Comment Spam: From American Universities?
Posted in OAImages News by John E. Pannell on May 26th, 2007 at 7:24 am The software powering this blog has now caught over 1500 spam comments, lately averaging about 30 spam per day. As the blog becomes more established this will probably only increase. Only one or two spam comments have gotten through and I deleted those quickly.
The spam attempts are for the usual products and services that are commonly pushed through bulk/junk emails. If you’re active on the internet, you know what they are. I am noticing something interesting though with a lot of these messages.
The products point folks to websites where they can buy this stuff. Oddly enough a lot of these websites/webpages are located on university servers. These are where the businesses run from, not spoof addresses. Many major universities seem to be affected. This morning’s spam comments include posts directing readers to pages on networks at Ball State University (bsu.edu), Oklahoma State University (okstate.edu), University of Minnesota (umn.edu) and Imperial Valley College (imperial.edu).
Are these univeristies aware how their servers are being misused and what are they doing to prevent this?
Are they directing you to the main web servers (e.g. “unc.edu” or “www.unc.edu”), or are they directing you to some other server on the network (e.g. “abc12345.resnet.unc.edu”). If the latter is the case, then it’s likely being hosted on a zombied machine belonging to a student.
It’s the latter.
Still shouldn’t the unversities be aware how their resources — or at least their (sub)domains and names — are being used?