Yesterday morning, about 7:30 a.m., our company’s email system went silent. We could neither send nor receive emails through the domains associated with our server.
The reason: For the past week or so, we’ve been receiving massive amounts of spam “bouncebacks”. At first, I thought this could have been a situation where the bad guys had borrowed our email identities for spam attacks. However, I now think it is much more likely that a trojan or other piece of malware infected our server, and turned it into a spambot.
(I cannot be sure about this, and the former explanation may be more plausible because even as the volume of spam increased, there were few signs that spam control services were flagging our site/s as dangerous — which I think would have been much more likely if the systems could detect that we were indeed intentionally sending the spam.)
Regardless, things reached a head Thursday night, with dozens of spam bouncebacks each minute, and the process finally overwhelmed our server and, wham, the email went silent.
I immediately contacted our internet service provider (Hostgator) and the support person put in an “escalation” request to the company’s security team. While the loss of email service was inconvenient, we weren’t totally caught in a crisis — the websites all remained in order and all of our staff have personal emails which we reverted to for emergency communication through the day.
About 8 p.m. last night, our email returned, after Hostgator reset things and changed passwords. And thankfully many of the emails directed to us during the day from readers and advertisers arrived after we had our accounts restored.
This experience reminded me of the amazing and disturbing volume of spam being spewed each moment, and the massive and sophisticated systems to manage it so that it is almost invisible. As it is, we’re back in business with our emails and I can breathe a sigh of relief that it took less than a day to correct the problem.