472,789 Members | 1,208 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,789 software developers and data experts.

Mail server load



Marc, I'd be interested in seeing the updated stats for this bought of virus
transmission we're going through.

Yesterday you had almost 1 for 1 valid email. By then I think I was getting
about 3-4 per valid email but since then it's sky rocketed and it looks more
like 30+ per 1 valid message.

I'd just be interested if that's the same others are seeing since I believe the
virus picks up my email address from the messages sent to the lists.

--
Nigel Andrews

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faqs/FAQ.html

Nov 11 '05 #1
11 1732

So far today:

neptune# awk '{print $7}' /var/log/amavisd | sort | uniq -c
137 BAD
1732 BANNED
4435 INFECTED
6029 Passed,
On Wed, 20 Aug 2003, Nigel J. Andrews wrote:


Marc, I'd be interested in seeing the updated stats for this bought of virus
transmission we're going through.

Yesterday you had almost 1 for 1 valid email. By then I think I was getting
about 3-4 per valid email but since then it's sky rocketed and it looks more
like 30+ per 1 valid message.

I'd just be interested if that's the same others are seeing since I believe the
virus picks up my email address from the messages sent to the lists.

--
Nigel Andrews

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faqs/FAQ.html


Marc G. Fournier ICQ#7615664 IRC Nick: Scrappy
Systems Administrator @ hub.org
primary: sc*****@hub.org secondary: scrappy@{freebsd|postgresql}.org

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faqs/FAQ.html

Nov 11 '05 #2
> So far today:

neptune# awk '{print $7}' /var/log/amavisd | sort | uniq -c
137 BAD
1732 BANNED
4435 INFECTED
6029 Passed,


And still some make it through given some of the messages that are
reaching the list today ("That movie" or "My details"). :-(

---------------
Francois

Home page: http://www.monpetitcoin.com/

"Would Descartes have programmed in Pascal?" - Umberto Eco
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postgresql.org

Nov 11 '05 #3
On Wed, 20 Aug 2003, Francois Suter wrote:
So far today:

neptune# awk '{print $7}' /var/log/amavisd | sort | uniq -c
137 BAD
1732 BANNED
4435 INFECTED
6029 Passed,


And still some make it through given some of the messages that are
reaching the list today ("That movie" or "My details"). :-(


Actually, unless I'm mistaken, none have made it through ... at least all
the ones with subject's like "That movie" that I've opened (thank god for
Unix) didn't actually have anything attached, at least as far as those
coming from the list have been concerned ...

For instance, one to -hackers that I just received with a subject of
"Details" was 3.2k ... based on my personal mailbox, if the virus was
actually attached, it would have been >100k in size ...

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postgresql.org

Nov 11 '05 #4

On 20/08/2003 08:18 Nigel J. Andrews wrote:


Marc, I'd be interested in seeing the updated stats for this bought of
virus
transmission we're going through.

Yesterday you had almost 1 for 1 valid email. By then I think I was
getting
about 3-4 per valid email but since then it's sky rocketed and it looks
more
like 30+ per 1 valid message.

I'd just be interested if that's the same others are seeing since I
believe the
virus picks up my email address from the messages sent to the lists.


There's a few come thru the list to me and I had a few more yesterday as
part of the daily spam. Like most people from the non-M$ world, this sort
of thing just passes me by :)

--
Paul Thomas
+------------------------------+---------------------------------------------+
| Thomas Micro Systems Limited | Software Solutions for the Smaller
Business |
| Computer Consultants |
http://www.thomas-micro-systems-ltd.co.uk |
+------------------------------+---------------------------------------------+

---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Nov 11 '05 #5
On Wed, 20 Aug 2003, Paul Thomas wrote:
There's a few come thru the list to me and I had a few more yesterday as
part of the daily spam. Like most people from the non-M$ world, this sort
of thing just passes me by :)


I'm looking into how to add a 'taboo subject' filter onto the mj2 lists
themselves ... right now, I have a personal filter on:

elsif anyof (header :contains ["Subject"] "Approved",
header :contains ["Subject"] "Thank you!",
header :contains ["Subject"] "That movie",
header :contains ["Subject"] "Your details",
header :contains ["Subject"] "Wicked screensaver") {
fileinto "INBOX.garbage";
}

I can't think of anyone using anything but *maybe* the Approved one in
their Subject, so there shouldn't be too many false positives ...
hopefully hear something from the mj2 guys relatively soon ...

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faqs/FAQ.html

Nov 11 '05 #6
On Wed, 2003-08-20 at 08:11, The Hermit Hacker wrote:
On Wed, 20 Aug 2003, Paul Thomas wrote:
There's a few come thru the list to me and I had a few more yesterday as
part of the daily spam. Like most people from the non-M$ world, this sort
of thing just passes me by :)


I'm looking into how to add a 'taboo subject' filter onto the mj2 lists
themselves ... right now, I have a personal filter on:

elsif anyof (header :contains ["Subject"] "Approved",
header :contains ["Subject"] "Thank you!",
header :contains ["Subject"] "That movie",
header :contains ["Subject"] "Your details",
header :contains ["Subject"] "Wicked screensaver") {
fileinto "INBOX.garbage";
}

I can't think of anyone using anything but *maybe* the Approved one in
their Subject, so there shouldn't be too many false positives ...
hopefully hear something from the mj2 guys relatively soon ...


Little does Marc know that the guys from 20th Century Fox have just
scrapped their idea to do a "History of PostgreSQL" move after repeated
attempts to contact anyone on the mailing lists never got through ;-)

Robert Treat
--
Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL
---------------------------(end of broadcast)---------------------------
TIP 9: the planner will ignore your desire to choose an index scan if your
joining column's datatypes do not match

Nov 11 '05 #7
"Nigel J. Andrews" <na******@investsystems.co.uk> writes:
Yesterday you had almost 1 for 1 valid email. By then I think I was getting
about 3-4 per valid email but since then it's sky rocketed and it looks more
like 30+ per 1 valid message.


FWIW, this is what I see in traffic to an address I've had to abandon
because of spam:

488 Aug 8
433 Aug 9
435 Aug 10
426 Aug 11
504 Aug 12
458 Aug 13
469 Aug 14
390 Aug 15
433 Aug 16
371 Aug 17
520 Aug 18
36473 Aug 19
35808 Aug 20

It's about 3pm local time here, so by midnight the stat for today will
probably be nearly double yesterday's total.

The spam traffic had been around 2K/day at the beginning of the year,
but tapered off to around 500 as you see above. This spike is ten times
the highest I've seen before. If I were actually downloading this crap,
and not rejecting it at the SMTP handshake, my DSL line would be
saturated :-(

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Nov 11 '05 #8

16:00 ...

neptune# awk '{print $7}' /var/log/amavisd | sort | uniq -c
285 BAD
1807 BANNED
12289 INFECTED
11731 Passed,
5 SA
1 turned

Here's a normal day:

neptune# cat /var/log/amavisd.o | grep "Aug 17" | awk '{print $7}' | sort
| uniq -c
332 BAD
13 BANNED
938 INFECTED
3792 Passed,

On Wed, 20 Aug 2003, Tom Lane wrote:
"Nigel J. Andrews" <na******@investsystems.co.uk> writes:
Yesterday you had almost 1 for 1 valid email. By then I think I was getting
about 3-4 per valid email but since then it's sky rocketed and it looks more
like 30+ per 1 valid message.


FWIW, this is what I see in traffic to an address I've had to abandon
because of spam:

488 Aug 8
433 Aug 9
435 Aug 10
426 Aug 11
504 Aug 12
458 Aug 13
469 Aug 14
390 Aug 15
433 Aug 16
371 Aug 17
520 Aug 18
36473 Aug 19
35808 Aug 20

It's about 3pm local time here, so by midnight the stat for today will
probably be nearly double yesterday's total.

The spam traffic had been around 2K/day at the beginning of the year,
but tapered off to around 500 as you see above. This spike is ten times
the highest I've seen before. If I were actually downloading this crap,
and not rejecting it at the SMTP handshake, my DSL line would be
saturated :-(

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org


Marc G. Fournier ICQ#7615664 IRC Nick: Scrappy
Systems Administrator @ hub.org
primary: sc*****@hub.org secondary: scrappy@{freebsd|postgresql}.org

---------------------------(end of broadcast)---------------------------
TIP 9: the planner will ignore your desire to choose an index scan if your
joining column's datatypes do not match

Nov 11 '05 #9
holy S**T!!
The Hermit Hacker wrote:
16:00 ...

neptune# awk '{print $7}' /var/log/amavisd | sort | uniq -c
285 BAD
1807 BANNED
12289 INFECTED
11731 Passed,
5 SA
1 turned

Here's a normal day:

neptune# cat /var/log/amavisd.o | grep "Aug 17" | awk '{print $7}' | sort
| uniq -c
332 BAD
13 BANNED
938 INFECTED
3792 Passed,

On Wed, 20 Aug 2003, Tom Lane wrote:

"Nigel J. Andrews" <na******@investsystems.co.uk> writes:
Yesterday you had almost 1 for 1 valid email. By then I think I was getting
about 3-4 per valid email but since then it's sky rocketed and it looks more
like 30+ per 1 valid message.


FWIW, this is what I see in traffic to an address I've had to abandon
because of spam:

488 Aug 8
433 Aug 9
435 Aug 10
426 Aug 11
504 Aug 12
458 Aug 13
469 Aug 14
390 Aug 15
433 Aug 16
371 Aug 17
520 Aug 18
36473 Aug 19
35808 Aug 20

It's about 3pm local time here, so by midnight the stat for today will
probably be nearly double yesterday's total.

The spam traffic had been around 2K/day at the beginning of the year,
but tapered off to around 500 as you see above. This spike is ten times
the highest I've seen before. If I were actually downloading this crap,
and not rejecting it at the SMTP handshake, my DSL line would be
saturated :-(

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Marc G. Fournier ICQ#7615664 IRC Nick: Scrappy
Systems Administrator @ hub.org
primary: sc*****@hub.org secondary: scrappy@{freebsd|postgresql}.org

---------------------------(end of broadcast)---------------------------
TIP 9: the planner will ignore your desire to choose an index scan if your
joining column's datatypes do not match

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Nov 11 '05 #10
On Wed, 20 Aug 2003, Dennis Gearon wrote:
holy S**T!!
Particularly the 'Passed' number. Now I'm not subscribed to all of the lists
but I am on -general, -hackers and a couple of others like -interfaces and yet
I would say that the volume of email I'm seeing from the lists is far lower
than normal _not_ more by a factor of 3-ish.

BTW, I wasn't suggesting the virus emails I get come through the lists, was
just refering to the harvesting of my email address by the virus.

[Tom's numbers are absolutely amazing. I seem to be up to around 60 per minute
now]


The Hermit Hacker wrote:
16:00 ...

neptune# awk '{print $7}' /var/log/amavisd | sort | uniq -c
285 BAD
1807 BANNED
12289 INFECTED
11731 Passed,
5 SA
1 turned

Here's a normal day:

neptune# cat /var/log/amavisd.o | grep "Aug 17" | awk '{print $7}' | sort
| uniq -c
332 BAD
13 BANNED
938 INFECTED
3792 Passed,

On Wed, 20 Aug 2003, Tom Lane wrote:

"Nigel J. Andrews" <na******@investsystems.co.uk> writes:

Yesterday you had almost 1 for 1 valid email. By then I think I was getting
about 3-4 per valid email but since then it's sky rocketed and it looks more
like 30+ per 1 valid message.

FWIW, this is what I see in traffic to an address I've had to abandon
because of spam:

488 Aug 8
433 Aug 9
435 Aug 10
426 Aug 11
504 Aug 12
458 Aug 13
469 Aug 14
390 Aug 15
433 Aug 16
371 Aug 17
520 Aug 18
36473 Aug 19
35808 Aug 20

It's about 3pm local time here, so by midnight the stat for today will
probably be nearly double yesterday's total.

The spam traffic had been around 2K/day at the beginning of the year,
but tapered off to around 500 as you see above. This spike is ten times
the highest I've seen before. If I were actually downloading this crap,
and not rejecting it at the SMTP handshake, my DSL line would be
saturated :-(

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to ma*******@postgresql.org)

Nov 11 '05 #11
On Wed, 20 Aug 2003, Nigel J. Andrews wrote:
On Wed, 20 Aug 2003, Dennis Gearon wrote:
holy S**T!!
Particularly the 'Passed' number. Now I'm not subscribed to all of the lists
but I am on -general, -hackers and a couple of others like -interfaces and yet
I would say that the volume of email I'm seeing from the lists is far lower
than normal _not_ more by a factor of 3-ish.


The # Passed is what amavisd passed through to majordomo2 ... majordomo2
then takes everything that amavisd marked as being spam and trashes those
.... and then everything that is from ppl not subscribed to the lists has
to get approved by 'the moderator', which I'm currently going through ...
only 400 more to go, 399 of which are most likely stuff amavisd didn't
catch as spam *sigh*

Oh ... also consider that a *very* large portion of the messages that
Passed are also postmaster messages for messages bounced ... I have a
filter on my mail for that to put it into its own mailbox ... since Aug
18th, there have been 12622 messages delivered to that mailbox ... and
there is also all the subscribe/unsubscribe requests ... all of which
would have been Passed thorugh amavisd ...




The Hermit Hacker wrote:
16:00 ...

neptune# awk '{print $7}' /var/log/amavisd | sort | uniq -c
285 BAD
1807 BANNED
12289 INFECTED
11731 Passed,
5 SA
1 turned

Here's a normal day:

neptune# cat /var/log/amavisd.o | grep "Aug 17" | awk '{print $7}' | sort
| uniq -c
332 BAD
13 BANNED
938 INFECTED
3792 Passed,

On Wed, 20 Aug 2003, Tom Lane wrote:
>"Nigel J. Andrews" <na******@investsystems.co.uk> writes:
>
>>Yesterday you had almost 1 for 1 valid email. By then I think I was getting
>>about 3-4 per valid email but since then it's sky rocketed and it looks more
>>like 30+ per 1 valid message.
>
>FWIW, this is what I see in traffic to an address I've had to abandon
>because of spam:
>
> 488 Aug 8
> 433 Aug 9
> 435 Aug 10
> 426 Aug 11
> 504 Aug 12
> 458 Aug 13
> 469 Aug 14
> 390 Aug 15
> 433 Aug 16
> 371 Aug 17
> 520 Aug 18
>36473 Aug 19
>35808 Aug 20
>
>It's about 3pm local time here, so by midnight the stat for today will
>probably be nearly double yesterday's total.
>
>The spam traffic had been around 2K/day at the beginning of the year,
>but tapered off to around 500 as you see above. This spike is ten times
>the highest I've seen before. If I were actually downloading this crap,
>and not rejecting it at the SMTP handshake, my DSL line would be
>saturated :-(



Marc G. Fournier ICQ#7615664 IRC Nick: Scrappy
Systems Administrator @ hub.org
primary: sc*****@hub.org secondary: scrappy@{freebsd|postgresql}.org

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postgresql.org

Nov 11 '05 #12

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

9
by: AJ | last post by:
Hi All I've got a little newsletter system that I put together for one of my customers. Basically, it's a table with firstname, lastname and e-mail address. The script then goes through the...
5
by: ElanKathir | last post by:
Hi ! I wrote one code for Send the E-mail, But that code have some problem , So please help me Here i paste my code and Error: Error: Server Error in '/Elan_Sample' Application. ...
1
by: Joe via DotNetMonster.com | last post by:
Hi, I'm trying out a test mail script but it doesn't seem to work. The error I get is that mail is not declared on the mail.To line. Also, do I need to specify the SMTP Server? I have it...
1
by: Marc G. Fournier | last post by:
G'day all ... With the growing # of subscribers to the lists, as well as growing list activity, ppl are reporting a slowdown in the speed that mail is being processed through from sender to...
0
by: Mike Wasilewski | last post by:
I am just setting up a win 2003 server running IIS6 , php, with pear packages installed. I am trying to get the Pear Mail package working but cannot get it to send a message and it returns no...
9
by: -Nacho- | last post by:
Hi all I have a table with some email addresses of a mailing list subscribers. I'm triying to send a mail to them by querying the table and sending the mail from a 'while' loop, but I only get...
6
by: Krish | last post by:
All, I want to have mail sending capabilities in my .NET application running on IIS6.0. I cannot use any enterprise's exchange server. I want to use the locally running SMTP service in the...
4
by: =?Utf-8?B?UmljaA==?= | last post by:
I want to build an simple email smtp client app similar to outlook except with some custom features for a personal computer that uses comcast cable. The owner of the computer said she doesn't have...
2
by: =?ISO-8859-1?B?RulybmFz?= | last post by:
Hey all, I have a URGENT problem and I hope someone could help me... scenery: I have a windows app, coded using C# (framework 1.1 - VS2003)... The exe and dlls of the app is are stored in a...
7
by: mukeshrasm | last post by:
Hi I am no able to send mail and it is giving this error Warning: mail(): SMTP server response: 530 5.7.3 Client was not authenticated in c:\inetpub\wwwroot\eshop\includes\classes\email.php on...
0
by: Rina0 | last post by:
Cybersecurity engineering is a specialized field that focuses on the design, development, and implementation of systems, processes, and technologies that protect against cyber threats and...
3
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 2 August 2023 starting at 18:00 UK time (6PM UTC+1) and finishing at about 19:15 (7.15PM) The start time is equivalent to 19:00 (7PM) in Central...
0
linyimin
by: linyimin | last post by:
Spring Startup Analyzer generates an interactive Spring application startup report that lets you understand what contributes to the application startup time and helps to optimize it. Support for...
0
by: Taofi | last post by:
I try to insert a new record but the error message says the number of query names and destination fields are not the same This are my field names ID, Budgeted, Actual, Status and Differences ...
0
by: Rina0 | last post by:
I am looking for a Python code to find the longest common subsequence of two strings. I found this blog post that describes the length of longest common subsequence problem and provides a solution in...
5
by: DJRhino | last post by:
Private Sub CboDrawingID_BeforeUpdate(Cancel As Integer) If = 310029923 Or 310030138 Or 310030152 Or 310030346 Or 310030348 Or _ 310030356 Or 310030359 Or 310030362 Or...
0
by: lllomh | last post by:
Define the method first this.state = { buttonBackgroundColor: 'green', isBlinking: false, // A new status is added to identify whether the button is blinking or not } autoStart=()=>{
0
by: lllomh | last post by:
How does React native implement an English player?
2
by: DJRhino | last post by:
Was curious if anyone else was having this same issue or not.... I was just Up/Down graded to windows 11 and now my access combo boxes are not acting right. With win 10 I could start typing...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.