Domain: dowco.com
Stories and comments across the archive that link to dowco.com.
Comments · 12
-
I've known about this for a while...
When I worked at the helpdesk of a small ISP, we were approached by this company to see if we were interested in letting them test their ad-inserting proxy server on our customers. I protested that it was scummy and might lead to legal trouble (I was guessing) over changing pages in-flight, but my bosses didn't listen. That was back in 2002 or 2003, and I left shortly after to take another job. No idea what's going on there now.
I'm moving to a new ISP since my current one has started blocking port 25 in and out. I run my own mail server, so I appreciate that Uniserve's TOS explicitly allow servers (clause #19). However, they also explicitly say that they insert ads:
65. UNISERVE shall have the right, without notice, to insert advertising data into the Internet browser used by a UNSERVE customer, and transferred to a UNISERVE customer over UNISERVE's network, so long as this does not involve UNISERVE establishing the identity of the customer to whom such data is sent.
Needless to say I'm not happy about that, but in Vancouver my choices are limited: Telus (who'll censor web pages if they belong to a union striking against them), Shaw, or a handful of small ADSL ISPs that all seem to be much the same. Uniserve seems the best of a bad bunch.
-
Re:Spam declining?
Interesting...the graph at my old job shows the same thing. Keep in mind, though, that could just as easily be spammers working around filters (at least in my case, and I assume yours).
-
The ISP I used to work at did thisThe ISP I used to work at did this. They made a deal with a company called Adzila (one L, as I recall) that routed dialup traffic through a caching proxy web server. Stuff like Google's page would have a Dowco (or someone else's) ad at the bottom of it, or one of (say) the New York Times' ads would have one of ours susbstituted.
I was pretty unhappy with this, but was unable to convince my bosses that this was evil or risky. The company had apparently convinced them that they had checked it out with their laywers, and because they weren't changing the site's HTML -- they were putting outside Google's final </html> -- they were safe. (Never got an answer about substituting ads.).
I don't work there anymore, but last I heard it's still going on, and there's a few ISPs, at least in Vancouver, that are doing this. Scary.
-
Re:Spam content dropoff?
Nor according to this one, which I use to babysit.
-
Holy.Fucking. Shit.
I just totaled up the logs for the spam graph I keep for our mail server. In maybe a year and a half, we've caught approx. 1.6 million spams. I thought we were doing well.
But Jesus Christ! Who here wants to start a pool? We'll bet on how long it'll take before AOL has stopped a googol of spam, total. I bet two and a half years; three tops.
-
Well...I work for a a small ISP. I took over abuse duties about a year and a half ago.
It hasn't happened in a while, but any time I got a complaint about a customer spamming that checked out, I cut off the account immediately. This was happening about once a month for a while -- people signing up for throwaway accounts and spamming the hell out of them until they were cut off. One morning I checked my email and found spam that was sent from one of these accounts. I was able to log in, lock the account and kick 'em off our modems. That made me feel good.
As for responses to complaints: we'd get a lot of complaints when one of these episodes happened (usually through the good offices of SpamCop, who Truly Rock), and it was impossible to reply individually to each one. I took the initiative and installed Linux (had been W98) so that I could use Mutt, with all the automation that implied, to send canned responses to let people know that someone's listening.
There are two big reasons for any ISP to respond aggressively to complaints about spam:
First, it's death to end up on a blacklist. The number of complaints would be astronomical, and if you're not lucky enough to be dealing w/a blacklist with defined ways of getting off it, you're stuck either waiting for people to decide you're honest/have suffered enough, or living with random chunks of email bouncing. Have a look in news.admin.net-abuse.email (I think that's the right group -- check Google) sometime and read the complaints from people who have been blacklisted. There is no sympathy (or at least very little) in that group for anyone who is blacklisted (whether there should be sympathy is another question).
Second, and arguably more importantly, spam is just plain wrong. There were the comments of the head of an old ISP -- The Well, maybe? -- a while back; he said that for any other entity on the Internet, a DDOS on the scale of spam would be Big News and would result in action. But email, for some reason, just doesn't rate a damn. People are drowning in the stuff, but so are mail servers, and the ISPs that run them, and the admins who take care of them. Check out my journal -- we had to spend $ on getting a new server, plus my time to set it up, just to keep our customer-facing mail server from falling over from the sheer volume of the stuff. That's fucking insane, and the idea of contributing in any degree to someone else's version of that story should make anyone sick to their stomach. It is such a waste of so many resources.
So for me at least, the moral and economic incentives to take action on spam are huge, but the volume of complaints for any episode usually prevents me from replying personally. I can only imagine what it would be like for someone at AOL or Sprint or what have you. YMMV.
-
Re:performance info is uselessOr if you've got a 486 w/16 MB of RAM, say. (Let 'er rip...I've always wanted to see how it does under a slashdotting
:-)
Works fine for me. C'mon, I can't be the only one who's set this up, right? -
You know what I'd kill for?A version of this for Outlook Express.
I work on the helpdesk of a small ISP; I also take care of the spam filtering, and answer abuse@. We recently added SpamAssassin, and God does it rock. (The big spike you see is me getting MRTG to graph what SA catches now; it's 6-10 times better than what we used to catch.)
But I still get complaints from our customers about spam that gets through. Just the other day a crapload got through because it was relatively subdued spam (no webbugs, NO LINE OF YELLING, etc); unfortunately, it also advertised pictures of young boys having sex. It's hard to explain why it's very, very hard to filter for this sort of thing, especially when I'm going through the talk for the nth time this week. (I need a good analogy that non-geeks can understand; I'm still looking.)
The good folks at DeerSoft have a version of SpamAssassin for Outlook, and are promising one for OE Real Soon Now. But I would loooooooooooooooooooooooove a good spam program -- this or SA or something else -- that I could point our customers to. Download, double-click, say yes, and bam it's installed. I can figure out how to install this on a Unix box; I could probably, eventually figure out how to do it on a Windows box; there's no way the customers could do it.
Or am I missing good, free spam filtering for Windows? Can anyone point me in the right direction?
Slightly OT: There has got to be a huge market for setting up spam filtering for small businesses. My idea: Tell 'em that if they provide the box -- an old Pentium or 486 will do -- I'll set up spam filtering and a firewall on it, set up some maintenance tools (whitelist this, firewall that). They get great mail service, I get $x00.
-
Re:telemarketersHm...not sure if just submitting stuff to spamcop (you send the spam, they email back a link, you click on the link and hit submit) but if you are, I don't think it's likely you'll get spam from that. Also, have a look at the MRTG spam graph I maintain. It keeps track of the numbers of messages we catch using procmail. As I write this, the average over the last couple days is 333/hour. In the time I've been keeping this graph, I figure something like 1.25 million pieces of spam have been caught.
-
Sounds tres coolI came across an ad recently for a commercial system that worked in a similar way; they had a bunch of different pop accounts set up to catch spam, and then created signatures of those messages in real time. You subscribe to their service, and you get an updated list every . Can't remember the name of the company, but I do remember them saying that new spam messages were typically sent out to clients w/in 15 minutes.
One question about this system that I hope the poster (or someone else using this system) will answer: what's it like on server load? Right now, at the ISP I work at, we're using procmail to filter for spam (check the graphs here: http://selenium.dowco.com/spam/spam.html). It's a good way of doing things, but there are some shortcomings: basically, since it runs on our mailserver, I can't run all the body searches I want; in fact, we had to cut out body searches recently because the load was getting too high and/or email was taking too long to get through. There's some workarounds that I haven't got around to putting in yet (body scanning only when 3k in size, etc), but you can see my point. Anyone?
-
Re:And good riddance!I'm with you on this. I work for a small/mid-sized ISP, and one of the things I do is keep track of the procmail filter we run on incoming messages. Some random bit of info & thoughts:
- We catch, on average, something like 200 messages per hour; that works out to about 30k-35k messages per week. Check out the latest results here (http://selenium.dowco.com/spam/spam.html for the goatse.cx paranoid).
- Our customers have 56k modems or slower, and they're not terribly clueful for the most part (then again, I work on the help desk, so that's all I see). So not only does it take up time while the meter's ticking to download it, there's a significant chunk of them that don't understand that spam is, unfortunately, epidemic on the net, or that spammers won't remove their names, or that they're hawking pyramid schemes that just won't work. Add to that a call every now and then from someone genuinely upset and offended about pr0n spam, and it makes for an interesting time talking them down from the ledge...
- Upshot is that spam costs us the isp, and them the customer, a lot to deal with the crap that keeps flooding in. You shouldn't have to be paranoid about handing out your email address on the net, or posting it in plain sight, for fear that you'll be hacking your way through MAKE MONEY NOW for the rest of your email address' life.
- Remember that scene in Futurama where Fry goes on the Virtual Reality Net of the Future, and they get dive-bombed by spam messages and have to take cover? That's no kind of net that I want to have, or to have to deal with, and I don't think it should be up to the customer or the ISP to pay to read crap.
-
Mirror of the HTML version