 at 7:53 AM
I saw this article just after reading your post. I guess it could be worse than just getting a bunch of spam. http://news.com.com/University+server+in+hackers+hands+for+a+year/2100-7349_3-6074739.html?tag=nefd.top
Joe
#2 - May 23, 2006 at 8:21 AM
That is nuts! I can't believe they wouldn't pay special attention to the particular servers that handle sensitive data (SS numbers, health records, etc.). I mean who cares if a nameserver or dhcp server gets rooted, but having a (presumably Windows) server sit on a public IP while not getting regular security patches and containing data like that is crazy.

What pisses me off about this stuff is everyone is at the mercy of a bunch of idiots. People who fall for phishing emails are totally at fault for having their identity stolen. But this kind of thing can get your identity stolen (and possible credit history ruined) by the fault of some networking goons that don't know what they are doing.

Make a comment!

Name
Numbers from below

Comment

Email Address

Website URL


Remember me