FEATURE(`blacklist_recipients')dnl
FEATURE(`dnsbl', `bl.csma.biz', `550 Spam Block: mail from $&{client_addr} refused - See http://bl.csma.biz/')dnl
FEATURE(`dnsbl', `sbl.spamhaus.org', `550 Spam Block: mail from $&{client_addr} refused - See http://www.spamhaus.org/sbl/')dnl
FEATURE(`dnsbl', `psbl.surriel.com', `550 Spam Block: mail from $&{client_addr} refused - see http://psbl.surriel.com/')dnl
FEATURE(`dnsbl',`dnsbl.sorbs.net',`550 Spam Block: mail from $&{client_addr} refused - see http://dnsbl.sorbs.net/')dnl
FEATURE(`dnsbl',`dnsrbl.swinog.ch',`550 Spam Block: mail from $&{client_addr} refused - see http://antispam.imp.ch/spamikaze/remove.php')dnl

After adding the entry for the Swinog RBL, I generated a sendmail.cf file from sendmail.mc and restarted sendmail.

# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# /etc/init.d/sendmail restart

I checked /var/log/maillog just moments after adding that blacklist and found it had blocked spam:

# grep 'antispam.imp.ch' /var/log/maillog
Apr  8 21:16:57 frostdragon sendmail[15676]: n391GuGi015676: ruleset=check_rcpt,
 arg1=<broderbundxxxxxx@moonpoint.com>, relay=65-75-229-245.dsl.ctcn.net [65.75.
229.245] (may be forged), reject=550 5.7.1 <broderbundxxxxxx@moonpoint.com>... S
pam Block:mail from 65.75.229.245 refused - see http://antispam.imp.ch/spamikaze
/remove.php

The Swinog DNSBL blocked email to an email address that I used on December 8, 2004 when I registered software with Brøderbund Software. I never used the email for any other purpose. Usually, when I'm providing an email address to any company, I don't use my primary email address, but instead create an alias for that address that points to my primary email address. So, if I start getting a lot of spam addressed to the alias, I can just invalidate the alias. And, since the aliases I create are not ones a spammer would use if the spammer was employing a name dictionary attack, i.e. guessing likekly names, I know that the company has provided the email address I gave them to a spammer. So I know the spammer got the address above, which I've changed for any spam spiders that may crawl across this page, from Brøderbund Software or one of the companies that subsequently owned Brøderbund Software.

The Wikipedia article on the company at Brøderbund lists the following history of corporate ownership for Brøderbund.

Brøderbund was purchased by The Learning Company in 1998 for about USD$420 million in stock. Ironically, Brøderbund had initially attempted to purchase the original The Learning Company in 1995, but was outbid by Softkey, who purchased The Learning Company for $606 million in cash and then adopted its name. In a move to rationalize costs, The Learning Company promptly terminated 500 employees at Brøderbund the same year, representing 42% of the company's workforce. Then in 1999 the combined company was bought by Mattel for $3.6 billion. Mattel reeled from the financial impact of this transaction, and Jill Barad, the CEO, ended up being forced out in a climate of investor outrage. Mattel then gave away The Learning Company in September 2000 to Gores Technology Group, a private acquisitions firm, for a share of whatever Gores could obtain by selling the company. In 2001, Gores sold The Learning Company's entertainment holdings to Ubisoft, and most of the other holdings, including the Brøderbund name, to Irish company Riverdeep. Currently, all of Brøderbund's games, such as the Myst series, are published by Ubisoft.

I suspect that it wasn't just my email address that was sold to spammers. Probably Brøderbund's entire mailing list was sold by either Brøderbund or one of the companies that acquired it, though, of course there is a possibility it could just have been an employee of one of the companies trying to make some easy cash or one who was losing a job as his or her company was acquired by another company, who could have been looking to compensate for lost wages.

The address is still being used by spammers over four years later, even though the address has probably not been valid for over a year. Unfortunately, I don't remember when I first started getting spam addressed to that email address.

After having a hernia operation recently, I noticed I've been getting spam on a fairly regular basis suggesting I might want to use the legal services mentioned in the spam if I wanted to sue for any problems related to the patch used in the surgery. I don't remember seeing any of this type of message previously, though it's possible that I might have received such messages, but they never registered in my consciousness then as I deleted spam. But I'm wondering now if someone at the office of the doctor who performed the surgery sold my email address. I believe I did put my primary email address on a form I filled out at the doctor's office. If I had used an alias, I would know for certain, if that was the case.

[/network/email/spam/blocklists] permanent link