Slashdot Mirror
Walling off Asian E-mail to Prevent Spam
SomeoneYouDontKnow writes: "Seems there's been lots of spam news lately. This piece from Wired describes how frustrated sysadmins in the West are responding to a torrent of Asian spam by simply refusing all e-mail from that part of the world. As anyone who's ever reported spam to Asian ISPs can attest, getting a response of any kind is almost impossible, so some ISPs are simply giving up on receiving any mail from them. Setting up barriers like this is regrettable, but when the originating ISPs refuse to take responsibility for the actions of their users or close their open mail servers, there would seem to be no other choice. Has anyone ever had any kind of constructive conversation with one of these ISPs to see why they are unable or unwilling to do anything?"
Sure, why not. Heck, I blocked France on principle!
46. The Hobo smiles, his eyes glaze over, and he burps. "Beware the man who has lived longer than the Wasteland."
On the other end, if many of those domains are in the Orbz or other blacklists, maybe just using those would be better.
Berto
I feel bad for the legitimate Asian users of e-mail trying to communicate with their comrades in the West, but it has been proven that this is the only way that ISPs will finally own up to the task of stopping spammers abusing the networks. Look what just the mere threat of the Usenet Death Penalty did to @Home--they have cleaned up their act significantly.
Strange as it is to say, this 'denial of service' is one that I think may actually have some future positive effect. The way the world seems to work is that no one will bother to do anything unless you threaten them with the loss of their service, and then they take action. Sad, but true.
Karma: Excellent Birds (mostly as a result of listening to Laurie Anderson)
is one thing. Not getting any cooperation when your own e-mail address is used as a false sender in the header of "enlarge your {certain male bodyparts}"-spam mails is a another thing. Ask me, it happened to me two weeks ago. I didn't even get a mail back from the provider.
Line 9: Argument of type SIGNATURE expected.
"It's not under our control." to any message you send to China Telecom. Hmmm, if nothing is under their control and they're a Chinese government controlled organiation........
May you be touched by His Noodly Appendage. RAmen.
...you basically are letting the spammers win when you close off one of the biggest open communications medium known to human kind. Perhaps I'm overly sentimental about it and goodness knows I'd love to prevent about 80% of the spam I see (that seems to be about the ratio in terms of TLDs involving Asian netblocks) - still, I cannot really bring myself to doing it yet.
--rc
Well blocking whole areas is a start, but not an ideal solution. I'm going to start filtering my email so that unless it meets one of the following conditions it gets rejected and sent back to the sender :-
1. The mail claims to be From someone I have pre-approved.
2. It's from a mailing list I've registered with.
3. It's sent To: a special purpose address within a couple of days of creating that address. (So I can post to newsgroups with addresses like jb10202 which will be valid for a couple of days for replies only)
4. The email contains a special approval code to bypass the checking.
The purpose of 4) is that when I get an email that is rejected it will send it back to the sender with an apology and a 4 digit random code which is valid only for a single mail from that address and only for 48 hours. They can simply forward the mail back to me and it will contain the code and get through.
I get *so* much spam, and 99% of my real email is from the same few address that I need to block the junk, and I think this scheme will annoy relativly few people, and not too much but should cut ALL the spam.
I've not implemented this yet, but it shouldn't be too hard to write.
Sig is taking a break!
never mind the chinese open relay problem, which is also a real hassle.
"It is a greater offense to steal men's labor, than their clothes"
I get tons of Asian language spam - it wouldn't break my heart to block them all.
I'm actually looking forward to my @home email address dying at the end of this month because that's where nearly all of them come to. Hopefully they won't be smart enough to simply replace @home.com with @comcast.net.
I run a small mail server, mostly providing mailing lists to the automotive community. While my lists weren't affected (I have reasonable anti-spam rules in place), a server in Taiwan was spamming every address it could find in my domain with dozens of unique spam per day.
The usual ip tracing ensued and I tracked it back to a small ISP. Hoping that I would reach someone who spoke (or wrote) English, I sent a copy of my logs and an explanation to "postmaster@", "abuse@", "webmaster@", and any other address I could think of. Amazingly enough, after about 12 hours, I received a reply (in somewhat broken English) asking for more logs, and a confirmation of the time zone I was using in my logs (UTC, for what it's worth). After I replied, I received an appology that one of their "clients" had bothered me and assured me it would be taken care of.
To this date, I have not received another piece of spam that I have attributed to that ISP. I realize that this is the exception and not the rule, but I thought it was worth noting that there really are reasonable sysadmins "over there".
-- "Other than that, how was the play Mrs. Lincoln?"
The first parallel that came to mind was the "death sentence" proposed against UUNet a few years ago for their fostering spamming activity.
The action represented the response of a group of responsible internet members that had finally tired of both the activity and the lack of response from a greedy company who seemed to have no respect for bandwidth and privacy issues.
It seemed to work then and maybe it's just what's needed now.
It's about time that some of these ISP's discover what happens when the fecal matter hits the oscillator.
We have met the enemy and he is us - Pogo (Walt Kelly)
Los Angeles took action to prevent automobile accidents by closing all incoming roads.
Obviously, nothing useful comes from Asia, huh?
Even in its simplest form=Those cheap DVD players will never get sold to Best Buy when the Asian maker can't reply back to the buyer. Geeks everwhere revolt...
---"What did I say that sounded like 'Tell me about your day?'"---
The response was "without full e-mail headers, we can't do anything."
Hmmm. It's not e-mail.
I am discussing with my employer the option of blocking all 202/8 203/8 210/8 211/8, all of Road Runner but the MX'es, *.cn, *.tw, *.ru, *.pl, and *.mx domains too. I don't know the ip range assigned to the domains, so if you do, post a follow up! (I have Road Runner netblocks, there are just too many to put them here.)
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
No it's not a huge setback. Eventually the various Asian admins that are causing this will get the clue and fix their mail systems.
I get roughly 100 messages or so of SPAM a day on my Hotmail account -- I can't give an accurate number because I keep blocking entire domains (some jackhole, and I think I know who, decided to add me to various coupon and ad sites, which becomes a deluge as they share mailing lists). Of the 150 or so blocked domains, about 10% of them are Asian (surf to xyzzy.net and note that entire webpage is in a font I don't have installed).
Make a law? Sure. In which country? Or do you mean you want to outlaw SPAM in the US, and then somehow think you're going to be able to prosecute a company located entirely in North Korea under US Law? Things just aren't that easy. I'd like to see a reasonable way to legislate SPAM to be illegal, even if it only did affect the US, but I'm yet to see anything that has teeth AND makes logical sense.
There are laws in a lot of states.
Where are you going to pass the law, and how are you going to enforce it in Asia? The only hope would be an international treaty, and even then, it's up to the participating countries to pass and enforce laws dictated by the treaty, and even then, nothing's forcing them to even sign it, and it would also present an opportunity for power grubbing government types to steal even more rights.
There is no good solution, except maybe a good international asskicking. (Not like war, I mean like physical asskicking of the people involved.)
I've had enough abrasive sigs. Kittens are cute and fuzzy.
Is this why my mail order bride isn't writing back to me?
They can still use something like hotmail if they want to...
in fact for a few months I blocked:
Hotmail
Yahoo
MSN
USA.net
When those folks learn how to close their relays and strip a virus then we can deal with the Asians....
This
Spam, while annoying, is not the end of the world. If it really gets on your nerves, use a program like Vipul's Razor, and help add spammers to its database.
Just because I don't like getting junk mail credit card offers, doesn't mean I refuse all mail from Delaware to teach them a lesson. Here's a tip--throw it away. I get nowhere near enough spam in my inbox to interfere with legitimate mail (although I don't doubt there are exceptions that do....) and I don't even use a filter!
I dunno, but I think a moral hacker would find it quite rewarding to screw up a spam creaters cash cow.
-- Dan
In November 2000 I spent 1 month in Hong Kong sorting out the Spam problems one of the largest ISPs was having, in my job as security consultant.
.net addresses, but were rapidly losing face amongst their peers for continuing to ignore the problems. *sigh*
The situation was dreadfull, with no abuse department and no way of detecting/stopping abusing customers, or even stopping customers being abused.
I killed 99% of the Spam by warning all customers we were testing for open relays, and offering to actually help them if they didn't know.
I then spent 2 weeks trying to configure about 30 different mail servers I had never even heard of, and one which didn't even return 1 result on Google!!
We got there in the end, especially once we firewalled port 25 for those customers who didn't want to listed.
The next step was to write belt-and-braces Terms of Service for the client and ensure the abuse@isp address was checked and actioned on a daily basis by a full-time member of staff. If abuse went unchecked, then we pulled the plug on the customer and banned them from coming back, or we'd prosecute (sometimes tricky in HK)
I *always* check who sends me spam, and I'm pleased to say none has originated from that ISP since I did my work there.
We tried to re-sell the solution to all other ISPs in the region, but they didn't bite due to a) expensive consultant fees, and b) not really caring.
I pointed out they were large ISPs who fully deserved their
Plan, that way every time I send an email to a college professor asking about one of his papers or send an email to someone who posts on Slashdot I'm gunna get carted off because it is unsolicited email. Probably best if people like you dont draft laws.
How we know is more important than what we know.
But what else can be done to solve this problem with China and other Asian countries?
/benfit analysis might prove otherwise if the volumn is extream!) but has anyone offered to train someone from Asia on this side of the globe?
I agree that the 'no response' from many of these places is frustrating, but has anyone offered to train[1] some of these people in setup and configuration of their servers?
Has anyone who is bilingual offered to translate the user manuals into Japanese, Chinese, or Korean?
Has anyone taken the time to explain to them that by lax secuitry / improper setup on the EMail server usually points to more problems with in their network?
Education is the answer to this problem, and we need to take the lead.
[1] Okay, it might be impractial to fly halfway around the world to train someone in server configurations just to stop spam, (although a cost
III.IIVIVIXIIVIVIIIVVIIIIXVIIIXIIIIIIIIVIIIIVVIII
How much time do you expect a Chinese bureaucrat to spend prosecuting a fellow countryman because he made 1000 foreigners delete a bothersome message?
I hate spam, but the last thing I want is a bureaucratic solution. The free market will find a way grasshopper....
Slashdot: Liberal News for Nerds. Liberal Stuff that Matters.
We could pass all the laws in the West we want but they would be completely unenforceable in Asia.
Perhaps an international body of enforcers could be set up similar to the WTO where fines or punishment could be meted out with the full backing of each nation. But that's not likely to happen seeing as there is little money involved- unlike trade.
Cultural issues also contribute to the problem. Many spammers in Asia say they do not understand why spam is a problem.
"It's a sign of respect that someone sends you an electric business card. It means he wants you as a customer," said Zhao Peng, owner of a computer store in Hong Kong.
So what does it mean when they hammer your firewall all day long?
They're just being considerate in checking you for exploits? (Most scans originate from asia in my logs.)
I don't generate unique reply addresses per news post, but change addresses a few times a year. I have a bunch of old addresses that mostly get spam, so my filters dump incoming mail to them into a mailbox file that I look in every now and then. That's much less annoying than seeing the spam as it arrives, but still, it's better to keep the volume down.
I think I'll completely stop putting replyable email addresses on news posts. I'll just have a URL for my web site where people can leave me messages through a CGI. That lets me make another political statement too, since my web site runs SSL so any incoming messages I get from the CGI will be encrypted while in transit. We tell people to use ssh instead of telnet--we should also try to avoid sending email in the clear without a reason.
Well, it's a shame when that happens. I am from Asia, and when I was there I didn't even have the confidence to use local ISP email account. Anybody can still use yahoo, hotmail or any other free services to contact their western friends.
;-), heck, some of them can't even understand english very well. ISPs there have a habit of hiring a contract person to set up everything and leave it.
I guess this affect Asian businesses more than the local folks. When businesses start to complain to their ISP why they can't send any mails to their western counterparts, maybe the ISP will start to listen.
Some ISPs there have very under qualified admin (the good ones moved here to the US
geek page at KY speaks
Why is this a setback? In the 1994 days, when the net boomed, lots of people got onlne and there was a chaos of newsgroup/email spamming. These people have largely learned. Then MS internet users got online in 1995. Same thing. Then AOL users. Each one of them will learn, so why can't Asian's countries? Have some faith in the smartness of SysAdmins!
At one time I was spending a couple hours a week configuring filters and deleting spam. Now I have a list of known addresses I accept mail from. Everything else goes into the spam folder. I check that once a week, takes about half an hour to go through it and move real messages to the appropriate places. Then I delete the rest.
Best Slashdot Co
The 2 servers I manage and what I reccomend to many is to set up filters to block or auto-delete anything from that country's TLD. .kr is the biggest problem lately. It is too bad that it has to happen, but I at least tell people to set up their filters in such a way to make their maillists first and anything that is really wide like banning a country last. That way real email from somone about PicoGUI that is in the .kr land I will see, but the junk that goes to my inbox dies.
Do not look at laser with remaining good eye.
legitimate use of a DDoS attack. I know it is wrong on so many levels and immoral and all that, but doesn't it just make sense on a primitive level that if they are unwilling to shut down their open relays, someone else should shut them down for them? 24 hours notice, then hit them until they promise to shut it off. Make there be direct consequences for them not playing nice on the net.
Like I said, I know this is inherently flawed, but it is nice to dream. Mmmmmm, vigelante justice on the net...
And while we're at it, we should make it illegal to respond sarcastically to extremely simplistic solutions to complex problems! Yeah!
--
Damn the Emperor!
the place where i colo is just now doing this after tracing the bulk of the spam coming into their own network from chinese ISPs and most especially china.com
rather than refusing email from the offending ISPs, they are going to the rather extreme measure of refusing connections entirely (at the router, i guess, though i'm not certain how the network is set up...) from the entire IP ranges of a number of the offenders.
so, now all my domains (and all those colo'd at my ISP) will basically be inaccessible to anyone in china. big deal. all the traffic i get from china is either spam or nimda requests. woo friggin hoo.
it has yet to go into effect, but i expect it will make a big difference in my monthly bills, as i pay for bandwidth, even if it's spam sent to people on my mail server.
as some folks are bound to say, it's more than a bit presumptuous to basically say "play by my rules or get off the field" where "my rules" are typically those of the mostly american, english speaking internet population, but in this case it's more a case of "play nice or go home"
- Entertaining Bits from the Ancient Kernel Tree
The article says:
Some Chinese and Korean systems administrators said documentation for the software they use is often available only in English, which complicates securing their systems.
This is an honest problem, because it's not the the ISP's fault that they can't get native-language documentation for the software. But if they're running the software at all, it becomes their problem. Why would any responsible system administrator install software when he can't read the documentation? Educated English speakers aren't such a minority in the far East. It's the ISP's responsibility to hire them, or else get software documented in their own language.
Cultural issues also contribute to the problem. Many spammers in Asia say they do not understand why spam is a problem. "It's a sign of respect that someone sends you an electric business card. It means he wants you as a customer."
This is just willful naivete on their part. If they think that sending an electronic business card is a "sign of respect", that's fine. But they need to understand that in the West, unsolicited advertising is an overwhelming inconvenience and is not welcome by the vast majority. Cultural relativism swings both ways.
Piracy is free and open and common in the far East, which irritates Western corporations and makes poor Western college students and hackers giggle with glee. It's rampant and unpoliced because the notion of information ownership and copyright just don't exist over there. But here's the flip side to that coin: unrestricted dataflow from the West into the East also means unrestricted dataflow from the East to the West. As music, movies and software comes in, spam goes out. Like it or not, they're both travelling through the same door.
If the Chinese ISPs want to provide their people a gateway to the free world, then it's their responsibility to cooperate with how the free world works and act responsibly within that setting. If they don't, then they get blacklisted like this and lose their right to be a gateway.
Why not use a domain hitlist? Get more than a couple of spams from a domain, bounce everything from the domain[1]. It's less arbitrary than closing off everything from Asia on the basis of a few spammer ISPs.
[1] Bye bye Yahoo, AOL, Hotmail for a start.
Government of the people, by corporate executives, for corporate profits.
The Asian nations would not be in this situation if they understood the proper way to run a mailserver and dropped the insane cultural notion that obnoxiously shoving a business card in someone's face is courteous and expected. I worked in Asia during the early 90s (mainly Singapore, Hong Kong and Taiwan) and from my experience of working with Asian businesses, this problem will not go away. Unless it's not hurting their bottom line, it doesn't matter if its hurting ours.
Strange women lying in ponds distributing swords is no basis for a system of government.
"What about getting laws that say that unsolicitated mail is illegal? Shouldn't that do the trick? Anybody got some good reason for why laws like this shouldn't come true?"
Spammers and the ISPs that support them have reasons not to do that. And while they may or may not be good reasons, they have money and they have lobbyists, so don't hold your breath for such legislation unless this becomes a big issue this November.
I run several small community mail servers, and I firewalled off China, Korea, Taiwan and Japan about a year ago. It was the best thing that I ever did for those servers. Spam dropped down drastically, and I'm yet to get a single complaint about somebody not getting mail. Sucks to be in China, I guess, but this is a solution that, for me, has proved to be perfect.
-Waldo Jaquith
- frustrated sysadmins in the West are responding to a torrent of Asian spam by simply refusing all e-mail from that part of the world [says Slashdot]
Anti-spam activists confirm that a growing number of beleaguered systems administrators are now blocking all e-mail originating from Asia from their systems [says the article]Bollocks, says anyone reading it with a critical eye. There are no references or sources for this sweeping "all Asian email" statement. The single reference is to Spamhaus which implements selective listing of domains that persistently generate or carry spam and decline to respond to spam reports. Most of their listed ISP's are currently US based. There is specific mention of two Chinese ISP's, and none from any other Asian nation.
To make a story out of this, you have to cite metrics. The fact that Spamhaus are currently blacklisting China Telecomm no more proves that "the west" is blocking "the east" than a story about anyone temporarily blacklisting AOL (again) proves that there is some mass move to block "the west".
Without giving metrics, you're just providing anecdotes. Persuasive anecdotes, sure, that probably appeal to our personal experiences, but those are the most dangerous kind, because they stop you looking for the real story and asking the real questions.
The real question here isn't "Why do Spamhaus currently blacklist China Telecomm?" but "Why don't Spamhaus currently blacklist Roadrunner?" or any of another half dozen ignorant ISP's that deny that they are injecting spam even in the face of unequivocable header evidence. Perhaps we in the "west" (sweeping-generalisations-r-us) could go about cleaning up our own house before we go gunning for those coming late to the party.
If you were blocking sigs, you wouldn't have to read this.
I run several mail servers, and I admit my filtering is noxesitant, I have as of late however began to recieve spam by the boatload from asia, Myself and my clients would have no problem with such a filter ?
Are there any sample sendmail configurations out there to reliably do geographic filtering ?
Sig went tro...aahemmm.....fishing........
Education is the answer to this problem, and we need to take the lead.
Education is the answer to ignorance. Are we sure ignorance is the problem? With so many reports of mails to abuse@ going ignored, so many open relays reported and yet remaining open, I have to wonder whether it's not often an attitude problem (not that Far Eastern ISPs have a monopoly on those), and that's much harder to know what to do about.
GROGGS: alive and well and living in
There are really only two solutions that could work and are similar to what you are proposing. First, a treaty between the United States (Canada/UK/EU/...) and the Asian countries banning UCE sent between the signing countries. However, allowing UCE brings currency into the economies of the countries that condone it, so I don't think they'd sign something like that unless the alternative was worse. (Cutting off their country's email might qualify as worse.)
Second, declaring that the UN or some other international governing body has jurisdication over this matter and can set criminal penalties. Personally, I despise the thought of giving more power to any international governing body; if you can't abide by what a country's government is doing, you have the option of leaving that country and moving to another. What could you do if you couldn't stand the world government? (I hear the nights are cold on Mars...) I would prefer to avoid anything that looks like it's taking us closer to this possibility (such as enforcing US laws on citizens in another country...)
All that said, I don't think that the final solution to this problem will be resolved in the legal arena. This is a technology problem, and will most likely be resolved with a technical solution, such as a total re-working of the internet mail protocols. The black-listing of entire Asian regions is just a stop-gap measure that probably won't really work for long.
Chris Beckenbach
A few months ago my email address ended up on a Korean spam list. I've been using the following procmail rule since:
:0:
* (^From:.*\.kr |\
^.*ks_c_5601)
SPAM
It catches about 95% of the spam from Korea. It's sad that I've had to resort to filtering email from an entire country.
What has amazed me about the whole thing is the spam I receive from there is usually written in the ks_c_5601-1987 character set. Since Korean is not a really popular language throughout the world, the chances of someone understanding the spam is very slim (I haven't been about to find a good Korean to English translator that actaully works). IMHO, the spammers are just wasting their time.
Go not unto/. for advice, for you will be told both yea and nay (but have nothing to do with the question)
Shouldn't I block USA? It's the same arguments, right? Didn't some dude say: "How can you say to your brother, 'Let me remove that splinter from your eye,' while the wooden beam is in your eye?"
...
Blime...
I recently got a spam that was relayed through an open relay at a huge IT contracting firm! I sent them an E-mail and asked them if they needed some more security people to help with their network management, along with a copy of the offending E-mail (Heh heh heh.)
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
In the 1994 days, when the net boomed, lots of people got onlne and there was a chaos of newsgroup/email spamming. These people have largely learned. Then MS internet users got online in 1995. Same thing. Then AOL users. Each one of them will learn...
Actually it's still September '91 as far as I'm concerned, and if you don't know what that means, you're part of the problem...
If I remember correctly alot of us did exactly the same thing to mail, and usenet posts, originating from AOL back when if first gave its users full internet access. We blocked it, entirely, eventually the news filtered through that they'd more or less learned manners and we unblocked them. Although I still know of a couple of small academic sites that block all incoming mail from AOL and MSN. Go figure...
This isn't new, people have been doing it since we first started hooking all the various networks together in the first place. Admittedly I can't remember it ever happening to an entire continent before. Personally I think its a reasonable idea...
Al.The Daily ACK - Eclectic posts by yet another hacker
This technique worked wonders last time I had that problem at Bellsouth. N.B. When you do this, it is important that you don't forward the mail directly, or else they'll just firewall you off. If you use the spammer's own open relays, either:
Say no to software patents.
Pacific rim hosts dominate the SpamCop statistics.
Well, there's always this tactic...
Simply report them to the police - identity theft and fraud are considered real crimes even by clueless law enforcement offices that usually don't do anything about spammers. (Yes, I've done it before).
This message is provided under the terms outlined at http://www.bero.org/terms.html
"Wed Sep 3095 14:56:00 GMT 1993", to be exact.
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
Translate your messsage into Chinese, Korean whatever before sending it. It probaby wont help, but I think there is a slightly better chance of a reply. (I tried pasting results here but it wont allow it. Oh well.)
Have you read the Moderator Guidelines yet?
As most /.ers should know by now, the Chinese government just ordered all ISPs in China to start monitoring
. ,It is glad , :
email for subversive phrases and the like, so just reply to
Chinese spam with little replies of the form at the end of this spam.
Might be a useful tactic on companies who think that unsolicited
email is "just regular advertising".
Bill
"Jack(export manager)" wrote:
>
> Dear Sir
> How are you
>
> We are a lighting factory in China
> to introduce ourselves to you:
>
> I am XUBIN (Jack) , XUBIN is my chinese name , you can just
> call me Jack !! , I am export manager of [deleted]
> China, our group have four factory
[snipped]
>
> Here is our company profile
>
[Rest of sales talk snipped]
(And now, the reply)
Thank you for your coded order. The weapons and ammunition
will ship by way of the usual route in ten days, and you
already know our secret Swiss bank account number to
wire the payment to.
It is a pleasure doing business with you for so long,
and I hope your cause will prevail. I am new to this
particular computer, so I hope the encryption is
working and the monitoring authorities cannot read
what I am sending you.
Long live the Falun Gong! Free Tibet!
Best regards,
Your arms supplier
There's 10 types of people in this world, those who understand binary and those who don't.
I've read a few of the opinions here about why they're uneasy about blocking off entire domains like this, but I still can't see this as anything but a Good Thing(tm).
There are those who are uneasy about blocking off access to a free and open medium. But if the medium is truly free, then you should also be free to block traffic that you don't want. Seriously, if you carry that point of view to its logical conlusion you shouldn't be trying to avoid spam to begin with and reading it should be compulsory. Just because everybody has a voice doesn't mean you have to listen.
Should ISPs be held accountable for the actions of their users? No. But they should be held accountable for their own actions, and one of their actions is aiding and abetting known spamers. They've received the warnings and complaints, they've seen their own mail server traffic and have access to their own logs, and their decision to do nothing implicates them. If a bartender can be held accountable for letting a known drunk drive home and if a gun store owner can be held accountable for selling a gun to a known felon, why shouldn't ISP's be held accountable for selling service to a known spammer?
And as for the legitimate mails that may get blocked by firewalling off Korea or whatever, why should we be held accountable for the foolish choices made by these customers? If anything, blocking their e-mails should be seen as a benefit, allowing the user to learn first-hand the despicable pro-spam tactics of their ISP and make an informed decision. If they don't jump ship after that they deserve what they get.
They're our routers, our mail servers, as long as our actions don't abuse other peoples' resources (like spammers) why shouldn't we do whatever we damn well please with them?
At my last job, working for a NASA contractor, we suffered a constant barrage of attacks that all seemed to originate in Beijing, or Seoul. Blocking Class-C blocks at a time knocked out the Seoul communications, but China was another matter. This went on for some time, with myself sending e-mail after e-mail to China Net with no responses. The difficulty arose from our having offices in Shanghai, so a total block of all addresses was next to impossible. (Anyone who has worked with China Net before can attest to the difficulties of getting static IPs, or *anything* for that matter) Another difficulty arose from the dynamic assignment of IPs by China Net as packets cleared their network. It was difficult to trace and block, and eventually my edge router configurations wound up with quite a group of extended access-lists. We had to ship off a VPN solution to our Shanghai offices, and hold our breath while we punched down tightened controls. After a couple of months though, we finally managed to stop the assault. It was annoying to be forced to such extreme measures, that wound up costing the company significant dollars in manhours, equipment, and travel time just because of the lack of professional courtesy from across the ocean. On a positive note, at least it taught me to be entirely proactive with my blocks, and now I don't hesitate to toss people's packets into /dev/null. Cynical perhaps, but necessary IMHO.
Sneakemail -- Disposable email address service
I use these guys and I never get spam, the rare ocasion I do, I know who leaked it/sold it... or where it was harvested from.
1. The mail claims to be From someone I have pre-approved.
2. It's from a mailing list I've registered with.
4. The email contains a special approval code to bypass the checking.
The way you describe it make's sense. It's almost like a stateful firewal for email. Block all incoming, with certain exceptions. Allow all outgoing. Allow the responses to those back in.
Hmm. Perhaps my SMTP server should keep track of who I send email to, so it can automatically accept the replies and block the others. There'd be problems with that of course, since replies don't always come from the same address. But it's an idea to play with.
Actually, its September '93...
Nope, I'll hold out for September '91. AOL was just the final straw, it'd all being going down hill for a long time before that...
Al.The Daily ACK - Eclectic posts by yet another hacker
they usually surrender right away ;)
also known as Sneakemail.
What I find frustrating as someone that filters a whole lot of spam on my servers is that I can't get usable information out of the APNIC WHOIS. I really can't find anything worthwhile in about 90% of my queries while LARTing spam. It's quite frustrating. I've considered blocking all .cn, .kr, .jp, .tw, .ar, .br, and other TLDs since I don't directly contact any body in those particulat TLDs. I am on mailing lists that have addresses with those TLDs on them that I would have to account for. As a sysadmin I find the quality of foreign WHOIS to be a major problem.
That depends. If sending SPAM happens to be a capital crime in China and the sender is Chinese, the odds are pretty good given the Chinese practice of harvesting organs for profit.
Babar
When China Telecom gets 1000 bounces saying:
550 - Falun Gong Xmit JFIIZ WNAZO
with the five-character blocks being randomly generated, once per bounce message, quite a lot ;-)
Maybe it's me, but it seems like the time might be right for lawyers to entertain us with a class action lawsuit. If China's ISP and telecomunications companies are state owned enterprises it seems like you might be able to do something silly like sue China under one of the anti-spam laws some states have. I think the one in washington provides something like $500 per offence.
I'd love to see that full page ad, or even better commercial on late night tv. Have you recieved spam? You may have been harmed, and be owed a thousand dollars or more! We can help, but you need to help us. You can't spell sue without u!
The best would be a bulk e-mailing titled that Make Money Fast and promised thousands of dollars without ever doing anything! And best of all, nothing to pay, ever!
--Jimmy has fancy plans; and pants to match.
As to parts of the story:
That's so ironic it's funny!
Not just Duh!, but Duh! So hire some english fluent contractors to help with it. Damn. That excuse is as bad as the crematorium in Georgia, USA, where they tossed bodies in the woods, for 20 years because, and this is just fantasy to think anyone could believe this, because the cremation chamber was broken, like 20 years isn't long enough to actually fix it... So how long before these ISPs decide to stop putting it off and actually fix it? Sorry man, if you get blocked, you did everything to earn it, as inaction is action in this regard.
A feeling of having made the same mistake before: Deja Foobar
If it were not for the fact that other "more surgical" techniques actually work to stifle spam injected at .com, I might join you in blocking the whole thing. The thing about the .com spam is you can:
The problem with the spam from China and Korea is that these methods are ineffective. Virtually all spam from C/K is from dialup, DSL, or broadband, or via open relays (there's a lot of pirated copies of an old un-closeable version of Microsoft Exchange Server running in China). Most of those are dynamic IP, so blocking is ineffective. HINET does not distinguish them in a special subdomain in reverse DNS, so I do block the whole thing.
now we need to go OSS in diesel cars
Filtering on sender address is rude too. I wouldn't want to assign unique addresses to senders. People send from too many different addresses. If I email someone's personal account and they try to use my return address to email me from their work account, I don't want to bounce their mail.
I think if I quit publishing non-munged email addresses in my news posts and junkfile the incoming mail to the addresses I post news from, that should get rid of most of my spam.
The idea goes like this:
Why not have a sort of "Name" tag in email. This tag could be an MD5 Hash of anything you want. If the people who sent you the email knew your name, or any valid name tag that you gave them (Multiple Name tags would be simple, just sort them into folders) You could just supply the "Name" with your email address, something like "Yeah, email me at prudan@example.com, name tag (prudan)" Anything that doesn't have your name tag would be sorted into a spam / unknown folder, or you could even bounce it back saying that the name was invalid.
Some pros and cons to the idea:
Pros:
It will require more processing power for spammers to send out lots and lots of spam. Each message would need its own checksum if they are guessing at a valid name tag.
This would really make it so that you have different email addresses, without all the aliasing. You want to use a business address? Make one of your name tags "Business", and assign that nametag to a folder just for that.
Adding this to email clients would be a trivial task.
Done at the client level, so it adds no server processing overhead.
Cons:
Spammers will start trading name tags too, so changing your MAIN name tag every so often would probably be necessary.
Getting this to be accepted everywhere would be quite a chore.
Maybe this won't work. I don't know.
-- Dan
So, there's the ROKSO list of spammers, plus the usual MAPS and so on. Of course, there's also hieristic software such as Spam Assassin...
However, does anyone know of any web hosting providers that actually use these tools? I'm particularly interested in any that use SpamAssassin, as that appears to be very effective.
Alex Bischoff
HTML/CSS coder for hire
IM2000 has its own risks. It allows "institutional spammers" (those who actually spam with their real identity) to not only save more money by dynamically generating your spam when you pick it up, but also track your mail reading habits as well. They know you picked up the mail, and they know where you were when you did (if you didn't use a proxy). IM2000 doesn't stop spam; it just gives you a better identity of who sent it, and tries to shift the cost back to them. But you can be sure they won't be storing a million copies of the very same spam, but instead will have one copy for all, and eventually add Java programming to make it all dynamic.
now we need to go OSS in diesel cars
I cut them off half a year ago. Hotmail is still open, because they at least try to do something about it.
now we need to go OSS in diesel cars
I almost, but never quite did, cut off all of Russia. The spam problem there has gone back down, at least for my regularly spammed email addresses. OTOH, I'm seeing a rise in spam from Indonesia, though not even near a need to cut off the country, yet.
now we need to go OSS in diesel cars
Bet that'll get them to fix the problem within 24 hours
I don't read ACs: If a post isn't worth so much as a nom de plume to its author then I wont bother either.
I take it you consider yourself part of the "civilized" bit?
I don't read ACs: If a post isn't worth so much as a nom de plume to its author then I wont bother either.
I don't know that it's 95%, but certainly a lot does. There are dregs in every population, and the USA is no exception. The problem is, because China hosts so many open relays, the USA spammers can bounce through there to evade the blacklisting that has been placed on them already. The end result is to block the USA spammers I still have to put in filters with Chinese IP addresses.
now we need to go OSS in diesel cars
I haven't implemented automated domain blocking yet, but it shouldn't be all that difficult to do.
I'm seriously considering it though. AOL, Yahoo and Hotmail will be the first up against the wall when the revolution comes.
Government of the people, by corporate executives, for corporate profits.
At least AOL will attempt to do something about spam originating there. They may not be able to prevent it the first time around, but once they cut that leecher off (using the 1000 free hours) they at least have a CC number they can store in a DB (hopefully as an MD5 checksum) to compare against to prevent another signup with the same number.
now we need to go OSS in diesel cars
I hope this has answered your questions.
No replies made to AC posts. Please log in.
Add some spamtrap accounts to poison the mailing lists and sugar to taste.
Government of the people, by corporate executives, for corporate profits.
While I've been sorely tempted to wall off anything coming from the Pacific Rim or Latin America, it seems that there are two more constructive ways (OK, maybe only one :) to proceed:
1. Multilingual spam report generator. Seems as if there's already an autogenerator (which is probably English-centric). Why not add multilingual support to it, or build a new one? You don't have to add every language, just the major ones that affect spam traffic (Spanish, Chinese, Korean, and French and Japanese for good measure).
2. Enable open relay autoprobing for certain incoming SMTP requests. This may be slightly more problematic, but it'd be nice if I was to configure my MTA of choice to test the sender IP of an incoming messagefor an open relay hole. The check would only occur if the IP address was determined to be within the range for a certain group of countries. This might be a feasible solution for those who either can't or don't wish to subscribe to an RBL.
Alright, I'll give. Perhaps I'm part of the problem... but what was significant about September '91? I've also seen September alluded to a few other times in this context. I didn't start using the 'net until 1994-ish, so I guess that makes me a newbie but I'd like to know...
See the Jargon File entry for an explanation of the Sept'93 reference, but for me the death knell was sounded in Sept'91 when JANET started talking about JIPS, which was TCP/IP over the then entirely X.28 UK academic network.
Al.The Daily ACK - Eclectic posts by yet another hacker
You scare me. More precisely, your attitude scares me.
If you really value free speech, you *must* accept restrictions based on time, manner and place. The alternative is to allow some bad players to use their speech to effectively suppress others.
In meatspace, a classic example of this is using a bullhorn to heckle a speaker using his own voice. An unaided voice gets the message across without making it impossible to hear the speaker, an aided voice makes it impossible to hear anyone else.
In cyberspace, a classic example are the 'bots that flood newsgroups with irrelevant messages so that the legitimate messages are lost in the volume.
As for spam, most of the messages are either illegal or for some highly questionable product or service, yet the sheer volume of it often causes legitimate messages to be overlooked.
You may evaluate the proper balance differently than me, but I have no more qualms suppressing a spammer than I do the guy disrupting a public meeting with a bullhorn.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
Thanks for the idea.
Does anyone have an IP range that will block most of China?
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
As the postmaster for kitv.co.uk I've found that this problem (no, flippant, hostile responses) is also starting to become a regularly feature with ISP from the Eastern Europe and Baltic Republics.
They are able to setup linux and configure sendmail and bind to add additional relays without instructions in their native language but they can't figure out how to turn them off or install a more recent version of sendmail??
Something stinks like chinese fish!
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
Unfortunately, SpamCop gave that up, as "too annoying for senders", and went to a mediocre system based on heuristics and spam reports.
Rather than blocking mail, I'd suggest automatically filtering it with something like that. Maybe based on the IP block.
To the "Axis of Evil?"
A solution to/from UK UCE.
Make the sending or receipt of UCE against your AUP/TOS then any repeat occurrences following notification are illegal under the Computer Misuse Act Section 1.
I usually respond with the following email which has proved to be surprisingly effective even with non-UK UCE. Perhaps because most of the developed world has similar legislation, design to make cracking illegal.
--- UCE RESPONSE ---
The attached unsolicited bulk email has been received from [or downstream from] your domain. The sending or receipt of unsolicited bulk email is a breach of our Acceptable Usage Policy and is unauthorized.
This is a breach of 'The Computer Misuse Act 1990' Section 1;
1.--(1) A person is guilty of an offence if--
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at--
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.
http://www.hmso.gov.uk/acts/acts1990/Ukpga_1990
We expect your immediate attention to prevent a reoccurrence.
thanks
Postmaster [@kitv.co.uk]
--- END RESPONSE ---
I use fetchmail and exim for my mail, and I set it up to reject anything coming from or through *.kr *.ru *.cn *.my and *.jp
That cut my spam down by a huge amount. This technique really works.
If tits were wings it'd be flying around.
I have heard tell of a guy who is getting more than ten million spams a day from btamail.net.cn. Wow!
Last time I got spam that wasn't getting responded to, I wrote back to the ISP saying that I shared their customer's interest in a Free Tibet, and then
went on with my normal abuse complaint, and I think that one actually stopped.
My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
Funnily enough, when I submitted a story about this, the Slashdot editors rejected it within minutes :-)
Oolite: Elite-like game. For Mac, Linux and Windows
61.128.0.0 - 61.191.255.255
63.0.0.0 - 63.63.255.255
65.128.0.0 - 65.158.159.255
66.24.0.0 - 66.27.255.255
66.81.0.0 - 66.81.127.255
128.121.122.33 - 128.121.122.43
161.207.0.0 - 161.207.255.255
167.107.0.0 - 167.107.255.255
193.227.32.0 - 193.227.63.255
200.13.160.0 - 200.13.175.255
200.28.0.0 - 200.28.255.255
200.63.0.0 - 200.63.31.255
202.90.0.0 - 202.207.255.255
208.253.172.0 - 208.253.175.255
209.196.2.0 - 209.196.43.255
209.235.3.0 - 209.235.47.255
210.25.0.0 - 210.47.255.255
210.90.0.0 - 210.127.255.255
211.32.0.0 - 211.71.255.255
211.80.0.0 - 211.119.255.255
211.152.0.0 - 211.255.255.255
216.64.152.0 - 216.64.255.255
216.143.68.0 - 216.143.76.255
216.205.5.0 - 216.205.191.255
217.8.160.0 - 217.8.191.255
oh yeah, and china.com
- Entertaining Bits from the Ancient Kernel Tree
I think that the way to shut them down once for all is to educate people about what spam is and why it should be reported, and above all, not responded to. This way, the market that spammers will target will dry up and then they will stop sending their UCE out.
Same here. My portsentry logs are filled with wandaoo.fr. What is up with that?
Me too!
At least 5 times a day from wandaoo.fr. I think I'll set me firewall up to just drop all attempted connections from there.
There's a huge difference here - in the case of the spam, the situation is "We've identified a definite and demonstrable serious abuse, and contacted the 'enabling' agency, but they've refused to deal with the problem, so we have to escalate to less pleasant means", whereas in the MPAA's case, they've gone straight to the equivalent of trying to outlaw email because there is so much illegal spam sent using it, even though email has, and is mostly used for, legitimate uses.
Even with "escalated" spam response, they're talking about blocking an area of known frequent offense. With, e.g. the use of the DMCA against DeCSS, they have leapt to directly criminalize EVERYONE's uses (both legitimate and illegitimate) regardless of whether an abuse has taken place or not...
Hacker Public Radio is our Friend
Last summer, I did something similar with CGI scripts on one of my web sites. The site has a number of scripts that convert files in a compact notation to an assortment of output formats. What the data represents isn't too important; the problem arose from the fact that a single small file could be converted to things like PS or PDF or GIF or PNG or ...
;-)
I'd been reading about research at the big search sites that was working on the problem of "hidden" web pages; i.e., pages that are generated on the fly by scripts that read from databases. The idea was to learn what was in a site's databases by calling the CGI scripts to extract it all. I found myself thinking "Uh, oh; I'd better watch for this."
One day it happened. A search site suddenly started invoking my scripts, methodically trying to extract all the data that I had in all of the output formats that I supported. And it did this in parallel from a large number of machines. This brought my server down and kept it down.
So I added a "blacklist" to my code. Any requests from any of those IP addresses got only a small page saying that they were on my blacklist. I included my email address in case anyone wanted to discuss the situation. Over a few months, my blacklist grew to include a few dozen blocks of addresses.
I've never received any email from any of the search sites. However, a few weeks back I got a message from a person in Singapore who wanted to use my site, but only got a blacklist message. I checked, and sure enough, his address was an ISP in Singapore. No way of telling him apart from the search bot at the same address (but presumably on a different machine).
The ISP didn't respond sensibly to my query, so I have no choice but to continue the blacklist. All I have for identification is the ISP's IP address, so I have to block everything behind that address.
I don't like blocking everyone behind an ISP, but I can't think of any other way to prevent this sort of attack on my server.
(Yes, I do have a robots.txt file. And I know how to use it.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
I've had the fortune (misfortune) to deal with some of this first hand.
About 1.5 years ago I was working for iPlanet as a backline support person. The summer of 2000 we had a rash of Asian telecos running our e-mail server and crashing and burning.
So I got sent to Asia to try and figure out what was going on at our three largest telcos there, Unitel and Hanaro Telecom in Korea and Jiangsu Telecom (can't find their homepage at the moment) in China.
What I found in both cases was frightening. Pro-Serv had done a good job of implementing a mail system that would handle a normal user load just fine. But, in both cases the load was 5 times what was planned for. So the servers we're dying under the load.
After very little investigation it found out that several of the subscribers were spamming via their ISP. When I first pointed this out to the powers that be there I got a blank reply along the lines fo "So?".
As management and I delved into it the opinion that the ISP was forming was that these are customers, we can't just cut them off, they will leave and we will lose money.
I tried the normal counters like, "The abusers are bringing down the service for your normal subscribers. The normal subscribers are getting mad (some even started anti Unitel sites) and they're going to leave in droves if this keeps up. And then all you're going to be left with is a few subscribers who are costing you more in the long run. Bandwidth costs associated with the spamming, hardware upkeep for a few users, etc.
The sysadmins and techs got all this but management was so scared of losing a customer and that customers money that they would not dare do a thing about it.
I ended up leaving both sites having accomplished stabilizing the systems as much as I could but not solving the actual problem, getting the ISP to come up with and enforce some terms of service.
So to me what it comes down to is capitalism run amok, espically in Korea. Management is so blinded by "making it big" they fail to see the real disaster looming on the horizon.
Don't blame uncaring techs, blame the top level for driving this thing into the ground.
At least I can say I had a great time visiting those countries and taking in the other parts of their real culture. But, July in Seoul is miserable.
-- This space intentionally left blank.
I was subscribed to a Korean shop network mail list accidentally. Someone did it I assume. One who did it knew I wouldn't get rid of it simply and subscribed me to it.
Now I get legal (non spam) mails to my Yahoo mailbox everyday. As I check, I figure its simply Korean mail advertising some t-shirts etc. Mail sent to MY e-mail, the one listed on Yahoo... I block it. Than next day I get mail from same company groups another company, of course, with another mail adress...
Guys aren't spamming me. Just they stupidly made a system easy to abuse. Like no verification like "Click YES or reply to this message" verification included.
I contacted them via Spamcop, they said they now figured I don't want those mails and they are investigating who subscribed me to that. The problem is, I believe those systems as Yahoo etc. has a system that after certain people click on "block e-mail adress" while reading mail, they a) automatically add them/their IP block to spammers list b) they investigate.
I don't think in such a closed country as China there aren'T people to abuse SMTP servers as they are owned by the goverment or companies really near goverment already.
True: in the waning months of WWII, when the city of Strasbourg was threatened by a German counter-offensive, DeGaulle insisted on a militarily unwise defense. Eisenhower then insisted on an offensive to clear the Germans west of the Rhine to end the threat. French troops made no progress. American reinforcements were necessary. DeGaulle angrily asked if Ike "questioned the valor of French troops." I think the question was settled in 1870, again in 1917, and for all time in 1940. 3 French divisions were then withdrawn without permission for "rest and refitting" (with American supplies) in spite of the fact that American divisions had just beaten back the Germans in the Battle of the Bulge and probably needed the rest more than the French. And then the Frogs ^H^H^H^H French disobeyed orders and attempted to seize additional occupation territory in Germany at the expense of the US/British plan. For some reason, Ike didn't simply cut off the supplies. It was American gasoline, food, and ammunition the French forces were using.
In addition, DeGaulle snubbed Roosevelt on FDR's return from Yalta. Staggering ingratitude, considering the American death toll for the Normandy campaign was 29,000, another 106,000 wounded/missing.
In Ike's place, I would have liberated Holland and Belgium, and invited the Germans back into France.
Most MTA vendors don't go out of their way to provide up-front relay-control instructions in English, much less in a selection of languages.
Though I don't buy the language barrier excuse from chronic spammers (china telecom, e.g.), the open-relay db services could help smaller ones by translating their own instructions for fixing an open relay into the languages spoken in problem areas. Though in Wanadoo's particular case, that language would probably need to be the language of stuffing their MTA manual down their throat sideways.
Dorkslayers , who don't run an open-relay database per se, do come right out and say "If your IP address is in the APNIC CIDR Block or APNIC CIDR Block2 (for instance) and it's running a SMTP service that has been demonstrated to allow third-party email relay ... well ... you may be a dork. Nothing personal. It's just business."
The damn spam is IN the native language of the sender.
Which is compleatly stupid.
Why the HELL are they sending me spam in another language?
The Russians do this too.
Do they think that I am going to go through babelfish JUST to read THEIR spam?
Honestly, how stupid are these spammers? Why not just send out compleatly random junk characters on a massive scale, the profits would be the same.
Need help treating your acne? Come here!
After all, when was the last time You, as a sysadmin, responded to an informative message to postmaster@your.org that was written in an Asian language??
Wow, it's so rare that slashdot speaks to me this personally, since I'm the owner of your.org. (Really! Go do a whois on it).
I have to say I'd probably throw away any e-mail in an Asian language, since up to this point, every Asian language e-mail I've received appears to be spam.
There, wasn't that esay! That's what I'd do, case closed, problem solved.
P.S. When you guys fill out forms asking for an e-mail address, PLEASE PLEASE PLEASE do not use domains like that. Someone owns them. Use "domain.com" or "example.com" instead, which will never resolve to anything. "your.org" gets more spam than you could possibly imagine.
If knowledge is power, and power is sexy, than how come I'm still single. Spawned lots of debate. ;-)
The article may think it's hype, but about three days ago I turned on all of Spamcop's blacklist options, including one that read "Korea (the country)".
in my job, I have had the pleasure of talking to many a customer who had an open relay. Here are some VERY common reasons:
You missed my favourite:
"What do you mean spammers are using it? I know it was open, but I didn't tell anyone about it! Spammers can't be using it, I didn't even add it to the DNS"
Forwarding a mail to abuse@blah or postmaster@blah
with the single word "spam" and full headers should be all the info you need.
AFAIK, a sysadmin or postmaster should already understand the headers. So the only thing left which might confuse a non english speaking (yet otherwise competent) admin is the obscure single word "spam".
When in doubt, have a man come through a door with a gun in his hand.
What about those places where the local telco has a monopoly on isp services? It might not care about user pressure.
The obvious thing to do with open relays is to use them yourself. If top party leaders/businessmen in China suddenly found pro Taiwanese rants in their inbox, or penile enlargement ads, then I think the Chinese Telco would become very responsive to closing the relays.
It's a no brainer. If you have 0 abuse staff and 1,000,000 censors -- change the definition of debate.
When in doubt, have a man come through a door with a gun in his hand.
..watch out for e-mails with messages such as:
"ALL YOUR BASE ARE BELONG TO US!!"
or
"YOU ARE ON THE WAY TO DESTRUCTION!"
These are obviously terrorists and should be reported to the feds. (-;
It is different because the name tag would be an MD5 hash. If you're not sure what an Md5 hash is, look it up. The main difference is that prudan+business@example.com is a plaintext address, whereas prudan@example.com nametagsomewhere in email:{d6e6cb19e3b9c02f89d6cd54cfa7c613} is a lot different, and doesn't immediately stand out that it's the business name. Also, that's the md5 hash for "Business".
-- Dan
Made the mistake of saying Godzilla had been spotted, and was heading their way. There was a lot of screaming and they dropped the phone and ran. My ANI has been blocked from calling any phone number in Japan ever since.
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
we can all fight spammers use spamcop.net
http://Lenny.com
4 great justice!
You really think Hotmail don't have anything to detect multiple, fast, repeat postings through the same account?? Even the slashcode has that :-)
Spammers use standalone client software which hooks up to an open relay and batters it into submission. If anyone was actually watching said SMTP server they'd be sure to notice the load and shut the connection off. The thing is no one is watching...Hotmail doesn't fit into this category.
Want evidence - take a look here. These stats from spamcop show that Hotmail don't even make it into their weekly statistics as sources of spam. I rest my case.
---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"
SMTP AUTH will do fine.
:)
And simply disallow plaintext auth methods, and no SSL and that kicks Outlook Express and Outlook off the net too. Major riddance for spam
I can throw myself at the ground, and miss.
And it wouldn't really stop you from getting unsolicited email, just unsolicited email from people who don't have a valid name tag. The difference? Wherever you post your email address, include the nametag that you want people from that particular place to use.
This scheme would be open to Replay attacks? Well, anyone getting cc'd my email would probably be someone who I wouldn't mind giving it to anyway, (I say this because I have never heard of any of the people I send email to forwarding it to a spammer), but a business that you email with a nametag, if you start getting spam back with that nametag, you retire it and also stop using that business. How's that?
I still don't see why anything other than the email client would need this functionality. To the server, it would still be the same old email. I don't see a need to modify the email header, even though that probably wouldn't hurt. It could just be a part of the body. Nametag:"Md5hashhere". That as part of a .sig would be no problem.
-- Dan
Another thing is that when Hotmail.com sells your email address, they can't sell your nametags. (Unless they start checking all of the outgoing mail, which isn't impossible, but impractical).
Your idea has merit, but I dislike it because a spammer wouldn't be required to change anything in their software to grab it. (Of course, the flipside of that is that neither would anyone else). This makes me wonder if maybe an obfuscated email address that is a complete MD5 hash like d6e6cb19e3b9c02f89d6cd54cfa7c613@example.com is the answer. But again, I come to think that it's just something that can be added (easily) to a spammer's list.
Bleh. I think I'm for changing the email standard to something that makes spam something almost impossible. Something that could be done at the client level. I'm open for ideas, I guess ;)
-- Dan
Based on some discussions with actual Nigerians, I think it's likely that they are. A few years ago, the "60 Minutes" TV crew even met with some of these bank scammers in Nigeria.
"Those who have never entered upon scientific pursuits know not a tithe of the poetry by which they are surrounded."
As a legal resident of both the Singapore and the US who has spent a lot of time working in Taiwan, I'm afraid you're the one who's dead wrong. Any given restaurant can blow it, but the consistency is remarkable, though there are local menu additions and deletions, of course.
"Those who have never entered upon scientific pursuits know not a tithe of the poetry by which they are surrounded."