Ever heard of mailbombing and know how this can apply to you? Do you own your own domain name and server space? I recently sent out an apology to my subscribers who would have received a crazy amount of emails from my automatic post notification service. A cron-job on my server that got stuck in a loop and kept re-issuing the same notification because it never got to the end of it’s command string which told it to ‘end’.
Server problems like this do happen, which require a webmaster to always keep a health check on sites all the time. So apart from the obvious calamity of sending out hundreds of unwanted emails, where else can this be a problem, or even misused. The answer from webmasters in the know will surprise you.
First a mailserver mailbombing other services, mistakenly or not can become blacklisted. After this point any email sent from the server ends up in the spam bin automatically as all webclients, and webservers keep an eye on server IP addresses that should be blacklisted, and the list is updated constantly. You can check whether your server is blacklisted, it can be the case that your server is a shared host on which other domains also reside. Now if they were responsible for getting your server blacklisted, you will have a problem if you share the same IP class.
Secondly, what if you have your own dedicated mail server space? i.e., email@example.com Supposing you just haven’t checked to empty all it’s contents since forever or since you owned it. Did you know that your server has a database of every single file, every email, each one represented by an ‘inode’. If you’ve never cleaned your server space, you could easily reach the maximum number of files your server can record in a file allocation database. This list simply tells the server where to look to find certain files. When that happens, things just stop, everything on your server will stop as it won’t know where to look for files to keep basic operations running.It will often have to write to the server to perform certain memory requiring commands, and if it cannot, these processes can’t function without being able to write memory to the server space.
It could be that you would have a limited number of inodes, these are like a list of geolocators for any kind of file on the server, and at some point you just reach the maximum and everything just dies. Inodes have nothing to do with file size, you could have thousands of records on your database, each the size only of one line. It could be that other people sharing your server, on the same IP class use up more than their fair share of server space, but use little amount of inodes. So keep a check on this, always keep your web email server clean, and be a good neighbour. Check if you have a POP3 email service, that emails are being deleted off the server also, or you could be growing your inode list by 100s a day.
Now knowledge of this information can also fall into the wrong hands and put any website owner at risk, to receive attack from an anonymous competitor. If you own a website domain, including various emails to that domain, then you should be aware and constantly on the vigil for such an attack known as mailbombing. The perpetrators will know that they have to instigate ‘mail spamming’ of a domain, without their own servers becoming blacklisted, so will often rotate their IP class, or start the attack simultaneously from different webserver locations to cloak their identity. The idea is, if the recieving server is encumbered with enough inodes at one particular time, then it will shut down. It may take 10,000 emails to occur, or simply 4000, depending if the server has a timed system for wiping old inodes. Perpetrators can usually only throttle down to 500 emails per hour from an account before they risk getting their IP class blacklisted, so will usually employ different webmail clients that cloak their IP address, and will apparently eminate the emails from many different IP classes.
In my last apology post I sent out a web strategy game I thought might act as a bit of kool-aid for the unfortunate recipients of my nut job server gone spammy. The game – bricks breaking II I thought was a simple but pretty effective analogy of your server trying to stave off email bombing. Check it out, the concept is simple. You can only remove three bricks at a time – analagous to the server only deleting emails once they are read – but there’s always more coming in…
- Introduction To Webmin (diwt.wordpress.com)
- How to Schedule Database Backup Using Cron Job (maketecheasier.com)
- Predicting server hardware failure with mcelog (barry.wordpress.com)
- Marc Deslauriers: Check your cron jobs… (mdeslaur.blogspot.com)