Silicon Valley Spam-Slinger Knocked out Cold
Russia may not be the only place spam hosts lay in wait. Tuesday of this week San Jose webhoster McColo went offline. The result is that the world's spam rate is now down by three-quarters, at least according to the Washington Post's online service.
On November 11, two ISPs, Global Crossing and Hurricane Electric, purged the California webhosting firm McColo from its services. The next day Cisco subsidiary IronPort announced that worldwide spam activity had fallen off by as much as 75%.
An article on washintonpost.com was what triggered the whole thing. Brian Krebs, the article's author, got a tip-off and notified the two ISPs of the webhoster's criminal activities that had been logged by security firms over the last couple months.
According to Krebs's article, the San Jose based McColo hosts, among other things, some diverse botnets that security firms such as SecureWorks deal with on a regular basis. Botnets are said to be responsible for about two-thirds of the world's spams. McColo also allegedly hosts many illicit child pornography websites, as washingtonpost.com reports and appeals to readers to contact the HostExploit.com website. Linux Magazine Online has since asked for comments from a few spam specialists.
Magnus Kalkuhl is one of them. He works in the anti-virus division at Kaspersky Lab in Germany. His comment: "We can prove that a whole series of botnets are no longer active since McColo was shut down." By his assessment, the affected botnets driven by McColo servers were Srizbi, Rustock and Mega-D, which were sending up to 10 million email spams a day. But even criminal activity involves backups: "It won't be long before the spam business starts picking up again as usual," Kalkuhl says.
Comments also came from Berlin webhoster, mail expert and Linux Magazine author Peer Heinlein. Heinlein identified the shut down servers as "bullet-proof" servers. McColo is, therefore, a kind of provider who promises its clients uninterrupted service even with high complaint rates. Spammers use "bullet-proof" servers either for sending direct and huge quantities of spam mail or as command-and-control servers for botnets to infest and control user PCs.
The tear-down of the McColo servers has cost a lot of spammers their infrastructure, according to Heinlein. "Organizations like Spamhaus, through their undying effort, have provided ISPs with enough earth-shattering evidence for them to take the proper steps." However, Heinlein concurs with Krebs that spammers will be back at their game in no time: "There are a number of other bullet-proof hosters that would love to take over all the suddenly available clients. Spammers will reconfigure things so that this recent cutback will hardly be noticeable."
Indeed, not everyone has noticed the effect. For example, Ralf Hildebrandt, self-professed mail server expert and also Linux Magazine author. He works on contract basis with T-Systems Business Service as technical manager for the CharitéHospital in Berlin. He has noticed nothing of a significant spam reduction: "My statistical graphs show about the same amount of emails and the same amount of rejects."
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Endless OS 6 has Arrived
After more than a year since the last update, the latest release of Endless OS is now available for general usage.
-
Fedora Asahi 40 Remix Available for Macs with Apple Silicon
If you've been anticipating KDE's Plasma 6 for your Apple Silicon-powered Mac, then you're in luck.
-
Red Hat Adds New Deployment Option for Enterprise Linux Platforms
Red Hat has re-imagined enterprise Linux for an AI future with Image Mode.
-
OSJH and LPI Release 2024 Open Source Pros Job Survey Results
See what open source professionals look for in a new role.
-
Proton 9.0-1 Released to Improve Gaming with Steam
The latest release of Proton 9 adds several improvements and fixes an issue that has been problematic for Linux users.
-
So Long Neofetch and Thanks for the Info
Today is a day that every Linux user who enjoys bragging about their system(s) will mourn, as Neofetch has come to an end.
-
Ubuntu 24.04 Comes with a “Flaw"
If you're thinking you might want to upgrade from your current Ubuntu release to the latest, there's something you might want to consider before doing so.
-
Canonical Releases Ubuntu 24.04
After a brief pause because of the XZ vulnerability, Ubuntu 24.04 is now available for install.
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.