Out with Barracuda and in with SpamExperts

Blognosticator Head

I have my own e-mail server, hosted by an ISP in Michigan. I have been a customer of theirs for many years and they have treated me very professionally.

A couple of years back I asked them for help with incoming spam e-mails. It was getting out of control. We were receiving hundreds of spam e-mails every day, and we were getting buried. We created local and server-wide filters to kill as many as we could, but it proved to be too much for me.

spamlogo

My ISP suggested that we sign up for their Barracuda e-mail filtering service, at about $50.00 per year. I signed up immediately.

And immediately the flow of spams dropped from hundreds every day to just a few.

I was a happy camper.

When my wife and I bought airline tickets for a trip from Buenos Aires to Iguazu Falls, I purchased them from a travel agent in Argentina, using their web site. Within weeks of making this transaction, Argentine spammers began an outright assault on my e-mail server, sending sometimes hundreds of spam e-mails every day. I wrote local spam filters that would kill any e-mail with the .ar suffix. That lasted for a while, but then that spammer sold my address to a Brazilian spammer, who sold it to a Mexican spammer, who sold it to a Russian spammer, who sold it to any number of other spammers who spoof e-mail addresses in many countries.

The most upsetting event was when they started using my e-mail address to send hundreds of thousands of spam e-mails around the world. I was banned by AOL, Microsoft and Yahoo, and blacklisted by my own university for a while due to my “bad reputation.”

I started receiving e-mails for erectile dysfunction medicines from myself.

The Barracuda system helped a lot, and our e-mail distress was reduced to nearly nothing. I still got a quite a few in Spanish and Portugues, a few from Argentina, and a few from other Latin American senders. For those I just used the delete key.

Barracuda was successful in blocking most spams, but it suddenly started allowing a lot (a lot!) of spam e-mails through to my wife’s account. On one day last week she received dozens and dozens of e-mails from all over the world. The only thing they had in common was the “sender” was “contact” at some domain.com. Here are about 60 percent of those she received in just one day:

contact@winvige.com
contact@mx8.sofredb.com
contact@daiyremind.com
contact@frasen.istoinsider.com
info@emailer.clamorosnormayl.com
info@emailer.imagerweak.com
contact@ferrazah.com
info@soapydevoid.com
contact@mta9.ugmacrater.com
contact@smtp.winvige.com
contact@vulnam.com
contact@ohsima.maticcook.com
contact@winvige.com
contact@mx4s.daiyremind.com
contact@detpurjo.com
contact@ohris.lyestablish.com
contact@ohres.lyestablish.com
contact@connect.divercle.com
contact@majela.maticstandard.com
contact@mail2web.missstithy.com
contact@mail.padealie.com
contact@iclnm.altharl.com
contact@rivara.caulfhe.com
contact@connect.soflion.com
contact@khabra.handewel.com
contact@cokinan.com
contact@frasen.askussn.com
contact@starz.jemaden.com
contact@sbesos.noidvalve.com
contact@mailin-08.maticseller.com

Every one of these is fake, stolen or spoofed.

What had happened? Why didn’t the Barracuda anti-spam server catch these? And why did these arrive as a torrent of e-mails?

Curiously, these spam e-mails can easily be detected and deleted with a local rule. Apple’s Mail program has rules-based filters that can be set to make Boolean decisions about incoming mail. In this case, a rule set to find the word “contact” followed by the @ sign can move these mails into the Junk folder, or (if you’re feeling confident) delete them altogether. But, this would not solve the bigger problem, which was that these were just a few in a morning’s deluge of spam that had gotten past the Barracuda server.

I contacted my ISP and asked for tech support. They were not sure why it was happening, but they suggested that the Barracuda system – though still supported – was not nearly as good as their new SpamExperts server that would work much better. It’s about the same price as Barracuda ($60 per year). I decided to take the leap and switched my MX path to send all of my incoming e-mails to the SpamExperts server, which will then forward them to my e-mail server.

I have now gone three days with the new spam server in place, and I can tell you that it’s working well. In that time, the new system has not delivered a single Argentine or Brazilian e-mail message to me or to my wife. No pharmaceuticals. No hotel ads – nothing. In the first 48 hours, SpamExperts filtered has over 160 bad e-mails. I’m impressed.

Looking at the final tally of the work that Barracuda did in the year that I used that service shows just how big a problem spam e-mail is. When I look at the individual e-mails I wonder why spammers bother to do it. There simply must be enough people who are duped by spam, or who respond to phishing scams, or who get caught by malware and hostage-ware attacks to make this criminal activity worthwhile. Otherwise why would they do it?

Mine is just a two-person organization. In 12 months, the Barracuda spam server filtered a total of 340,314 incoming e-mails. Of those there were 209 that contained viruses (thank you, Barracuda!), 4,683 with damaged structure, of suspicious construction, or with empty fields. Barracuda deleted 170,178 spam e-mails that we never saw.

82,623 e-mails were delivered.

I don’t remember reading 82,000 e-mails, but then only about half of them were addressed to me. I don’t remember reading 41,000 e-mails!

I do remember deleting about a dozen Spanish, Portuguese and other non-English e-mails that made it past the Barracuda server every day (that’s about 4,000), and I will not miss that daily routine. I am really excited that I will not have to filter my incoming e-mail for much of anything with the new SpamExperts service. I’m looking forward to a quieter e-mail experience.

A sadistic note to spammers:
When your bots scan this blog, and harvest the long list of e-mail addresses above, you will be adding spammers’ e-mails into your spam attacks. That makes me smile.

And a follow-up note:
I have been using SpamExperts since writing this blog. I check every few days to see if any non-spam messages are being trapped by the system. In the first few visits I found a few in quarantine, and I “whitelisted” them.

Since then I have had none. The number of spam e-mails coming into my server is stunning. Sometimes I get 200-300 in a single day. SpamExperts is doing a yeoman’s job of preventing those from getting to my in box.

About Brian Lawler

Brian Lawler is an Associate Professor of Graphic Communication at California Polytechnic State University, San Luis Obispo. He writes about graphic arts processes and technologies for various industry publications, and on his blog, The Blognosticator.
This entry was posted in Mistakes you can avoid, Software, Technology, Web and tagged , , , , , , , . Bookmark the permalink.

One Response to Out with Barracuda and in with SpamExperts

  1. Lee says:

    Every time I think about setting up my own mail server, I read stories like yours and think, “I’ll just leave well enough alone.” There should be a special place in a very hot, underground reservation for spammers. Right next to them, there should be a place for all the knuckleheads who fall for this stuff.

Leave a Reply

Your email address will not be published. Required fields are marked *