Slashdot Mirror
The Story of "Nadine"
Guinnessy writes: "We've all accidentally typed in a wrong email address sooner or later. But can it all go horribly wrong? On http://www.spamresource.com there is the story of Nadine, an account of what happened after an Internet user accidentally gave a wrong email address when she visited a web page and signed up for a sweepstakes. Live in fear...."
http://www.honet.com/nadine/
Nadine -- The Story Begins Once upon a time, there was a senior citizen in one of the Southeastern United States who was apparently confused about what her email address was. Because I have no desire to cause this lady the slightest inconvenience, I will call her "Nadine", which is not her real name. I'm also going to change her surname to "Smith", which is likewise false. (NOTE: Because I have no desire to avoid inconveniencing any of the other players in this tale, hers is the only identity that has been altered in any way.) On or about the second day of March in the year 2000, Nadine visited a web site belonging to an outfit called delivere.com. While there she apparently entered a sweepstakes, gave delivere.com some personal information and (I presume) agreed to receive email advertisements from various parties from time to time. The email address she gave them consisted of her first name and the domain honet.com. What the actual email address should have been is something about which I can only speculate. To confirm (to Nadine) that she had signed up, delivere.com sent a message to nadine@honet.com. (This was the First Big Mistake: the message should have asked the real owner of "nadine@honet.com" to confirm that the sign-up was genuine.) A semi-automated process at honet.com noticed the message and sent a "No such user" message to the appropriate addresses (at least one of which was bogus). Normally, that is all it takes to stop any further traffic. Such was not to be the case here, however.
We had to destroy the sig to save the sig.
Read it off the Google cache
(Note to people accusing me of karma-whoring: The search formatting above is non-obvious)
Sig: What Happened To The Censorware Project (censorware.org)
A bit OT but...
If you made a mistake in your contact info, you could've rectified the problem by voice phone and fax. That's what I did when the contact info for a domain I registered had to be updated because the email was an expired domain for a now-defunct company. Network Solutions had surprisingly good customer service and once they verify the credentials via fax (or even snail-mail) they will make any changed required without the use of email.
That way seems low-tech and backwards, but you don't need to register an otherwise useless domain and it costs nothing more than your time (certainly mot much more than the trouble of registering a domain and setting up the DNS).
Us techie types should be careful not to overlook the most simple solution because it is low tech...
OTOH, the useless domain could be useful to keep track of how many OTHER people make that typo...kinda like the Slashdor site...
Sign up for a Yahoo email address and use that address when signing up for anyting. Dont most people do this? I know i do and it keeps my real address relitivly clean where my "sign up" address gets hundreds of emails a week.
You mean, like SPEWS? http://www.spews.org
I am not SPEWS.
Specialization is for insects. - R.A.H.
It's not perfect, but Spamassassin is pretty damn close.
Perhaps the story itself is not so unique, but I find his analysis very important to understand.
From the essay:"Subject only to the agreements and contracts that an Internet entity has with its providers and customers, that entity is absolutely sovereign within its own domain. Service providers and system administrators are completely free to decide to accept or reject any network traffic they choose; they simply must accept whatever reactions such decisions may evoke from those with whom they have agreements.
An individual consumer's service providers have absolutely no economic incentive to provide transit and storage for advertising, especially advertising delivered by email. On the contrary, many providers have discovered that swift remedial reaction to consumer complaints about unwanted communications can both increase customer loyalty and decrease operating costs. As a result, the unwritten "I will carry your traffic if you will carry mine" agreement is subject to re-evaluation, with the possible conclusion "I don't care whether you carry my traffic or not, so I won't carry yours." And there are many ways to say "I Won't".
He states that this goes against the very flow of information that transpires in other forms of media. I find it fascinating that people expect to have a captive audience on the Internet because they did on TV, radio and magazines. Frankly, this is a new world and it isn't governed by the same rules.
ASCII tastes bad dude.
Binary it is then.
I think I am under that same impression as you are. Someone's getting a lot of spam? Who cares. I get tons of spam. My hotmail account (as listed above) gets at least 20 spams a day probably more- but that's why I still have it around. (Although my main e-mail still gets some spam).
Are there people out there that really care?
I thought there was supposed to be something gone terribly wrong in this article (like someone killed as a result of spammers)...
Much ado about butt-kiss..
For you newbie spam fighters out there, here a few links:
g /rokso/index.lasso/ /www.spamfaq.net/spamfighting.shtml
http://www.samspade.org
http://www.spamhaus.or
http://www.spamcop.net
http:
There's no reason to get upset or frustrated when looking for spammers. Rule 3 says they're stupid so they're usually rather easy to trace down, if you know what you're doing. Once you've taken the time to educate yourself on how to read email headers, trace through them to find the originating ISP, open relays/proxies that forwarded the email, and decode the spamvertised URL, rooting out any redirection services or encryption used to obfuscate the spammers actual website (read cash generator), it's like anything else and can become second nature. It only took me about six months to get a good handle on all of the above and then another year to refine it to a science. I'm currently administering my own Linux mail server. I'm also pulling mail out of two POP accounts, one of which gets the majority of my spam, the other which has never been published anywhere and hasn't received spam... YET. I'm using a combination of DNS-based blocklists on postfix, iptables and a procmail filter to keep my spamload down to about 1-2 messages a day.
The only thing I can say is use the above links and get familiar with the process. Read news.admin.net-abuse.email and ask questions of the inhabitants on how to fight spam. Make certain you stock up on Nomex underwear as it can be a pretty rough group to follow. A speed reading course may be helpful to keep up with the flow of articles.
Hope this help....
Rich
--
Consumer Watchdog! Yes, we're rough on bogus businesses! And today,
Consumer Watchdog reports on protecting you, the consumer, from being
consumed by dangerous products and phony packaging. -- Firesign Theatre
TINLC Unit #2309 Death to all spammer accounts.
- Post "test" posts to a few newsgroups, I suggest alt.test and alt.business.multi-level, using your new spamtrap address as the From and Reply-To address. (Technically, test posts are not appropriate in alt.business.multi-level, but if you want a fast track to spam, that's the place to go.)
- Visit the "remove" links in spam you already get at your existing mailboxes, and type your spamtrap address into the remove box. If you have the time or patience, you can do the same thing with spam which contains a remove address instead of a link; send remove requests from your spamtrap. Removal is spammerspeak for opting in, so this will grow your spam collection quickly.
- Embed a mailto link to your spamtrap address on a couple of webpages you control. Make the mailto visible only to web-scraping robots by linking to a 1x1 pixel black image file in place of a period on your page; human viewers will see it as a period, harvesting programs will see it as fresh meat.
Whatever you do, don't give your spamtrap address to anyone for legitimate email, and don't sign up for anything using that address. If you follow those two guidelines, every single message that mailbox receives is guaranteed to be spam. This will give you the ability to archive, auto-report, etc. the incoming mail without fear of false positives.Shaun
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
The whole idea of confirmed opt-in isn't to confirm *if* there is an address on the other end, but to confirm that the recipient is really the one who signed up. The "web bug" you propose doesn't address that problem.
Please, don't pull domain names out of a hat. There is an official fake address that you can use:
me@privacy.net
See their website for more info.
A friend of mine runs a domain that happens to be used a lot by people who think they enter a non-existant domain, and it's driving him nuts. Well, there is some amusement value in noticing how many variations people come up with, but still...
Bert Driehuis -- All I asked was a friggin' rotatin' chair. Throw me a bone here, people.
When I first started this, I thought I'd "catch" a huge number of companies selling or using my email address without their permission. But what I've noticed over time is that I almost never receive any spam at these addresses. That is, probably 95-99% of the companies that I've signed up with have respected my preferences and have not sold or spammed my email address. Nearly all the spam that I receive (and I get a lot, though switching to the fastmail IMAP mail service has cut my spam significantly) is sent to:
an old address that I used 10 years ago to post on usenet
the address that I used when registering my domain
I think it's somewhat heartening that most companies that I have any real business or interaction with have properly protected my email address, the spam seems to come almost entirely from various types of harvesters.
"To be absolutely certain about something, one must know everything or nothing about it." -- Olin Miller
I've never investigated the details, as I don't have the bandwidth to host my own publicly available blocklist. I would if I could. I contribute to the proxy.relays.osirusoft.com blocklist, but that's only because people don't hit me directly for the queries.
If I'm thinking what you're thinking, these are known as "teergrubes" which is the German word for "tarpits." A spammer connects, and his spamware becomes trapped in several hundred SMTP connections which don't close, but instead transfer something on the order of 1 byte per minute. The spamming program gets hopelessly hung up in sockets that won't close, preventing his machine from opening more connections. A lot of people who run SMTP relay honeypots also run them as "teergrubes."
Shaun
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
I move my spam to the "spam" folder on my imap server. So it never even wastes bandwidth coming down to my workstation (over a dialup).
/,$buf); # split on message header
Then I use this script to fire it all off to spamcop once a day:
#!/usr/local/bin/perl
$reporting_addr = 'submit.yourspamcopidhere@spam.spamcop.net';
$/ = undef; #slurp mode
$buf = < #slurp
@spams = split(/\nFrom
for ($i=1; $i<=$#spams; $i++) {
open (MAILER,"| mail $reporting_addr");
$msg = "From " . $spams[$i];
print MAILER $msg;
close MAILER;
}
Not perfect, and you still have to visit the spamcop site to finish the reporting thing, but it's semi-automated at least. And forgive my clunky perl idioms.