Everything leaks eventually


We have a role address we use to receive support requests from users of our Abacus ticketing system – they’re typically abuse or security desk administrators at ISPs or ESPs, inside corporate firewalls and protected by multiple layers of security and malware protection.
We’ve been using it since around 1997, so we’ve had a good, spam-free run, but in the past few days it’s started receiving botnet originated malware.
If you give an email address to other people, eventually it’ll leak and start receiving spam and malware.

About the author


This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • We get hundreds of spam messages in our feedback loop inbox per day. The irony makes me chuckle.
    A trick I found a while back is using a Gmail address with a modifier.
    Say i Have an email address of Pirateninja@gmail.com, I sign up for email lists using Pirateninja+disneyland@gmail.com. the “+disneyland” addition does not affect the delivery of the email, but now i know that If I receive an email sent to “PirateNinja+disneyland@gmail.com” that was not sent by Disney, then I know that either Disney is selling my list, or their database was compromised.
    I wish more ESPs provided a similar system.

  • I take your point, but I find it striking it is that some places leak like a sieve and some don’t. The Economist leaks, the Atlantic doesn’t. Ameritrade leaks (to the extent of having found malware on internal servers after blowing off many, many reports of leaks from their customers), Vanguard doesn’t.
    So, yes, everyone leaks in the same sense that in the long run we are all dead, but there are clearly some organizations that understand mailing list security and some that don’t.

  • Some places leak like a sieve (anywhere with Windows desktops or who use an ESP, for instance). Others don’t. I’m fairly impressed we got a decade or more out of this address before it did.

By steve

Recent Posts


Follow Us