This morning, I went to Denver to meet with scott. We made an aborted attempt to gather information on yet another project relating to the mysterious business dealings of scottgalvin.com. It turned out he had been given some bad information, and the party on the other end had no inkling that we were going to be coming.

On the plus side, after our main mission didn't pan out, we spent some time wandering around an office building in the Denver Tech Center that was home to (among other things) a venture capital firm. Interestingly enough, scott seemed to know the majority of the random people we ran into there. (Next time, there definitely should be a video camera present; maybe even an entire documentary crew equipped with boom mikes.)

We ate lunch at a familiar Garcia's restaurant, which I remembered from the Colorado Linux Info Quest days of yore. There, we discussed many ideas related to the business, and to the big internal project that's currently in development.

Upon arriving back here in the afternoon, I discovered that the spammer exploit trap we setup last Saturday had successfully caught some rather nasty attempts to pummel AOL's servers with junk to the tune of over 60 megs. (It all has to do with vulnerable CGI scripts that unnamed customers keep installing on the server. Even though they don't have privileged access, evil spammers can still exploit them as a launching point to spew net pollution. That was until we started implementing some serious crackdown measures to prevent this from happening.)

After we figured out which cgi script they were coming in through, we put some more stuff in place to silently record even more about how it was happening, and waited for them to hit it again. The spammers haven't taken the bait again yet, but our server will patiently wait for them to do so.

We also got a nice handful of IP addresses, most of which (surprise surprise) originate from other countries.

Meanwhile, I got busy on fortifying other facilities on our server which could potentially be exploitable by spammers. Our new operating rule: Assume any and all customers that sign up with us (with shell access) could potentially be a spammer, and set things up to stop them before they can cause significant damage, while still letting users send legitimate email.

Tricky stuff. iptables is my friend. The exim specification is my friend. (I think I'm going to need to buy the exim O'Reilly book one of these days too.)

I like my pseudo-job. :)

Death to all spammers!