Slashdot Mirror

← Back to Stories (view on slashdot.org)

When Does Spam Equal "Denial of Service"?

Posted by Cliff on from the when-is-spam-not-spam dept.

gary.flake asks: "I've long accepted that I am always going to receive more spam than real e-mail. However, in the past 48 hours I've recieved over 9000 (that's NINE THOUSAND) spam messages from the same spammer. I've sent complaints to every postmaster whose IP address appears in the header. I have also set up a filter to delete the remaining influx (but ~1,700 still got by in the early stages). What now? One would think that this behavior would be outright illegal. But it also appears that the sender and the advertised spam Web site are outside of U.S. jurisdiction. Any suggestions on how to proceed?" Aside from filtering the problem address in question, what can one do?

"Here is a sample header (with my email adress DELETED): 

From - Sat Jul  1 10:11:08 2000
Return-Path:(DELETED)
Received: from h11.mail.home.com ([24.0.95.45]) by mail.rdc2.pa.home.com
(InterMail vM.4.01.03.00 201-229-121) with ESMTP id

          for (DELETED)
          Sat, 1 Jul 2000 06:46:51 -0700
Received: from mx11-rwc.mail.home.com (mx11-rwc.mail.home.com [24.0.95.29])
	by h11.mail.home.com (8.9.3/8.9.0) with ESMTP id GAA25694
	for (DELETED); Sat, 1 Jul 2000 06:46:51 -0700 (PDT)
Received: from mx04.netaddress.usa.net
(mx04.netaddress.usa.net [204.68.24.141])
	by mx11-rwc.mail.home.com (8.9.1/8.9.1) with SMTP id GAA20861
	for (DELETED); Sat, 1 Jul 2000 06:46:50 -0700 (PDT)
Received: (qmail 4654 invoked by uid 0); 1 Jul 2000 13:46:00 -0000
Received: from gsnonweb.com [194.90.101.35] by mx04 via mtad (34FM1.5.01)
	with ESMTP id 143egaNtx0454M04; Sat, 01 Jul 2000 13:45:58 GMT
Received: (apparently) from localhost ([216.8.12.174])
by gsnonweb.com  with Microsoft SMTPSVC(5.5.1877.197.19);
	 Sat, 1 Jul 2000 10:29:50 +0300
X-Mailer: Microsoft Outlook Express 5.00.2014.211
Date: Sat, 01 Jul 2000 00:30:14 -0800
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7BIT
From: auto65686@hushmail.com
Message-Id: 
Subject: You are invited to join our private club!
To: buddapest@LoadMail.com
X-Mozilla-Status: 8001
X-Mozilla-Status2: 00000000
X-UIDL: "

1 of 8 comments (clear)

  1. Try this... by eap · · Score: 3
    I assume you're probably familiar with Junkbusters. If not, try their software. It will allow you to block most unwanted email.

    Try joining the MAPS Realtime Blacklist of spammers.

    Report the sites listed in the headers to ORBS. If they have open mail relays, ORBS will log them in its database and send a notification to the postmaster. Mail relays which support ORBS will not relay mail coming from unsecured hosts. If the sites are clean, no harm done, ORBS will not flag them.

    Finally, you can always work up a procmail script to filter out most spam. Sure, it doesn't keep spammers from using your network resources, but if everyone did it, spamming would be a lot less profitable.

    Hope this helps