Spam e-mail is a significant and growing nuisance. As used herein, “spam” is any unsolicited e-mail, i.e. email that is sent to a computer user without the user's consent.
When legitimate e-mail is sent to a given domain, the originating e-mail system sends the e-mail to the primary e-mail server for that domain. The domain can also have at least one backup e-mail server. A backup e-mail server should receive e-mail only when the primary e-mail server is unreachable by an e-mail sender. Some senders of spam have realized that backup e-mail servers are sometimes not as well secured as primary e-mail servers. Whereas a primary e-mail server might have a filter or other mechanism installed to detect incoming spam, backup servers are sometimes more vulnerable. Additionally, primary e-mail servers are sometimes configured to accept all incoming e-mail originating from one of their backup e-mail servers. Thus, backup e-mail servers are viewed as a good target by many senders of spam, who often send their spam directly to a backup e-mail server in an attempt to bypass the security of the primary e-mail server. What is needed are methods, computer readable media and systems to detect such attempts.