Slashdot Mirror

← Back to Stories (view on slashdot.org)

DSLReports Study: 8 Hours 'til the Spam Hits

Posted by timothy on from the upcoming-spam-death-of-the-universe dept.

Masem writes: "In a rather interesting study at DSLReports, it was observed that email addresses published on a web site recieved spam within 8 hours of being posted, showing how aggressive the harvesters are working. In particular, a special link was set up on the main page that by following the link, the site generated an email address that was trackable to the IP that called the link, and not published anywhere else at any time. In the specific case, in only 8 hours after the email address was created, it had recieved spam; since that time about 9 months ago, it's gotten around 100 pieces. Given the time and source of most of the emails, the authors believe that they've simply got someone at one end of a home broadband pipeline using open relay mail servers, and most likely being paid to redistribute spam on the email addresses they harvest."

4 of 333 comments (clear)

  1. Re:To Spammer, please Harvest these addresses: by hendridm · · Score: 5, Insightful

    Hmmm, using these sorts of e-mail addresses can lead to annoyances to legitimate domain owners. For awhile I remember the owner of junk.com, which seems to no longer exist, posting complaints about people type "whatever@junk.com" when they register software. It seems his servers were hit or something.

    I always like to use the webmaster's e-mail account when registering software. For example, if I was registering software on widgets.com, I might use the e-mail address "webmaster@widgets.com" or "abuse@widgets.com" to register the software.

    I feel torn, as I want to support free software vendors by allowing them to make money, but I just don't want my e-mail address to be sold for spam. Ever. I also don't want those annoying newsletters that I could care less about unless I *explicitely* ask for it (and not be tricked or required by default).

  2. Re:To Spammer, please Harvest these addresses: by keesh · · Score: 5, Insightful

    I tend to go for postmaster@localhost, or, failing that, postmaster@127.0.0.1. You can also try other names -- root and webmaster are also good fun.

  3. Obfuscated html by rsidd · · Score: 5, Insightful

    I use html code in my email address on my web page, like this:

    &#114&#115idd@yah&#111&#11 1.c&#111&#109

    Amazingly, not a single spammer has gotten hold of it yet, in over a year; whereas, unobfuscated
    addresses used only once, on mailing list archives for example, are picked up immediately.

    Obviously these spambots aren't so intelligent.

  4. Re:Very interesting by kubrick · · Score: 5, Insightful

    Altogether though, ebay remains the absolute worst place to get your address harvested, with usenet a close second.

    Ebay must be lucrative for spammers; a whole 'audience' of people either with money to spend (buyers), or who are about to have money to spend (sellers). And this 'audience' has already self-selected; they're not afraid to spend their money online...

    --
    deus does not exist but if he does