Spammers abuse Yahoo's Authenticated Mail
Spammers are abusing Yahoo's mail servers to bypass filters, according to the MessageLabs monthly report for April 2008. They are digitally signing their email headers using Yahoo's DomainKeys Identified Mail (DKIM), thereby convincing spam filters that the email is legitimate.
Spammers are not sending their messages using Yahoo's web front end, but instead using the company's SMTP servers that allow Yahoo users to use any email client. According to MessageLabs, most of the spam sent in this manner using Yahoo Mail comes from the Yahoo! Plus server, which is a premium service. To create Yahoo accounts, Spammers are using automatic scripts, which, according to MessageLabs, are able to crack captchas.
In particular, the Spam clique known as Canadian Pharmacy uses Yahoo's servers. The report says this group used more than 1100 specially created email accounts during the period under review.
See also:
- MessageLabs Intelligence: April 2008, report at MessageLabs
(mba)