How Well are Your Servers Handling MyDoom?
whosyourgeekdaddy asks: "A co-worker was showing me some of the usage stats for a clients exchange server: its averaging 630 users, and 300,000 emails per day, for the last 4 days. This made me want to ask how heavy is the workload for your 'average' Exchange server? Is this typical? MyDoom has upped the usage some, but not a lot. This client is a real estate company, so e-mail is frequently used." Of course, Exchange servers aren't the only ones feeling MyDoom. What kind of statistics have you been seeing from MyDoom, both as a user and as an administrator?
grep "X-Infected: W32/Mydoom.A@mm" rejectlog* | wc -l
11096
All rejected at SMTP time, not mindlessly bounced after the fact.
My server isn't even feeling it.
One trick which helped ease the burden is that the majority of the emails are coming in with very specific topics: "hi", "hello", "test", "status" and "server report". Added this line to my postfix spamfilter rules and it eased a LOT of the burden immediately:
If you're an administrator out there reading this, for the love of whatever god you hold dear TURN OFF YOUR BLOODY VIRUS BOUNCE MESSAGES! I've had as many 'replies' to faked From: headers as virus mails. You're making the problem far worse than it otherwise would be!"People will pay big bucks for the luxury of ignorance."