spamhaus.org · Domains · Slashdot Mirror

more on the subject by Anonymous Coward · 2006-09-15 02:12 · Score: 0 · on Spamhaus to Ignore $11.7M Judgement

Link below contains a colorful communication between two parties :)

http://www.spamhaus.org/rokso/evidence.lasso?rokso _id=ROK7008

Re:The bigger question by Matts · 2006-09-15 01:34 · Score: 1 · on Spamhaus to Ignore $11.7M Judgement

I wish it were that simple. Sadly your question is terribly naive.

See: http://www.spamhaus.org/sbl/listings.lasso?isp=ver izonbusiness.com for example.

Comcast ist part of the problem - Spamhaus by NoSuchGuy · 2006-08-31 14:49 · Score: 1 · on Comcast Blocks Yet Another ISPs E-Mail

Spamhaus shows that Comcast is part of the problem!

Re:Important note... by 70Bang · 2006-08-14 21:25 · Score: 4, Insightful · on Pirate Party Launches Commercial Darknet

There's very little in the actual document which isn't in the published article when it comes to cost.

...I would thihnk that charging comercially[sic] for the service is nessesary to keep it from becoming a spammer tool...

Have you been living on Gilligan's Island?

5eu/month is, as pointed out in the FA, at the current exchange rate: $6.359.

Before Scotty Richter was castrated, he was bringing $2M into his office, yes, two million U$ monthly. And he wasn't the king of the mountain.

Can you explain how $6.359/month going to make a spammer think twice about using the service? Particularly when you consider the anonymity. No more looking for open proxies & relays.

They pay far, far, far more than that to set up shop in China, then send all of that crap back to the US. Most spam originates from the US as the 2003 U-CAN-SPAM law[1] basically gave them free reign, but the big boys still rely upon China.

Here are the top 200 spammers responsible for 80% of the crap which is dropped in your inbox.
Some of these guys (e.g. Ralsky) have substantial setups in their basements or an office (when they-he aren't|isn't getting caught running around in nothing but a black thong -- yes, there's a picture of it in an anti-spam archive.

But seriously. How do you think ~$6/month is going to stop a spammer. I'm not trying to present a loaded question here. I really do want to know your perspective on this because you may have insights no one else has considered.

The only way I can see this not becoming a spam haven is if there's a volume limit for that price and you have to pay $x/volume for each increment after that.

I'm all ears.

_______________________________
[1] Very effective, wouldn't you say? Has your volume of spam decreased (without human intervention to separate the wheat from the chaffe?)

Re:The Love of Money by arkhan_jg · 2006-08-11 09:33 · Score: 1 · on Michigan Enforces Do-Not-Email Registry Law

Just as evidence, look at the ROKSO list - almost all Americans.

Re:The text comes from the Gutenberg Project by nutsy · 2006-08-10 07:36 · Score: 1 · on New Kind of Spam 'Un-Training' Filters?

First, it's Project Gutenberg, not "the Gutenberg Project". If you're gonna lecture for karma then at least get the name right.

Second, it's not always Gutenberg texts. I've seen segments of texts from other copyright-free texts too (including some Russian books translated to English), and even copyrighted ones like Stephen King's Misery -- I guess when someone's already engaged in the utterly selfish and inconsiderate act of spamming, copyright violation is just icing on the cake. The Annie Wilkes treatment is just too good for some of these chaps.

Spam is dying by Animats · 2006-08-09 06:15 · Score: 5, Interesting · on New Kind of Spam 'Un-Training' Filters?

Spam as advertising is dead, killed by a combination of CAN-SPAM and spam filters. What remains is ordinary criminality.

CAN-SPAM killed spam as advertising, in a way that neither the Direct Marketing Association or the anti-spam groups expected. CAN-SPAM has criminal penalties for forged headers, but doesn't restrict "legitimate e-mail marketing", which is what the DMA wanted. But with valid headers, spam filters can immediately discard spam. The result is that "legitimate e-mail marketing" attempts go directly to the bit bucket today. Notice how rarely you see a spam from any legitimate company any more. (This assumes you have reasonable filtering.)

With the legitimate businesses gone, spam became a branch of crime. To be a spammer today, you have to commit felonies. Which means a risk of doing jail time. The famous "Buffalo Spammer" went to jail in 2004, and gets out in 2011. Jeremy Jaynes was sentenced to nine years in prison; he's out on bail pending an appeal, but sooner or later he's going to do those nine years. There's a Registry of Known Spam Operators, and law enforcement reads that list. Most of the people on that list have had visits from law enforcement.

Spammers have tried moving offshore, but that's not working as well as it used to. Few countries want to be known as spam havens. Even in China, it's getting harder; spammers have had to move from the developed coast to more remote provinces, where Beijing has less presence. ("The mountains are high and the emperor is far away") Operating offshore draws the attention of the investigators who follow money-laundering, terrorism, and drug-dealing. There are people doing this, but the risks are high.

What's left is what you'd expect - wannabe crooks, as in any bad neighborhood. They're not very good at crime. They're not making much money. They're what cops call "regular customers". They're a problem, but not a major threat. Those are the ones sending out useless spam.

Already done - realtime black lists. by AaronW · 2006-08-09 06:06 · Score: 1 · on New Kind of Spam 'Un-Training' Filters?

There are a number of good realtime black lists (RBLs) that do just that. I use them at my mail server and it blocks a huge percentage of spam. Furthermore, I have my mail server (postfix) set up to tarpit those senders. In other words, it holds onto the connection for 20-30 seconds before sending any sort of reply, effectively slowing down the spammer a bit and consuming their resources.

I like the sbl-xbl blacklist at spamhaus.org, which combines several of them together.

SBL has Verizon Business as the #1 spam gang host by Anonymous Coward · 2006-07-24 04:30 · Score: 0 · on Sophos Reveals Latest Spam-Relaying Countries

http://www.spamhaus.org/sbl/listings.lasso?isp=ver izonbusiness.com

This is to be expected by a company that bought SpewSpew.net

Re:Wow, short aricle for sure by RedToad · 2006-06-22 13:35 · Score: 1 · on China Getting 'Serious' About Spam?

China has a loose handle on external spammers, both Russian and American as seen in this link

Noted ROKSO spammers like Leo Kuvayev (BadCow) and Christopher Brown / Swank's IP addresses are listed. But there has been little action on China's part to shut out the foreign spamming hordes that besmirch their country's reputation as a haven for the more techno-savvy Russians and Americans who have been raping their unprotected infrastructure with immunity to date.

Re:Wow, short aricle for sure by RedToad · 2006-06-22 13:35 · Score: 1 · on China Getting 'Serious' About Spam?

China has a loose handle on external spammers, both Russian and American as seen in this link

Noted ROKSO spammers like Leo Kuvayev (BadCow) and Christopher Brown / Swank's IP addresses are listed. But there has been little action on China's part to shut out the foreign spamming hordes that besmirch their country's reputation as a haven for the more techno-savvy Russians and Americans who have been raping their unprotected infrastructure with immunity to date.

Please USA, get 'Serious' about Spam too. by Anonymous Coward · 2006-06-22 08:59 · Score: 3, Informative · on China Getting 'Serious' About Spam?

See the stats here.

Re:Well, they had better get cracking by malv · 2006-06-22 06:03 · Score: 1 · on China Getting 'Serious' About Spam?

And US is still in the lead:

http://www.spamhaus.org/statistics/countries.lasso

send-safe.com get's disabled/suspended too? by Anonymous Coward · 2006-06-17 14:28 · Score: 0 · on GoDaddy Holds Domains Hostage

Does this mean joker.com can disable/suspended send-safe.com? ROK5500
And gandi.net can stop/suspended clustermailer.com? ROK5611

send-safe.com get's disabled/suspended too? by Anonymous Coward · 2006-06-17 14:28 · Score: 0 · on GoDaddy Holds Domains Hostage

Does this mean joker.com can disable/suspended send-safe.com? ROK5500
And gandi.net can stop/suspended clustermailer.com? ROK5611

Re:Very dangerous precedent, or is it? by Anonymous Coward · 2006-06-17 06:03 · Score: 3, Insightful · on GoDaddy Holds Domains Hostage

I remember doing whois lookups and digs, and with the domains resolving back to GoDaddy as the register from time to time, I would complain to them for allowing registration of what were obviously domain names for spamming or mlm purposes which always turn out to be spam related as well. So I'd be putting pressure on GoDaddy for allowing the registrations, for not having software to look for obvious spam names within the domain names they currently register, and for other actions that enable or provide refuge to spammers.

That being said, I'm also on the other end currently. One of the domains I'm hosting has the word "ebay" within the domain name. I never even realized this. The domain name is also a legal, currently registered and operating corporation within the US. It's been in business more than two years. Its line of business has nothing to do with spam, it deals with supplying certain metal goods to large distributors and large end users within the US and elsewhere. It's the type of business where you confirm the customer is a large end user or distributor, and upon doing this, you don't have a problem sending them several thousand dollars in samples, hoping they'll place blanket orders for years into the future. Without having the knowledge on running a mail server, and currently without the resources for a secondary dns on another ip block, it was decided that GoDaddy would be the host for the mail server for the domain.

A few test emails from the business domain, with an email address that is obviously business related (sales@legitdomain, a few others), everything went through without a problem, great. Add email address to invoices, statements, shipping documents, product packaging, start using to communicate with new customers, suddenly a problem. Turns out if the email contains a couple of email addresses within the body, or if the email contains a couple of urls with certain keywords (keywords normally related to some of the customers' business lines), more than two urls, a combination of an email address and a url, and the emails would be rejected. GoDaddy's smtp server wouldn't accept the email for sending. Not that it would bounce, it would outright reject the email.

Trying to get GoDaddy's tech department just to understand what was going on was difficult. Forward the bounce message. There is no bounce message, the smtp server is outright refusing to accept the email as it is being sent. Send the error message of your email client. Email client is KMail. Here's the instructions for Outlook. Email client is KMail. Here's the instructions for Mozilla mail. Email client is KMail. Here's a screenshot of the popup error message you requested. You're using a non-standard email client. Here's the instructions for outlook. Please send me responses in plain text instead of html. Sorry, our email is sent in html. Please don't send me instructions in .doc format, send in .txt or .pdf. Sorry, .doc format is all we have, here's a link to our internal documentation. Great, how do I get passed your firewall to view a GoDaddy internal documentation link?

That's just the first few attempts to get the email working. Next, we received every excuse known to man for why mail was being blocked. Your domain is blacklisted by the RBLs. No its not. Your domain is blacklisted by Spamhaus. No, its not. Your ip is listed in Spamhaus. No its not. Your ip block is listed in Spamhaus. No, its not. The email domain you are sending your email to is listed in Spamhaus. Are you serious?

Actual email trouble ticket response:

Thank you for contacting customer support. The error message received is related to our anti-phishing software, which blocks known spammer links from being sent through our system. It primarily blocks links from sites listed on http://www.spamhaus.org/ (also blocks our own "spammer" database).

Re:Spamhaus blacklisted Google GMail. :-( by McDutchie · 2006-06-17 05:18 · Score: 2, Insightful · on GoDaddy Holds Domains Hostage

PERM_FAILURE: SMTP Error (state 9): 554 Sorry, your mail server (py-out-1112.google.com[64.233.166.178]) is rejected using sbl-xbl.spamhaus.org. See http://postmaster.frontiernet.net/error.html#sbl-x bl [frontiernet.net]

This "evidence" appears to be fabricated. The IP address 64.233.166.178 is in fact not listed on Spamhaus at all:

$ host 178.166.233.64.sbl-xbl.spamhaus.org Host 178.166.233.64.sbl-xbl.spamhaus.org not found: 3(NXDOMAIN) $

or see the web lookup query at spamhaus.org.

Re:Survey Says? by XSforMe · 2006-06-13 02:17 · Score: 1 · on Spam from Taiwan

Rokso keeps track of the major spammers. Most of them reside in the US, though they typically offshore their servers to other countries.

Re:Sender or Receiver? by Anonymous Coward · 2006-05-26 06:54 · Score: 1, Informative · on EU Considers Taxing SMS Messages, Email

Take a look at for instance
http://www.spamhaus.org/statistics/countries.lasso

USA is the #1 spammer. Granted, the EU is not counted as total but I can tell you that most of the EU countries have always had quite strictly regulated telecommunication markets. Some countries practically are not sending any spam at all because the spamming open proxy owners would get cut off in minutes by the core network administrations.

Re:Russian Local Law Enforcement? by Intron · 2006-05-19 04:17 · Score: 1 · on The World's Top Cybercriminals

here