| That specific paragraph is a lot of weirdness. But once you have the domain, somebody who knows what they're doing with DNS and SMTP absolutely could set up proper email services on it (forward-confirmed rDNS, SPF, DKIM signing, DMARC), and send spam with it. It's functionally equivalent to any other domain. Particularly if the intention was to be a one-shot approach that would "burn" both the domain and the hosting services, such as in the days leading up to an election. A really smart bad actor would use some IP space from an ISP that traditionally has not been a source of spam. Eg: Not an ISP with a lot of low-dollar-value VPS/VM/hosting customers. There's still some totally "clean" /24 IP blocks out there in the various RBLs and spam listing services if you go searching. If I were an evil person and did this, I'd try to get the domain at least a few weeks in advance and try to generate a moderate volume of totally legit looking emails, destined for the top 20 major destinations (office365, gmail, etc) and verify from a bunch of sockpuppet accounts that the mail was actually getting delivered. Then I'd turn loose the fire hose. Should a person want to be really evil, they'd do something like the reverse of what happened to the City of Baltimore with the cryptolocker trojan. Find a list of municipal (water, sewer, gas, electrical, property tax) bill payers and email each of them a plausible looking invoice, with cryptolocker attached. The likelihood of people opening it would be high. |