Slashdot Mirror
DSLReports Study: 8 Hours 'til the Spam Hits
Masem writes: "In a rather interesting study at DSLReports, it was observed that email addresses published on a web site recieved spam within 8 hours of being posted, showing how aggressive the harvesters are working. In particular, a special link was set up on the main page that by following the link, the site generated an email address that was trackable to the IP that called the link, and not published anywhere else at any time. In the specific case, in only 8 hours after the email address was created, it had recieved spam; since that time about 9 months ago, it's gotten around 100 pieces. Given the time and source of most of the emails, the authors believe that they've simply got someone at one end of a home broadband pipeline using open relay mail servers, and most likely being paid to redistribute spam on the email addresses they harvest."
Someone should try and set up another study... Anyone up for the job? This seems too slow for the spammers, and I suppose it matters what kind of site you post your email address on.
Everything is mainstream now.
When I started working for Lockheed Martin, I had 4 spam emails in my mailbox that was delivered prior to my first day of work. In addition to this, I had 2 personal (they seemed personal IT related) job offer emails in my mailbox, also from prior to my first day of work. Both from recruiting companies.
Bringing irony to the Slash-masses
GOp@Tohell.com
LeaveMe@lone.com
Kissmy@ss.com
All of which I have used to registery sofware in the past.
Hughj@ss.com is still waiting for his free natural viagra as I write this.
Hello Kettle,
You, my friend are as black as pitch.
With love, Pot.
...would be for their ISP to go thru their logs and tell you the subscriber name and address of the offending little turd and kick their door in within 10 hours ;)
The email address wasn't harvested 8 hours after being posted, it was sent spam 8 hours after being harvested.
What would be more interesting is to find out how long it takes with your address on the web before it gets entered into the various lists...
While this study is very interesting, what I'd like to see more posted about is how often an e-mail address, unpublished on the Web but used for e-commerce, becomes the target for spam. Whenever I post something where the e-mail address goes up on a Web page, I sufficiently de-spamify it so that the harvesters won't know what to do with it (i.e. it's an obfuscated form of my address). But what really gets me is when I used my e-mail address for getting e-commerce confirmations, important for verifying orders, etc., and find that address the target of spam, even when I decline it.
I also find it handy to have a 'spamdrop' account, which is just another e-mail alias on my host, for signing up for one-off things, like chat, games, etc. That account fills up incredibly quickly; I receive on the order of 50 spams/day at that address. Wow...
Karma: Excellent Birds (mostly as a result of listening to Laurie Anderson)
What's the average length of time between a slashdot posting and the subsequent DoS attack on the linked site?
Jason.
Damn that Bernard Shifman! Will he never learn?
If Bill Gates had a nickel for every time Windows crashed... Oh wait, he does.
On 6.26am the morning of May 13th, 2001, the link is hit from IP 24.1.197.144 - a residential cable modem in Arizona
Google is big. Google has a very fat spider going around. Google definitly does not check a nowhere webpage as soon as it is created! How can somebody on a cable account (limited bandwith?) scan pages at a high enough rate that they hit an almost invisible webpage soon after it was created? Big machine, big connection? spoofed IP?
Is this business really so lucrative that people are willing to spend hours working on it? It'd like to have some stats on how many people actually subscribe to the "services" advertised for in spam. I know a spider is not a lot of maintenance once setup and the distribution cost for the spammers is almost null because they make everybody else pay for it, but where the hell do they get the profit...
Imperium et libertas
Autocracy and freedom
I used to have an e-mail address that was andrew@, it was great for a year or two. I still have it, but I do not retrieve the messages since it receives 30+ SPAM messages per day. My other e-mail address is my first initial + last name, and my last name is rare enough that I get maybe 1 Spam message per month.
What?
AIM screenname - hssa81
I am certain those sages had no idea how accurate they were to be - a shame the successful industries turned out to be address harvesting and spam generation :o(
With each breath in, a flower somewhere opens; with each breath out, a flower withers away. In between lies beauty.
Amazing, simply amazing!
I wonder what took them so long?
"Your superior intellect is no match for our puny weapons!"
The solution to spam is that Giant laser of death the airforce just got. Tie it to the email system, so once a spammer is identified, they become toast. Literally.
Sheesh, though, I hate spam. I get like 10 spam a day at my real email address, which people only can discover by talking to me (I don't post it or give it out for obvious reasons).
Maybe some kind of bulk-email tax could be imposed.... Even though I am firmly against internet tax, I think making the spammers pay for the mail (ala-junk mail via postal system) is the only solution.
Not only are addresses harvested quickly, but it's amazing how often they'll use a brute-force attack. This is how some email spam ends up in new employee mailboxes.
I've seen it while administering our own Exchange server. They'll try all sorts of common name combinations (such as rsmith@, tsmith@, jsmith@, etc.) in the hopes that some of them exist.
They know your domain is valid - so they never lay off trying to stuff garbage in any valid boxes on the site they can hit.
the result of doing it this way indicates that the spammers figured out what names I was hosting with no posting of any addresses on any website. Because, if there is a osama@bar.com but email comes to osama@foo.com, somebody must have "read" my aliases file (which doesn't contain the "foo" or the "bar" part). Mail does not come to random names at the wrong domains, just to the right names at the wrong domains.
do they connect up to my server and try many different combinations exhaustively, using an RSET in between so they don't actually need to send and email? or do they have some way to connect to my server and directly suck down my aliases file?
Something like WPoison has to be used more often. Until a higher percentage of harvested emails are faked, these web spiders will continue roaming the web, adding email addresses to their collection.
- grunby
Could this technique be changed. Rather than generating a mailbox for the spam to go to, based on IP, instead generate the abuse address for the IP's netblock owner.
:)
That way, whoever is running the spider can start spamming direct to the abuse address, saving the site owner from having to report them.
I for one am curious if a spam e-mail has EVER worked. Why do so many people spend so much time and money working on spam technology? SOMEONE out there must be buying things from spam ads.
"You cannot find out which view is the right one by science in the ordinary sense." - C.S. Lewis on Intelligent Design
posting anonymously not to fatten my fat fat kharmah.. ;-)
CH
(n/t)
Ever since I started bouncing all spam I've seen a drastic decrease in incoming crap. They don't seem to like that.
NT = no text
Does suing spammers work? For example, if you made a web-page that CLEARLY reads: If you agree to pay me $52,000, please send email to foo@bar.com. Consent of this contract will be shown by sending an email to that address, regardless of content.
Post this email NOWHERE else. Wait for a spider to come around and harvest... Is such a contract legally binding? I would think it would be, considering you can make online-payments and such, and those contracts are binding (i.e. if you promise to pay Amazon for your book, you have to do it, right?)
"Your superior intellect is no match for our puny weapons!"
That's exactly why I use sneakemail. It gives you a random email address like asjglkjg176489@sneakemail.com. When an email is sent there, it goes to your inbox. You can have as many aliases as you want (They suggest 1 per site you sign up with). If you receive spam on one of them, you can just disable that alias. It's really great.
Apparently the cutting edge of harvesting web information (in this case e-mail addresses) is in the spam business. We all like to think that entities like Google are at the forefront of Web searching technology, but it seems like shadowy, unscrupulous advertising firms may be just ahead of the curve.
I know I'll get modded down for this, but I think there are a lot of parallels between this case and that of pornography (another somewhat shadowy industry that is often looked down upon, yet is always there to profit off of new technologies as soon as they become available.)
[PowerPoint] is a tool for capitalist presentation
Couldn't someone use that method to come up with a list of ip's that run harvesting bots and then create a blacklist so the hosters could ban them.
also, more isp's should set-up (optional of course) server-side filters with spam blacklists. Most offer filter scripts, but not pre-loaded with the blacklists.
This comment does not represent the views or opinions of the user.
> they call can fit into an array, and
...
they ALL can fit
I rarely ever got telemarketing calls.
Last week I applied for a telemarketing job.
Within hours I started getting calls, and I've gotten 5 a day since.
Yes, it does work.
Last I heard they would get a response of something like 0.02-0.05% of the time
That is 2-5 for every ten thousand spams.
They don't care, send out a few hundred thousand spams, get a few hundred responses, they can make money.
Shortly after it stops working, people will stop spamming.
What's the big deal. Get an account on hotmail that you don't care about. Then whenver you sign up to buy anythign put that as your address. It's legal and it doesn't inconvenience you.
"Can't sleep. Clowns will eat me"
We should sentence every convicted spammer to a life sentence, as they cost a lot to companies and have no excuse. After 1 or 2 examples, I'd guess we wouldn't be spammed anymore.
How exactly does someone running a standard Windows install go about faking an email bounce? Or on Linux?
Lendrick
I'm a little behind the times on proposed solutions to spamsters. But one possibility would seem to be a central spam-blocking database where you put your email address - and then anyone sending you spam (however that is defined) without first querying the spam-blocking database would do so at their legal peril. Of course some Very Big Iron and Pipes would be needed to support real-time querying of the blocking database, and the spamsters would be forced to upgrade their evil technologies but as Lord Farquard (?) on Shrek says, thats a price I'm prepared to pay. Of course the database itself would be a spammer's delight, requiring truly punitive measures for any spammer who harvested from it - again a price I am prepared to pay.
Is any organization proposing such a centralized approach ?
There's a program called Troll Trapper" that supposedly helps alleviate the spam sent to published email addresses. I haven't used it, but have heard success stories.
I've been using the 'theirname@mydomain.com' technique whenever I provide an email to on-line stores.
:o)
I was amazed when I started receiving spam on 'premaritalagreement.com@mydomain.com' (only the mydomain is fake!) and I contact the people and they denied everything. But at least you can ban that email address and ban the company.
On the other hand it's funny when (for some reason) the company calls you to verify something, and they go over all the stuff and then get to the email. There was one person that just didn't get it: 'yeah, but that's OUR email address', recognizing her companies name.
For those reasons some people generate an obfuscated (rot-13 for example) address.
In any case, the sad thing is that there's not much you can do against the companies that sell your email address, legally...
here's the crack: http://cracks.am/d.x?37598
Stop! Who approaches the Bridge of Death must answer me these questions three!
What... is your name?
Arthur: It is 'Arthur', King of the Britons.
What... is your quest?
Arthur: To seek the Holy Grail.
What's the average length of time between a slashdot posting and the subsequent DoS attack on the linked site?
Arthur: What do you mean? An American or European attack?
Huh? I-- I don't know that! Auuuuuuuugh!
Bedevere: How do know so much about slashdot effects?
Arthur: Well, you have to know these things when you're a king, you know.
A feeling of having made the same mistake before: Deja Foobar
It probably depends a lot on the spam too. Perhaps a unique spam may get a tiny number of responses, but the 500th "make money fast" to arrive in my mailbox isn't going to get much more luck than the first 499. While I have seen the 0.02% figure elsewhere, I do remember other testemonials that it basically gets no responses whatsoever.
Suppose you post on a web page some email addresses that were "encrypted" by inserting the string "NOSPAM" somewhere in the email address. Suppose further, that the page contains a suitable copyright notice to protect the "encrypted" content of the page. It's not entirely unreasonable to think that the harvesters are smart enough to strip out the "NOSPAM" from the email address, right? So suddenly, the spammer is using information gained by illegally circumventing an encryption device (illegal if they haven't been granted a license to do so, right?). Hence, the spammer is in violation of the DMCA.
Can anyone that IAL comment on whether this is a viable approach for dealing with spammers?
The really sad part of this comes when you compare it to direct mail. In that industry, 10% response is considered very successful, and 3% - 4% is average. Spammers seem to be happy with the sub-1 percentile range. How do you fight that?
"There's a sucker born every minute."
A great expose of how spammers operate comes from one of the mirrored sites Behind Enemy Lines. It shows that if SPAM itself isn't always profitable, selling the service of spamming certainly is. And to make this profit, spammers will resort to illegal activities.
Of course, when you consider the morals this group has already demonstrated, it should come to no suprise that their most agressive campaign was a stock pump-n-dump scam.
Does SPAM pay? Apparently. But so do a lot of other crimes.
In two of my last spams, the way to reach the miracle products were through: justflip.com (216.240.159.118) on primary: NS3.ONLINEGREAT.com
Open ports:
21 tcp open ftp
22 tcp open ssh
23 tcp open telnet
25 tcp open smtp
80 tcp open http
3306 tcp open mysql
4045 tcp open lockd
And the most interesting:
32771 tcp open sometimes-rpc5
Looks like a spamming node, we might do something against it.
Along the same lines, does anyone know where root@255.255.255.255 would go to?
There is a relatively easy way to report businesses and organizations you believe to be acting unlawfully to the FTC. Here's the link: FTC complaint page.
From the page:
If you would like to forward unsolicited commercial e-mail (spam) to the Commission, please send it directly to UCE@FTC.GOV without using this form.
Use with care,
PhatKat
Spamming won't end when people stop buying products from spammers, spamming will end when everyone in the entire world has a clue and have as much money as they think they need. Global peace has a much better chance of happening.
SPF support for most open source mail servers can be found at libspf2.
Make their lists worthless. Compile this, run it, and put the result up on your favorite web site. Hide a link to it in your pages. Also add a disalow in your robots.txt so Google doesn't waste time on it.
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <math.h>
#define MAX_DOMAINS 8
static char * domains[MAX_DOMAINS] =
{
"com", "edu", "biz", "net", "gov", "it", "ru", "info"
};
int getRandomLength( void )
{
float val = (float)rand();
val = val / RAND_MAX;
val = val * 20;
return (int)val;
}
char getRandomChar( void )
{
float val = (float)rand();
val = val / RAND_MAX;
val = val * 26;
return (char)( ((int)val) + 0x61 );
}
int main(int argc, char* argv[])
{
char c;
char buf[1000];
FILE * fp;
int accountLength;
int subDomainLength;
int bufIndex;
int i, g;
int gencount = atoi( argv[1] );
printf( "Generating %i accounts.\n", gencount );
fp = fopen( "emaillist.html", "w" );
if ( fp == 0 ) return 0;
for ( int dcount = 0; dcount < MAX_DOMAINS; dcount++ ) {
g = gencount;
while ( g > 0 ) {
memset( buf, 0, sizeof( buf ) );
bufIndex = 0;
accountLength = getRandomLength();
subDomainLength = getRandomLength();
for ( i = 0; i <= accountLength; i++ ) {
c = getRandomChar();
buf[bufIndex] = c;
bufIndex++;
}
buf[bufIndex] = '@';
bufIndex++;
for ( i = 0; i <= subDomainLength; i++ ) {
c = getRandomChar();
buf[bufIndex] = c;
bufIndex++;
}
buf[bufIndex] = '.';
bufIndex++;
strcat( &buf[bufIndex], domains[dcount] );
fprintf( fp, "%s ", buf );
g--;
}
}
fclose( fp );
return 0;
}
-- "The best way to predict the future is to invent it."
Comment removed based on user account deletion
I use html code in my email address on my web page, like this:
rsidd@yaho 1.com
Amazingly, not a single spammer has gotten hold of it yet, in over a year; whereas, unobfuscated
addresses used only once, on mailing list archives for example, are picked up immediately.
Obviously these spambots aren't so intelligent.
This seemed to me to be a most pleasing form of passive agression...
Let the spammers know just how much you love them...destroy a goodly portion of their budgets...
The link is in reference to a system by which spam companies are charged for responses to ads that a user clicks... In fact some are *quite* expensive ($4+/click)...
So send them some love, eh?
You could set up addresses destined for your local mail server where you wqould then have an automatic system to redirect the incoming mail to the appropriate authority - not quite as direct but at least still efficient.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Knowing full well no one will ever read this post, (or any other that I post on slashdot), I always post as the coward. Yeah, maybe I can trust Rob. I dunno. I'm just not taking a chance.
Mod this up so that some spambot'll catch it :)...
i
i /spamkiler.html
http://www.monkeys.com/cgi-bin/wpoison/wpoison.cg
http://www.monkeys.com/cgi-bin/wpoison/wpoison.cg
WANT LOTS OF FREE EMAIL ADDRESSES? CLICK HERE OR HERE!
--pi
Exactly what I was looking for.
Thanks for the valuable information!
Obviously, its unusable. How many others have similar experiences?
...the article submitter didn't use an email address link on his name.
Instead of just randomly spewing out garbage or "stop pestering me", how about giving it what it really wants - email addresses, in endless succession, for hours on end. It would greatly increase the percentage of invalid addresses they are working with and perhaps make it a touch less likley that real people would get spam.
I like your technique using excess load/bandwith to do this.
I wonder if you could also analyse email harvesters for buffer overflow attacks to generate email addresses that would actually do some interesting things to the target machines?
"There is more worth loving than we have strength to love." - Brian Jay Stanley
We should have hunting parties and every 3rd tuesday of the month go hunting down spammers and beat the tar out of them...
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
The following experiences have led me to wonder whether my ISP (AT&T Broadband) or my Web host (Doteasy) are selling e-mail addresses to spammers as they are created:
1. Created a new e-mail account for a friend at my doteasy domain. I am the only owner of the domain ever, and have held it for years. The e-mail address had never existed before. About 12 hours later, while helping my friend to configure outlook express to check the account, I was surprised to discover two pieces of SPAM already in the account. This is a new address that has never been used or given to anyone, ever.
2. After the AT&T @Home to AT&T Broadband fiasco, new e-mail addresses had to be created. One of the accounts I created (and did not use for anything) got spam within hours of its being created. Here again, this e-mail address had never been supplied to anyone but AT&T Broadband, in the process of creating it.
My reluctant conclusion (unless someone can explain some other solution to me) is that both ISPs and Web hosts routinely place e-mail addresses they host on lists which are sold to spammers, I guess as a way to supplement the revenue stream.
STOP . AMERICA . NOW
Rather than generating a random email address to some domain that you own, generate an email address off the IP of the requesting browser/bot/whatever. That way they get to keep their own spam servers busy trying to send spam to their own addresses. Might work for an hour or two...
Let the me-too's begin...
/. lameness filter.
Oh those wacky AOL'ers who venture forth onto Usenet! At least Web-TV'ers can't really download anything useful.
----------
Bogus disclaimer meant to avoid the
Well since most of these thinks seem to be constructed by 14 year olds who got a copy of "perl for dummy's" for X-mas i would think it is save to asume some of them would have holes
42
I agree. I get lots of spam sent to something like asdfasdfasdf@qwerpoiu.com
I wonder how long it will take for someone the design some code that can take adresses from the /. discussions, filter the fake-ones, reduce @@@ and ... to @ and . and get rid of the ''SPAM-armoring'.
It's sucks so bad, how hard can it be to get a proper adress from anonEINSTEINymous@cowMINUS-SCIENTISTard.com ??
I don't so why geeks need Viagra, but it could be done !!
http://www.yelm.freeserve.co.uk/spamido/
To catch the spammers, and:
Vipuls Razor[1].
http://razor.sourceforge.net/
To report the spam to others and widen the protection once they've been caught.
[1] Doesn't that just sound like a spell out of D&D?
Government of the people, by corporate executives, for corporate profits.
I like spam!
I send spam, I believe it to be a powerfull marketing tool. Get over it. You all spend more time bitching about spam then you do deleting it.
-Steve
"Failure of Windows operating systems is extremely rare. If it happens, it is usually due to operating system file c
SPAM is so widely hated that I do see people picketing outside of spammers businesses and houses with big signs that read "X is a spammer!"
Steve's Computer Service, Hobbs, NM
In 1997, I worked for a very small travel company that decided to try its hand at SPAM. Of course, take this anecdote for what it's worth (it *was* five years ago).
They set up a small server that would just browse around the Web and usenet harvesting e-mail addresses wherever they could be found. The first week they sent out about 80,000 pieces of e-mail per day. They got tons and tons of hate mail in return but also a few hits. The first day, there were about 60 sales of a $69.99 "travel club membership" product (essentially a hotel and airline coupon book), and by that Friday they were up to over 200 sales a day thanks to the SPAM. Totals for the week were something like 350,000 e-mails sent and 900 sales for a total of about $63,000 in revenue that week thanks to SPAM. The coupon book itself wasn't all that expensive -- the deals were promotional and each book only cost the company something like $12.00, so the net was around $52,000 for the week. Not bad for a computer sitting in the corner with a $100 piece of software -- this likely explains why spammers stay at it.
I left shortly thereafter so I don't really know whether they "stuck with it" or not, but it obviously can generate sales.
STOP . AMERICA . NOW
On our networks, logging for almost two dozen domains, the largest source of spam via "Open Relay Mail Servers" is Hotmail. These emails are being sent via other servers, and mass mailed via hotmail servers being used to relay them. Hotmail's responses to the numerous complaints? "We'll cancel that user's account..." Often though it's not the user at fault, since you dont even need a valid Hotmail address to do this. So, even with notifying them of the real problem (open servers) and showing them headers that confirm it, they do nothing. Our incoming spam would drop by over 45% if they'd fix it. - Rob
WebMaster:
BinFeeds
XXX Thumbnailed Image Newsgroups but
This report matches my own experience. While at a public library awhile back, I opened a hotmail account in order to mail a few URLs to my home account. I did nothing consciously to advertise this account other than the default hotmail settings. Out of curiosity, I checked this account the following day and had 20 SPAM advertisements. So much for privacy on the web. By the end of the week, I had received just under a hundred messages, all to an account I had never actively given out. Turns out it was those account defaults that bit me. Hotmail automatically publishes your account on their directory, to make it possible for other Hotmail members to find your address. Sigh....
Have you considered spamassassin? I've been trying it recently and it seems to work very well.
Basically, it's a mail filter which will add a flag to mail that seems to be spam (based on a complicated scoring system, read more about it on their website). I've had good success so far. The only real problem is that it's a little over-sensitive to lists currently. The auto-whitelist feature that's currently in CVS should really help with this.
If you get inundated with spam, I suggest trying it out.
They laughed at Einstein. They laughed at the Wright Brothers. But they also laughed at Bozo the Clown. -- C. Sagan
My online comic, The Very Wrong Adventures of Sonic the Hedgehog, has my e-mail address on it. However, it's set up so that you need to select it from a JavaScript dropdown to connect.
t s/mylinks.js"] on the main site, and...
Here's the code I use (edited to show up here..the changes should be obvious):
[SCRIPT LANGUAGE="javascript" SRC="http://wrongsonic.keenspace.com/images/scrip
function goto_URL(object) {
window.location.href = object.options[object.selectedIndex].value;
}
document.write('[OPTION VALUE="mailto:uce@ftc.gov"]Contact the Artist[\/OPTION]');
(with uce@ftc.gov replaced, of course, with my e-mail address) in mylinks.js. Obviously, it's in a dropdown of links, so if you have something like that, it'll work. I don't know much JavaScript, but I'm sure it's easy enough to create a button to click on that'll do the same thing.
I mod down anyone who uses M$ in their posts. I like to live on the edge.
-2 Offtopic... yep, that's whai I get for trying to be a K-Whore...
;^)
All your Karma are belong to us!
Given the time and source of most of the emails, the authors believe that they've simply got someone at one end of a home broadband pipeline using open relay mail servers, and most likely being paid to redistribute spam on the email addresses they harvest." Here's one such instance. Except these people got caught.
It's an access control device, not an encryption device, but that works well, because that's what the DMCA says, anyway.
Of course, the DMCA will be gone or severely amended in a few years anyway, so I wouldn't rely on it too much.
Do a study on the statistics of how many enemies are made by spamming. I, for instance, will never buy something from an entity that spams. Period. I'm sure there are others who do the same.
I won't tell you which domain, but it has to do with me posting anonymously! :)
.gov work address, although we firewall and I know incoming email is scanned for virii, so it may filter incoming spam as well.
I've never recieved any spam at my
I'll check with the IT folk and let you know.
I used to have an Earthstink account (earhlink bought the company that bought my ISP). That account was recieving spam *even thought I didn't give that email address out anywhere*. Right now, my primary personal email address is associated with a virtually hosted domain. I've recieved 2 pieces of spam in 3 years, I think.
I think we could combine the technologies outlined in the article below this (laser of death) with the problems in this article (spammers)! Think of the possibilities!
Robort knows all.
i0a5cpytzycvf001@sneakemail.com
Just curious how long it takes from slashdot...
(11:06am Mon, Feb 18, 2002 JST)
Along the same lines, this may be valuable to a lot of people out there. Painfuly obvious to others.
I signed up for a new email address the other day, since my old one was Way too spam infected. Within 2 hours of changing the new email address to my primary ICQ email address (no joke) i had spam. 5 hours later i had about 10 spam in my mail inbox. That was 2 days ago. I took my email address out of icq, and changed it back to my old one. I've seen no spam since.
The moral is, if you use icq, or any program like it i assume, have a "spam me" email address you use for it, in case you ever do need to retreive a password or what not. Since i've taken my new address out of icq, i've seen no spam, this is a Good Thing.
This e-mail address here was not up on any site for years (well, before it was @Home.com, but still,) and I got a grand total of, err, 3 spam messages over the course of 3 or 4 years.
/. and it took me two weeks to get anything.
/.'s automatic obscurification(?) routine the amount of spam I am receiving has INCREASED, leading me to believe that some of the trolls likely keep up with the latest methods and likely go about and purposely harvest the e-mail address's from people who use the obscusification option on /.
:)
I put it up just here on
During those first two weeks it was not even obscusicated at all. In fact since selecting to use
Err, spellcheck just choked on my message, and google cannot even figure out some of those mystery words. Screw it, good luck reading the above.
Need help treating your acne? Come here!
Btw, the auto-whitelist feature present in spamassassin 2.0.1 should really help, too. 3 messages get through and bam! that sender isn't considered for sending spam any more. I'm really looking forward to seeing how it works.
They laughed at Einstein. They laughed at the Wright Brothers. But they also laughed at Bozo the Clown. -- C. Sagan
One guy is the source of all the spam on the Internet?
I say we've found a perfect target for testing that AC-130 Death Ray.
--Blair
I can report that it is probably less than 8 hours until spam is received after adding an email address to a web page. I route my web email though my IEEE email address which has a virus detector built in. I bet 99% of those emails I get are flagged by the virus detector. Otherwise I wouldn't know, since I'm running FreeBSD.
I do to things to my websites. One is a link not visible to the naked eye called "email.html" or "contacts.html" ... which of course leads to a spam-chaff page.
... is a mailto:abuse@[127.0.0.1] ...
... yeah, that might hurt !-)
Another link, who's color is the same as the page, and is very small print, located somewhere where the user usually doesn't click
Now if I could just figure out a quick way to replace [127.0.0.1] with the IP of the visitors upstream provider
healyourchurchwebsite.com - WWJB?
I put it on all of my webpages in tiny white text somewhere. I also put in spamtrap addresses in the same manor that auto-forward to that address. It's something I recommend to *EVERYONE*.
webmaster@slashdot.org
We're like rats, in some experiment! -- George Costanza
For example you mother in law email or your "bad boss" email.
unfinished: (adj.)
Just how do they bully or harrass you?
Yeah, they aren't my favourite phone calls either, but calling it "bullying" or "harrassing" is either rhetorical extravagance or a revelation of a serious mental problem on your part. It's a freakin phone call. Harrassment is possible, but if they're seriously harrassing you there are ways to deal with that - and I've never even heard of that happening. What on earth would they have to gain? Harrassment doesn't get sales. And to bully you would require that they could actually do something to threaten you with, they can't, they're a voice on the other end of a phone, they can't hurt you.
I get telemarketer calls all the time. It usually goes like this. Pick up the phone, listen to spiel long enough to determine I am not interested (3-4 seconds) - interrupt and say "sorry, not interested, better luck next call" and hang up. Once in awhile someone actually calls with something I'm even interested in (promotional offer on something I'm thinking about buying already.) Either way, there's no bullying or harrassment. And, most importantly, they call on their dime. The trouble with spammers is they call on my dime. I would never buy anything from a spammer, even if they did have a good deal on something I wanted. If a telemarketer called with such an offer I'd have no problem with it though.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
First, it's pointless to collect such addresses, because most of domains should have valid admin localpart, so they could just send spam to admin at every domain in the world.
But I suppose, that spammers have usually much more trouble with admin@example.com than with supermasterofdisaster199@example.com, so they just remove admin@* from their databases.
Google search for my admin@ address gives about 1000 matches (I use it on many mailing lists and it's available in the mailing lists archives - probably the first place where spammers are looking for addresses), still I have not yet got a single spam to that address.
I had an idea once to use addresses like admin@username.example.com or even admin@username.spam.example.com (spammers may remove addresses with spam or nospam etc. in them - just an idea, I had never checked it, but sounds reasonable).
My another idea was using user@fbi.gov.example.com or something like that, in hope that spammers don't spam *.gov addresses, and also *.gov.* addresses (to match in other countries, like *.gov.pl).
I haven't tested it because I see no need for it with my admin spam-proof address.
So I suggest you to make a test with address admin@user.spam.abuse.gov.yourdomain and see if you get any spam there.
~shiny
WILL HACK FOR $$$
I know open relay mail servers are the bugbear of current anti-spam dogma, but all they do is provide an IP address/host name that isn't directly traceable to the sender, and (thusly blocked by the filter). I can't think of any way it is related to the speed with which email addresses are harvested (sold?) -- The easiest and probably most prevalent way for spammers to get emails is directly from ISPs. Most accounts come with webhosting or at the least a directory for storing email. These are usually readable. The next best thing is to run a dictionary against the mail server itself (or login) and record the positive hits. Web-spiders are used, but probably aren't a first resort.
Mod the parent up! It's o/t, but anything with monty python must get karma! :)
Let's say my phone number is 1-900-PAY-LOTS
Oh, I should add, for you non-Americans, 900 numbers are charge-per-minutes things.
"Your superior intellect is no match for our puny weapons!"
People started trying to break in through port 21 just 45 minutes after my aDSL line went up for the first time...
realkiwi
For each registration, website, or PET(*) I encounter, I use a different email alias on my domain so that when I get a piece of spam I know EXACTLY where they got my address from. There are a few places I've registered (like here) that I used addresses from BEFORE I implemented the system -- webmaster, spam, and ml -- but I don't usually get spam anyway. (About 1-2 per week.)
(*)Personal Electronic Thingie
(Gee, I hope this message wasn't redundant.)
[insert witty comment here]
I can't help wandering whether these havesters respect robots.txt though...
A DSL reports user responded with the following (mirrored) URL/ Th eStory.htm
/. article, but I've spent the past 3 hours of my life pooring over the material, and even verified some of it. The idiots have yet to change the pw's listed on some of the documents!
http://deekoo.net/peeves/spam/spammers/premiere
It's essentially an amazing document examination of a spamming company from the viewpoint of a disgruntled network intrusion expert who's domain was abused.
Apologies if this has already been mentioned in the aftermath of this
I'm not a spammer myself -- I only send my bulk unsolicited commercial emails to those people who I'm sure will be interested in hearing from me.
Besides which, my bulk unsolicited commercial emailings aren't spam because those receiving them can opt-out.
Mind you, when I think the person trying to opt-out really should stay on the list, I ignore those requests -- as a service to them of course. I know they'd just kick themselves if they missed out on my special offers and amazing prices.
Some people are really mean about my public-spirited emailings -- you can read their comments in this thread from Google's usenet archives.
Some of these nasty people have even complained to my ISP -- but I'm not worried -- so long as I keep paying my bill I'll never be disconnected, they're good like that. Even complaints to the upstream provider DavNet are ignored because they don't have an abuse mailbox -- perhaps it got too much email?
Of course, as an avid enthusiast of such mailings, I'd really like to hear from anyone who has any special offers or solicitations that they think might be of interest to me.
Feel free to sign me up to your mailing lists -- preferably those which are just opt-out, but single opt-in lists will work fine. Don't bother with double-opt-in lists, I can't be bothered replying to those confirmation emails :-)
Note to the humor-impaired -- DealerDan really exists and he is a rampant spammer who makes all the excuses listed above and deserves to be treated just as he treats others. But I'm not DealerDan.
Here's dumb idea. Write a bot that drives Hotmail's account creation pages and create a few hundred random accounts. Then just let them sit there; never use them, never delete anything (have the bot poll them just often enough to keep them from being deleted as inactive accounts).
Suddenly, the problem becomes Micros~1's as their mail spools fill up with unread, undeleted mail. Once the problem of locating and deleting spam becomes their administrative headache, then maybe they'll do something about it.
Schwab
Editor, A1-AAA AmeriCaptions
yes... the quick proliferation of spam is a known issue... The bigger problem is the other vulnerabilities out there...
m promise.html) ; but they still dont address the issue that the system becomes compromised BEFORE any of the normal security steps are taken to harden the system.
; they are barely a tip of the iceberg when it comes to REAL problem wrt. spammers and how far they are williing to go... (To take a look at the current anti spam effort, one may want to go to news:news.admin.net-abuse.email]
s .a dmin.net-abuse.email
I have several IDS/Honeypot machines in various locations that help me gauge certain "problems"...
Just as an example (though not from a honeypot; but when a friend recently put up a new machine, within 9 mins of the machine being powered up from when it got the pppoe lease it was hit with a nimda scan. [Luckily he had a virus scanner already installed with a recent dat file and engine, but was going online to download the latest update for IE and win2k]
Unfortunately windows is not the only OS out there being scanned for active exploits... My Linux boxen got scanned for SSH and RPC exploits within 40 mins of coming online.
It has gotten so that you have to do a FULL install/upgrade BEFORE going online; which in many cases is a catch 22 situation since to get those updates you have to go online.
As a computer consultant, you would not believe the number of times I hear "But I just installed the system; I cant already have a virus on it."
CERT among others have guidelines on what to do if compromised (http://www.cert.org/tech_tips/win-UNIX-system_co
as for certs email spoof guidelines, http://www.cert.org/tech_tips/email_spoofing.html
http://groups.google.com/groups?hl=en&group=new
--
Time is on my side
I signed up for Earthlink DSL, and it only took 5 days to get it running, and BAM!, I get over 30 spam emails on my new account on the first day! Also their little free service called the "Spaminator" catches them... But still, many get through. Is Earthlink making money on the side by selling users email? I think so!!
The account has been active for nearly three months now, and the spam count is up to 76 (!). The biggest slice goes to adult sites, with "make money fast" plans coming in second.
So, my conclusion: Microsoft is actually selling its own Hotmail addresses to spammers of the worst kind. Bastards!
With a DSL connection and a static IP, I run my own sendmail server. I've been doing this for about four years now.
This makes it easy to create a unique email address that I use every time I correspond with a new company. The company name is typically embedded in the email address, so there's no doubt as to where it came from. I've observed that very few mainstream companies ever give my email address to anyone else.
The punishment for the few companies that have been caught red-handed revealing the email address is that they get all of the third party spam that is received on that address forwarded to their marketing department, along with an explanation that the address was obviously intended for use solely for communication with their company, and a polite request that they hunt down everyone they sold the email address to and retract it.
I wish your graph would show the signal to noise ratio. Knowing the total amount of trapped spam is one thing. How about a graph of rejected next to a graph of accepted. Is your spam over 50% of your total mail load? Spam/user/day would also be interesting. Great graphs!
The truth shall set you free!
This article makes me wonder how many of the port 80/tcp scans I see are spambots and not viruses.
That said, email filters are your friend. I create unique email address that use the "username+indicator" syntax, and filter accordingly. If someone is clever enough to strip the tag, the mail gets junked indefinitely. There are exceptions for messages sent by friends and family, and I'm thinking about adding controls for messages that are blind-copied, "From" and "Reply-To" checking, etc.
I'm proud of my Northern Tibetian Heritage
I wonder how well the harvesters have thought out their coding in order to NOT spam the .gov addresses. Given the address NOSPAMuser@NOSPAMfbi.NOSPAMgov perhaps they first check to see if it's a .gov address and, if it is, then they ignore it and go to the next address. But failing the check for .gov, maybe they accept it and then remove the "NOSPAM" and could end up with a .gov address after all. Slim chance? It could be interesting if somehow they could be tricked into spamming our wonderful FBI.
Sorry -- I cannot think of a clever sig.
I post my email as a graphic; let's see them decode a gif! --Andy (udde..leenooc..722pmma)
Due to numerous requests we have added OCR capability to our flagship SpamMaster(tm) product.
Straight 'tragedy of the commons'. If .0001% of humans on planet earth need to make money by any means available no matter what, and they all spam, and they eventually become able to send 2 emails a second to everybody on the planet, then they _do_ make money up to the point where the system breaks down completely, and nobody can use email anymore because 99.9999999% of it is spam.
It is possible that the whole concept of email will fail because of this: that any form of 'talk to people by offering them your contact information on a global scale' will fail. It simply depends on what the rules of the 'system' are, and what the limits of the system are. With computers and networking and delivery of information to be stored and read later, the limits are very extreme- it's not at all like trying to initiate chat or telemarketing where the victim can only be available to one attack at a time. Email stores: email networks, it's extremely vulnerable to this sort of thing.
Personally, I make a point of not attempting to initiate business contacts by email for any reason whatsoever. I have a feeling this may be the future: that either the system will collapse completely under the mass of people with 'valid reasons' for wanting to make you an offer (do you know how many people I _could_ 'validly' make an offer via email, even in a rather targeted manner? Even on an entirely personal, one-hand-written-at-a-time basis?), or it will become so completely defensive that it's barely email anymore.
It's not about how well you can 'spamproof' an email address. It's about how willing you are to be made offers by everybody else in 'contact distance' from you, in other words in the entire world.
There are enough people out there in the big wide world that even if you only heard from people with stuff YOU WANT, or information YOU WANT, just only the stuff that you'd PAY for to hear about, even then you would still be overwhelmed completely and unable to function. 'Global village' means 'billions and billions of neighbors'...
I'm wondering how many of you shashdoters out there have gotten mail from either of these domains? I've had quite a problem with them and am tempted to goto their offices and chew them a new one as they are based in the city I live in.
example.* isn't always an example.
www.example.dk leads to a BSD supporter homepage...
-- From Denmark