Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English

Major spam operation goes offline, spam plummets

Major spam operation goes offline, spam plummets

  • Comments 3

This has been picked up by a couple of other blogs (I'm almost never the first to report on these things) but I'm going to talk about it anyway.  The Washington Post reports that a Web hosting company out of San Jose that hosts spamming organizations was taken offline.  Some excerpts from the article:

Experts say the precipitous drop-off in spam comes from Internet providers unplugging McColo Corp., a hosting provider in Northern California that was the home base for machines responsible for coordinating the sending of roughly 75 percent of all spam each day.

In other words, McColo Corporation controls a whole pile of spam and they were cut off.  Continuing on in the article:

In an alert sent out Wednesday morning, e-mail security firm IronPort said:

In the afternoon of Tuesday 11/11, IronPort saw a drop of almost 2/3 of overall spam volume, correlating with a drop in IronPort's SenderBase queries. While we investigated what we thought might be a technical problem, a major spam network, McColo Corp., was shutdown, as reported by The Washington Post on Tuesday evening.

That is a huge decline in mail.  Our own numbers confirm this.  I checked some numbers really quickly and did the math and plotted the charts.  The amount of mail we saw hitting our inbound servers dropped by 40% in one day.  That's very unusual for a Tuesday.  However, the amount of mail we deliver to end users pretty much stayed the same.

While Ironport does expect the spam levels to return to normal (McColo will probably just plug their servers back in or move buildings), let the record show that I am going to partake in a little bit of schaudenfreude at McColo's expense.

Leave a Comment
  • Please add 6 and 5 and type the answer here:
  • Post
Page 1 of 1 (3 items)