Slashdot Mirror
As the Spam Turns
Anonymous writes "The SBL has added Verio's corporate mail servers
to its blocklist which protects nearly 100 million mailboxes, because of the number of spam gangs on the Verio network.
Verio also provides connectivity to AS26212, a collection of 9 of the most notorious spammers netblocks. AS26212 - the new spambone? - is also connected to he.net and bbnplanet.net."
This will force Verio to take action. If Verio's customers get upset, Verio will listen.
We need our royal crusader, Spamford Wallace, to fight spam as he promised to do after being bitch-slapped for his own spamming crimes.
Now how will I know the best way to enlarge my penis or get that degree from a fine, unaccredited institution?!
Don't most filters go by domain names and not IP ranges?
Are you high??? They are nothing alike, MODS: pleeeeeeeeese mod down this pathetic attempt at humor.
To see the spammers win and block legitimate sites to stop the criminals is well... criminal. Isn't that what all of us who believe in freedom are supposed to be fighting against. I hate spam as much as the next guy, but I'd rather see every spammer run rampant then restrict even one innocent party nobody cares about.
That's just what the Internet needs. When will ISPs decide, or be forced, to stop playing Big Brother and let the users make their own decisions about what to filter? The technology is out there, in the form of Bayesian filters, and is nearly perfect. So why do we still have to deal with upstream providers knowing what's best for us?
--sdem
Oh, I don't know... Spammer finds way to circumvent which blocker finds way to block which spammer finds way to circumvent which blocker finds way to block...
ad nasuem..
You can have it fast, accurate, or pretty. Pick any 2.
OMG!!! you have done it, you've made me see the light, all of slashdot has been summarized and I can finally get back to work!! hooray! BTW- Spam is bad (gotta stay ontopic)
I replied with a cheap goatse.cx link. It went something like "Sure, I'll do it--but can you please check my [a href="http://goatse.cx"]website[/a] tomorrow--I will post a picture of an open door to indicate that you have been granted the go-ahead. If not, it will mean I need another day for my paperwork to be prepared. I have been having troubles with my bank lately, and they might be looking into me, but fortunately I have the right friends. I think email is much too insecure for this." I guess trolls do provide something useful for the community.
Slashdot: Where people pretend to be twice as smart as they really are by behaving like children.
My gosh... when I was a kid, gangs did fun things like rape, robbery and murder. Heck, even the script kiddies sound cool by comparison.
"Yo, Tony, guess what we did today? We hit all of Hotmail with ads for herbal viagra!" "That sounds deadly!"
As with the UDP, all that ridiculous overreactions like this result in is an increase in those who find the cure nych worse than the sickness.
I used to subscribe to a few filter lists on my mail servers, but the operators are such assholes about things that the lists are now useless, filtering out more valid email than bad (when you consider that a few intelligent local filters can eliminate 90% of spam).
Isn't Verio Paul Vixie's company?
Ironic...
Verio had it coming.
Do you think the people who send out all this spam get annoyed at all the spam in their mailbox or are they proud of the work they do?
I tried for 5 years to come up with a clever sig...only to realize that I am not clever.
I'm in the process of selecting a new hosting provider, and I've been fishing the Verio account team's emails out of my quarantine folder since the first of November. I just love responding to them with the Spam Assassin body modifications right there in-line -- of course, they haven't commented.
Needless to say, the chances of my actually recommending them as a hosting provider are roughly equivalent to the odds of a squadron of flying pink poodles attacking Finland on December 32nd.
Oh come on, what about that story about the giant squid!? Darrrrrrrrrrr it was 60' long, I tells ya, 60' long! And when they cooked it up and ate it, it tasted like Windex! Windex, I tells ya!
:-)
I also like seeing the litte piggy, weeeeeeeeeeeeeeeeee! So keep posting those spam stories.
IE the founder of the EEF and the guy who refuses to close is open mail relay?
autopr0n is like, down and stuff.
...That is, if you have Mozilla. :-)
alias uptime="echo '5:33pm up 22342352324 days, 6:28, 2124315623 users, load average: 2432.40, 12312.31, 123123.19'"
In the comment from Spamhaus it is clearly stated that only the Verio corporate mailserver is blocked in order to protect their ISP users.
Freevo - Linux Multimedia Jukebox
Hmmm ... i don't know if it cooincidence, but the spam in my Hotmail account has significantly dropped off ... from 30 to 100 spam a day down to 10-20 max ...
A while ago I worked for a now defunct dot-com that dealt in e-mail marketing through opt-ins. When we moved to hosting through verio. They threatened to cut us off even though our mailings were opt-in, and sent from a different (non-verio) location.
Their anti-spam policies were so draconian that we had to move to exodus. When did they become pro-spam?
I know I'm going to hell, I'm just trying to get good seats.
Dozens of the same e-mail (promoting a "Horny Black Sluts" site) reached my mail server; all with different subjects and remitent addresses, and most of them within a single period of less than 15 minutes.
I guess it was one of the most aggressive spamming campaigns I have ever been victim of.
Now, those who support these spammers will have to suffer the consequences. But, who will have to pay the bandwidth when my E-Mail Backup service provider come to tell me that I've reached the limit?
--- "pero toda poesía es hostil al capitalismo"
Mine also, and I asked a couple friends who run ISPs, one in Japan, they also noticed a drop in spam. Could this "Mike and Andrew" health labs really be doing 50% of the spam in the USA?
I work at the help desk at my univeristy (which I will not disclose) and for a while we kept getting spam from email addresses that were from a particular ISP (which I will also not disclose) in the help desk inbox. So the network admins blocked email connectivity to that ISP, but later we got calls from students using the blocked ISP reporting problems receiving mail from the university email accounts. So the admins had to unblock the ISP.
**I dont have the exact details on what was blocked from the ISP.
$cat
Bayesian filters, SpamAssassin, and other client-side content filters can indeed reduce the amount of spam that you see. As such, they can reduce some major costs of spam for the average Internet user, small site, or business: costs such as annoyance, offense, wasted time, and harm to productivity thereby caused -- that is to say, the end-user costs of spam.
However, they have no effect on the cost of the bandwidth and other resource costs of spam, which are substantial for large ISPs and large businesses -- and for the Internet as a whole. In order to perform content filtration on a piece of mail, you must receive it and store it first, which has its costs. (Consider that large ISPs regularly report that anywhere from one-third to two-thirds of their mail is spam.)
Only forms of spam filtration which do not permit the spammer to send the spam to your mail server can reduce the bandwidth cost of spam. In practicality, that means filters which apply to one or more of the following (in increasing order of cost):
(Note the SMTP envelope is not the same as the mail headers, which are part of the SMTP DATA. An SMTP server is permitted to reject mail before DATA, but is not allowed to drop the connection in mid-DATA. If you do not understand this, read RFC 2821.)
DNSBLs -- such as SBL, MAPS RBL, and SPEWS -- all apply to the IP address of the sending system. Domain-based rejection lists (which are not commonly published) apply to the DNS name of the sending system. RHSBLs, and relay checking, apply to the SMTP envelope.
Keep also in mind that one function of some (but not all) DNSBLs is not merely to filter out spam, but to discourage it from being attempted in the first place. By rejecting mail from networks which have proven themselves to tolerate spammers, we tell network operators that if they wish to be able to send us mail, they must kick off their spammers. It's their choice which they do; they just have to choose which is worth more to them: being able to send mail to sites that don't like spam, or being able to host network-abusers with impunity.
(Incidentally, you will find precious little sympathy for calling spam filtering "censorship". Censorship, as those who have experienced it understand, happens when some party uses violent force to stop a view or expression from being published by its advocates (at their cost). Spammers aren't trying to publish their views at their own cost and being violently restrained from doing so: they're trying to steal the use of others' equipment to publish their stuff.)
while you may thank verio for spam, you should also thank it for goatse.cx
OS Server Last changed IP address Netblock Owner
Linux Microsoft-IIS/5.0 9-Oct-2002 198.247.175.96 Verio, Inc.
We really need a law which requires Internet service providers to publicly disclose their terms of service -- that is, publicly disclose what terms of service they actually enforce.
After all, it's really just a consumer protection issue: Verio claims to have an active abuse department, and is thereby misleading people who assume that spammers on Verio's network will be shut down.
Tarsnap: Online backups for the truly paranoid
From the google groups posting about this:
I will conclude by noting that the ixxnet.net autonomous
system was created on 25 july 2002, so it is now in its
third month of life; and that the ixxnet.net DNS seems to
have been put together by the same incompetent that
configured dialnil.com DNS (hint: MX).
What excatly is so incompetent about the DNS configuration? I did a host -t MX ixxnet.net and didn't see anything out of the ordinary?
-Lee
-----BEGIN GEEK CODE BLOCK----- Version: 3.12 GIT d? s: a-- C++++ UL++++ P++ L+++ E- W++ N o-- K- w--- O- M+ V PS+ P
What about Mr Lucas, the local butcher, prevayor of all things meat?
I bet alot of SPAM originates from him, and your never sure of its source.. it could have come from anywhere..
It could be local or it could be foreign spam..
I say we arrange a protest at his door and block any spam originating from his premesis, and only let valid meat products through..
-- If at first you don't succeed, lie!
I've yet to see a single advertisement about reducing a woman vagina. It should have an effect equivalent to enlarging the partner's penis. Why isn't the idea popular?
oh, no! the spam will get thru!
stop this slashdotting immediately!
More legislation? More bullcrap solutions like Spamcop.net? Hell no. We need to go the way of the Distributed Checksum Clearhouse and Brightmail. The moment we (as a network of companies and admins running SMTPs and MTAs) detect spam being received, we report the full headers and decide if we wish to actively block, filter, tag, etc.
And, as ISPs, we simply have to monitor our resources more carefully. If we detect a lot of broadcast activity (i.e. outbound SMTP traffic) we're notified and we investigate. We collaborate.
Real technology can block spam. Laws and crap like Spamcop just make more red tape and are half ass solutions.
Stopping email from the Verio domains is going to cause more pain than it will help. It is only a matter of time until the spammers find some other vendor to help them send their ads. Money talks, and in an open market, someone will provide the goods.
I honestly believe that the only way to free ourselves from spam is intellegent filtering. Making it illegal will only cause the spammers to move overseas, if they even notice the law at all. The internet is far too large an entity to make a difference by blocking the IP addresses of spam-friendly domains. It won't put a dent in the real problem.
I think Microsoft is using its monopoly to support these spammers. Microsoft deserves a phunishment for that too.
I knew Verio was trouble when they absorbed my local ISP and turned it into poop.
Someone set us up the bomb, so shine we are!
ISPs need to realise that if they're not going to do anything about it, they'll be blocked. This happened to us years ago when the ORDB started, and we fixed the problem immediately. We didn't think they were being nasty to us, we realised we had a problem, and we set about fixing it. When ISPs get globally klined from IRC networks, their customers want to know why, and put pressure on the ISP. They listen and respond.
This is no different. If yer gonna be a spammy host, prepare to be blacklisted. Reponsible, rigid, no nonsense, targetted policies are the only thing that will have ANY effect, and even they won't STOP all spam. But it sure helps.
---
When I grow up, I want to be a kid again.
They all have addresses @spam.com and no one ever spams those (since, it's their own email!). Brilliant.
Spam blocking has been around for ages. Blocking broken mail servers has been around for ages. Apparently, it's not working as my mail box still contains a lot of spam.
We need a new solution folks, and blocking large portions of the net will not fix the problem. If you want to make *all* spam to go away, you need a different form of a solution because you can't block everyone who might want to legitimately talk to you. This decision will certainly block a whole slew of legitimate users from speaking with each other.
I'm thinking SMTP needs to be entirely rethought. Unfortunately, this isn't practical either as it'll have the same effect as deliberate breakage during the transition. (hence the reason we don't have ipv6 yet either).
The next site to slashdot will be ready soon, but subscribers can beat the rush and start slashdotting it early!
That's stupid, as I use Verio and hope to continue to send email.
sulli
RTFJ.
Blackhole operators like this are just as bad as the spammers themselves; both groups take great pride in having their head firmly shoved up their ass.
Come on. Blocking all of _Verio_? Thanks for doing your part along with the spammers to make e-mail that much less useful.
Only on slashdot can a posting be rated "Score -1, Insightful".
% whois -h whois.arin.net 26212
OrgName: ixxnet
OrgID: IXXNET
ASNumber: 26212
ASName: IXXNET
ASHandle: AS26212
Comment:
RegDate: 2002-07-25
Updated: 2002-07-25
TechHandle: MS2815-ARIN
TechName: STEFEN, MARKUS
TechPhone: +1-866-949-9638
TechEmail: m.stefen@ixxnet.net
OrgAbuseHandle: MS2815-ARIN
OrgAbuseName: STEFEN, MARKUS
OrgAbusePhone: +1-866-949-9638
OrgAbuseEmail: m.stefen@ixxnet.net
OrgTechHandle: MS2815-ARIN
OrgTechName: STEFEN, MARKUS
OrgTechPhone: +1-866-949-9638
OrgTechEmail: m.stefen@ixxnet.net
# ARIN Whois database, last updated 2002-11-17 19:05
# Enter ? for additional hints on searching ARIN's Whois database.
Ummmm...couldn't the spammers go to a different ISP to distribute their spam? Great...now I see a nomadic tribe of spammers that go from ISP to ISP spamming...thank god for Mail.app on Mac OS X!
"Some fight for law. Some fight for justice. What will you fight for? One day, you will see."
i love spam, I love it!!!
see my picture here
I'm confused. The netblock that verio's mail servers are on have been blacklisted. The message states that they're being places on the BL because of knowningly hosting spammers, and in one case selling hundreds of high speed connections to a known spammer (presumably with the intent of fliiling them up withoutbound spam).
How likely is it that the spammers get gobs of bandwidth and turn around and relay off of verio's mail servers? Isn't it *much* more likely that the spam is being sent directly from the IP addresses assigned to or owned by the spammers?
Unless I'm way off base, I think this is more a punative measure against verio than a real reduction in spam.
And yes, I do support blacklisting.
http://www.quatloos.com/brad-c/directory01.htm
If spammers were prosecuted more aggressively for the fraudulent content of their messages, their failure to honor unsubscribe requests, etc., there would be no need for SBL to black list Verio's Corporate Mail servers. At least SBL is attempting to pick up the slack of a lazy government.
What has surprised me has been the vitriol that has been directed not at the spammers and Verio but at the spam blockers. I mean some of the comments have come close to being as bad as an Emacs v Vi debate. I have only this to say, services such as spam hause (i think thats it) and other similar services, are not compulsory, you don't like it, you stop using it. There is also a massive difference between legitimate marketing via email to a list of opt-in users and the profligate assault that is the "Penis Enlargement" message. I mean come on how many slashot readers are actually going to need that one??? Why the silence? hello is this thing on?
Its lawsuit time here at the track and,, ,, in first place is 'hinderance of interstate trade' followed closely behind by 'defamation of character'. Coming up fast is 'Lost revenue!' This is gonna be a photo finish folks and the loser is *you*. Spammers with big buck convince clueless courts that its ok to send fraud to millions everyday and you eventually have to set up 4700 filter blocks on your own. Thing is, who is gonna help grammy from being taken in by pre-teen-sex?
I find that figure *very* hard to believe. How do they figure it's 100M?
Here's hoping this group is more responsible than SPEWS. With that (likely bogus) figure being announced, I doubt that they are.
Same here. The spam noise level on Hotmail is so intense that instead of checking individual items to delete, it's easier to set your hotmail preferences to display only 25 emails at a time, and then when checking mail just always click on the "check all" box to tag EVERYTHING for deletion. Then quickly scan down the list and maybe uncheck the one piece of email that is worth reading. I've saved my index finger from carpal tunnel this way.
Anyway, I used to plow through at LEAST three screenfuls of garbage at a time this way on Hotmail, but in the past few days, I've been doing only one screenload and getting all of it. So maybe something has happened.
Of course, it's going to come back very soon, so don't get too used to this. It's strange how we've sort of come full circle from being an agricultural economy and shoveling horseshit all day, to having an industrial revolution, and then computers, and worldwide computer networks, and after all this we end up still having to shovel mountains of horseshit around on a daily basis.
I don't want to filter, I want to block.
Speaking of spam, I wonder how much bandwidth all the spamcop reporting uses up.
Basically every piece of spam creates at least five times the bandwidth usage...
1. Send the full headers back to spamcop
2. receive a report link
3. visit the link
4. send reports out to X number of abuse addresses.
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
TMDA offers those who want it the ability to filter e-mail through a confirmation process (or, you can generate "keyword" or "dated" addresses for temporary use in newsgroups and other high-harvester areas). My spam went from several tens of spam messages a day to zero after spending a couple of hours with TMDA.
This solution doesn't do anything about bandwidth (since you will still get the same amount of spam traffic at your mail port), but it's a fuzzy-warm feeling to be in control of your own mailbox for once.
This is at least the second time I see a celebration of the in-jail sexual abuse on Slashdot. I don't know, how wide-spread such rapes really are in US prisons/jail, but I'm quite confident, they are not going to disappear entirely as long as some jerks continue to consider them a good addition to incarceration. "Cruel and unusual" your ass (pun intended) -- or is the 1st ammendment the only one you care about?
In Soviet Washington the swamp drains you.
I block spam using DNS blacklists on my mail server. I'm probably not the only one.
"But," you say to me, "local filters are much better because you might not lose legit email!" I ask you: why should my mail server accept their stupid junk and waste my bandwidth just to filter it out later?
I don't want to my server to accept it. I want it bounced outright with a nice little bounce message. In a happy shiny world, I'm hoping these SMTP rejects will send a message to someone out there. It probably doesn't make a difference, but I can dream.
Yes; some legit email has been blocked. In both cases I'm aware of, the person contacted me through a hotmail account and brought it to my attention. I altered my blocking policy at that point.
I'm open to any options out there for filtering/blocking that does not require me to download it and then filter it. If I wanted to just filter my mail, I can do that using my amazing human brain (better than any spam filter out there, I assure you) and click "delete" on the spams. But I want it rejected outright from known sources.
So until a better option comes along, that's the way it is.
~Seth
this is my sig
I'm not in general in favor of laws, but here's a proposal for one: all commercial email, not just unsolicited (due to problems of definition), has to be marked in the header.
So if you like you can easily delete all (legal) spam; if you do want email from certain sites (like Tigerdirect) you can easily enable it in your spamblocker without enabling all the email from the spammers that those twerps sell your email addr to; and spammers that don't mark email can easily be prosecuted.
This doesn't directly address the issue of wasted bandwidth before the emails get rejected, but I think it would have the result that many fewer spams would be sent anyway.
They promised us that they would NOT use them!
"A plan fiendishly clever in its intricacies"- Homer Simpson
Spammers Fought the Evil Rogue States and spammed Saddam Hussein! You kids should be grateful...
Sometimes the only way to force something is indirectly. Verio will have to choose if they want to support 99% of their "good" customer base, or the 1% of spammers.
I'm suprised at HE.net, I thought they had their act together.
rock on, that's exactly what i do too. i have to transfer my "to be saved" emails to folders to make it easier. and i too have noticed a decrease in the amount of spam i get in hotmail. used to be ~50 a day, now less than 10.
I have wondered if these guys would ever push a stressed out sysadmin over the edge and wind up with a wild-eyed Hagrid-lookalike on their doorstop wielding a .45 and the will to use it! :)
I'm sure he'd get off on an insanity plea. Heck, I'd probably contribute to the defense fund.
whats spam...email me at spamidiot@yahoo.com to let me know, don't send me any penis enlargement pills though!
http://www.vanillaafro.com - take me seriously and I will shoot you
It ain't true censorship, in the freedom sense.
Private property and private, open ended, signed contracts mean that your option is simple: Phone up another ISP and ask them if they will let you receive all the spam you can eat.
You can then transfer your account. No doubt your old ISP will be satisfied that they don't need to pay a developer to add a disable feature (that won't be used by anyone except yourself and one or two other users) rather than get the measly amount most home users pay for internet (about $1-$2 margin per user per month). And your new ISP will be out of business within a year or two as the rest of the ISPs in the world implement filtering and the ones that don't lose users.
But wait! You still have the freedom to get the spam! Just buy a $700/month T1 for your house and again, you have all the spam you can eat.
I'll stick with $20/month internet and run SpamAssassin until my ISP implements filtering for me, because I've never had a false positive from SpamAssassin, ever, except for morons who send HTML-only mail, and I often can't read their crap anyways, and so I summarialy ignore/request ASCII anyways.
Now, if you're in an area with only one ISP, or a government controlled ISP, then I feel for you. But, IMHO, this isn't very common in most free countries (or at least in my corner of the world).
If you could be told what you can see or read, then it follows that you could be told what to say or think - BoC
My mail server uses the spews dns blacklist. Once i get a spam attempt from some lamer on the spews list, i add the entire class C to my firewall and drop all their packets. My attitude is let the dweebs waste time bouncing off my firewall. As a side bonus, it keeps the smtp logs MUCH cleaner : )
Lawyers, MBA's, RIAA? A jedi fears not these things!
...because of the number of spam gangs on the Verio network
As in: we trade in guns, drugs, and oh yeah, we also do a little spamming on the side. ?
I'll probably get tagged as a troll for this one, but...
I support and believe the position that spammers or other unauthorized users of a system that I own are stealing services from me. I further believe it is OK to block their traffic from crossing my equipment.
Now, let's look at this from the telemarketing perspective...My phone at home is one of those models that has a wall wart. I believe when the phone rings, or is in use, it draws more current. So, when a telemarketer makes an unsolicited (and unauthorized) call to my phone, does that mean they're stealing my electricity? What about my most valuable resource, my time? Are they stealing my time?
I hate spam just as much as the next guy. And I don't believe ignoring people who cause a nuisance infringes their right to free speech. I do however believe the "telemarketing" lens will be used by the Judicial System when examining these issues. Sooner or later, these spammers will mount a constitutional challenge to anti-spam legislation. Well, if they are making that much money, anyway. They may not even need the money for such a battle, it seems the EFF just might take up their cause.
cat
'member when Usenet admins stopped filtering spam to get some attention to the problem? That sure as shooting got people to pay attention, what with all the servers that went up in flames from the load. Maybe that's what we need with email, it feels like we're building to that kind of standoff.
Bet we'd see some real legislation and enforcement then, eh?
popfile makes me happy. =)
Large print giveth, and the small print taketh away
I think if a site is supporting or constantly sending out spam it makes sense to be put on a block list but it seems like people put you on a blocklist at the drop of a hat. I use a system with many users that fights hard to stop spam and will kick anyone who sends spam. Now and then someone spams and is stopped but of course by that time we're blocked. Hasn't happened in a long time but just the other day a user sent out a few hundred emails and bam we're blacklisted. Now hundreds of people are paying for that guys mistake.
This works best if you own your own domain name and can create multiple pop boxes. It's still doable using regular email accounts, however.
Step 1: Change your email address to a previously unused address at your domain. Test it for a day, verify no spam is coming in to that address.
Step 2: Email all your trusted friends, relatives and business contacts your new email address.
Step 3: Remove your old email address links from your website and replace them with a feedback form that emails an unrevealed throwaway secondary address using your favorite web -> email gateway scripts.
Step 4: Create a bounce message at your old address, with a link to the feedback form, for all the people you forgot to email about your new address, and for people who want to contact you through your old address as they have found it on google searches or other archived postings, or your old business cards, etc.
Step 5: Receive both the new email address and the feedback form submissions on to your local mail reader. Filter them in to seperate directories. Give out your real, private address to feedback form users once they've verified themselves as being legit. If not, have a throwaway identity you can talk to them through. (the email account that the feedback form mails to) If you start getting spam at that address, simply change it.
Step 6: When you make public postings, post the feedback form URL instead of your email address. When you have to give your address away to commercial websites to sign up or download things, give them the throwaway address, or create a third address for legitimate online companies and filter that into a third folder for "commercial website email" If that get compromised by an unscrupulous business, change it. Still doesn't affect your primary private address.
You can receive the two or three addresses all at once with any modern mail reader, and filter them into folders. I personally use Eudora.
This is a really easy thing to do if you can stand changing your email address. I've had the same address since 1995, so I get about 150 spams per day. I have a filter that gets rid of most of those, but that's local and I still take the bandwidth hit, and about 20% of them get to my inbox still. Rather than try to over-filter and get a false positive, I think the above solution is a worry free and clean way to make a break from spam.
---Mike
I personally heard first-hand that people are using their big networks (/20 and bigger) for falsifying online-polls and get paid for it... That person even told me that he wrote a handful of small scripts to change the reverse-lookup of the IPs constantly to hide the manipulation. Whatever that is good for.
Mostly the online polls are somehow connected to a company ("vote for your favorite petshop in your area") who are willing to pay for it. But... What are online polls worth after after that?
Alex.
You look like a million dollars. All green and wrinkled.
PJRC: Electronic Projects, 8051 Microcontroller Tools
not that any of this will happen, but I see a lot of posts mentioning ideas like adding a new standard, a "SPAM" flag to the standard SMTP headers. What about something even lower than that? tcp/ip has plenty of bits left for "future expansion", why not an "Advert" bit? how about a couple different ones- "Main", "Advert", "Stream", just as bits? You know, things that can be knocked out with very little proccessing by routers?
That could speed things up a lot.
And now a future timeline:
-Terrorist groups note that many routers are dropping "advert" spam before they reach the mail servers, start sending messages with the "advert" bit set, thus avoiding detection by bugs in mail servers
-Government catches on, starts paying close attention to posts with the "advert" bit set
-Advertising is outlawed after Bush calls the advert bit "evil"
-- 'The' Lord and Master Bitman On High, Master Of All
Hotmail just started using Brightmail, hence the drop in spam. It's nothing to do with blocklists or Verio.
Matt. Want XML + Apache + Stylesheets? Get AxKit.
I think that this does a real disservice to us all. The problem here is that as soon as ISPs capitulate to this one request they are therefore obligated to capitulate to all further requests.
Is it okay for the Chrurch of Jesus Christ of Latter Day Saints ought to be able to ask for google.com to be removed?
According to all the positive feedback here, it is. So why the complaints when ISPs censor?
Check out Cisco IPJ's The Uncommon Carrier for some further reflections.
Actually, that just happened last year. Damn poodles, they ate my poor ol' grandma!
-=- 4ntifa -=-
100M users protected by SBL, how much users are blocked by SPEWS? Hands up! Me!
We were blocked (wrongly) a while back by some cowboy with a list.
No you were not. As you yourself later point out, people who compile lists don't block anyone.
Practically everyone listed claims that they were "wrongly" listed (and maybe you were). And you will find an astonishing number of "innocent" people in jail if you do a survey of the incarcerated. I have heard proclamations of innocence from multiple people running open relays and from those who claim to have purchased "opt-in" lists of e-mail addresses. In many other cases, these "wrongful" accusations are because some firm had a registration form with some tiny checkbox hidden below the bottom of the screen that, by default, gave them and/or their "business partners" permission to spam. Frankly, if a company tries to deceive its customers that way, then they deserve to be blocked.
The goal of the blockers is to eliminate commercial use of the Internet.
Spoken like a true spammer*. The goal of the blockers is to eliminate theft of bandwidth, storage, and time via spam. They want to make spam unprofitable both for those who send it and those who enable them. In short, they want to stop people from being bombarded with unwanted bulk e-mail delivered at the recipient's expense. What you said is analogous to saying that the goal of store security is to eliminate commercial transactions in stores.
I have a domain on which I employ aggressive anti-spam filtering, based on IP addresses, addressee, content, and header criteria. In the last couple of weeks, I have received commercial e-mail directly related to purchases from Gateway, TigerDirect, MCM Electronics, HP, and Directron. I do a lot of business on the net and rely on e-mail for everything from order confirmations to customer service inquiries. So please don't tell me that my goal is "to eliminate commercial use of the Internet."
We have to move away from relying on an unreliable communication media (email) just to stay in any form of business at all.
All of the firms that I mentioned above rely on e-mail. Dell never seems to get blacklisted. Neither does HP, Directron, Amazon.com, ebay, General Motors, etc. Just what was your firm doing with e-mail? Were you using it to send advertising? If so, how did you compile the list of recipients? Was it from a link that said 'click here to get our advertisements' or was it via some registration form that purported to be for some other purpose (e.g., order placement, tracking, customer survey, contest, etc.)? I just have trouble believing that some blacklist maintainer blocked you because you sent an order confirmation to someone.
* Note that I said "like" -- I'm not accusing you of anything
Sorry in advance if this is redundant. I know
.jp friends as well.
it's a bit lame filtering spam with spamassassin
after having downloaded it, but if you don't
have any other valid option, this would be
good as well.
Verio is listed on blackholes.us, which make it us easier to set it up on
spamassassin
For instructions click here:
http://www.blackholes.us/docs/usage.html
I already use it with china.blackholes.us, nigeria.blackholes.us and korea.blackholes.us, and
I must say I'm very happy of this setup, even if
idiots like "merrynhappy" still are out from
the filters. Notice that I don't filter all the
foreign encodings, since I want to allow my
Ciao.
Quite simply, there is only ONE list culling method that I would find acceptable: the same one used by the Debian/KDE listservers.
You buy a list of people you think might be interested, you send them ONE email saying "We'd like to send these offers to you, they will be related to ONLY these sales topics. But we won't even send the first one unless you reply to this with "SUBSCRIBE" in the subject line."
You do that, and then immediately DELETE all addresses, only reassigning people to your list when they reply, and it isn't spam, and no culling is possible.
Aside from that, those people who "cull" lists are SPAMMERS. They are stealing time and service, and should be blocked.
First, your phone doesn't draw any more power to ring, or at least it shouldn't. The power necessary to ring is sent down the line. Have you never seen a phone that plugs only to the line? I have one sitting right next to me.
As to your time, well, all sorts of things "steal" your time and and thus far that's not something that you have any recourse for. Besides, you waste plenty of people's time too, it's just how things go.
The big difference between telemarketing and spam is who pays the cost. When a telemarketer calls me, I don't pay a thing, even if I do choose to answer the phone. They pay all associated long distance charges, my line costs me the same amount no matter how many calls I recieve. With SPAM, it is other peopel that foot the bill. The spammers order mail servers to send out thousands of messages, which uses tons of bandwidth on their ISP, and all the recieving ISPs. I work at a university and the amount of bandwidth used to SPAM is not trivial.
This is why telemarketing is not allowed to a cellphone (in the US), you have to pay for all calls including those you didn't initate, so people aren't allowed to make sales calls that would cost you money.
Also telemarketers tend to be much less persistant and much less fraudlent than spammers. Every time I've asked to be placed on a do not call list, the telemarketers have complied (because I can sue them if they don't). Also, all the sales calls I get are really offering me a legit service. When Sprint calls me selling long distance, they will make good on the offer if I want. At least 40% of the SPAM I recieve is totally fraudlent, and spammers don't know when to quit. I have recieved over 10 SPAMs per day for the same thing, form the same company. The only telemarketer I know that tried that receantly is the Miss Cleo service, and they got shut down and fined millions for it.
I do know that one of their employees handling spam complaints did give me a reason to pause once -- she initially accepted a spammer's response, but that action was reversed as soon as I challenged it, and the customer was terminated, and I was sent an apology making clear that this was a mistake, not a new spam-tolerant policy at the company. Later complaints were promptly and properly handled.
I believe that at least three he.net customers were terminated in the past year due to complaints I submitted. (And I was a lowly $200-per-month colo customer, and at least one of the terminated customers was much bigger.)
If he.net is leaving the door open to spam-cartels, despite warnings, then of course they should be blacklisted. I just find that harder to believe. In contrast, my experience has been than Verio is extremely spam-tolerant, even balking at terminating Spamford Wallace (they finally relented and cut him off, which resulted in his filing a frivolous lawsuit against me, costing me $5,000 to get the suit dismissed). All my more recent spam complaints to Verio have gone unanswered, and I know I have several Verio IP blocks already on my filter list, though I haven't blocked all their IP addresses.
-- http://www.MarkWelch.com/ Pleasanton California
Isn't Verio an ISP located in the U.S.?
Isn't spamming a crime in the U.S.?
If so, isn't Verio (or at least its upper management) aiding in a criminal offence?
Isn't spamming in the U.S. punnishable by a HUGE fine? ($50 or so per unsollicited email. say: 200.000 x $50 = $10,000,000 (ouch!))
AS26212 - the new spambone
SPAM doesn't have bones! Or at least if it does, they are ground up really well...
One day we won't be able to send anyone email because everyone will be blocked because of spam. Maybe that's why MS, AOL, etc are scrambling to gain marketshare in IM services.
--
"What do you want me to do? Whack a guy? Off a guy? Whack off a guy? Cause I'm married."
yay, blocking the ISPs kicks arse! - I love it.
I was wondering whether to get a second domain (hey, .uk domains are cheap :-) to do this sort of thing with. However:
- Do you trust your friends and family not to give your e-mail address to other less trusted friends?
- Do you trust your friends and family not to put you in the To: or Cc: list of a mail going to several less trusted people?
- Do you trust your friends and family not to forward mails you sent them, or multi-recipient mails others sent them that also went to you, with your address still visible?
- Do you trust your friends and family not to get Klez and pass your address on to just about anyone?
For me, until I convince more people that they're doing things wrong, the answers to all these are "no".
Having said that, I'm pretty much doing this already; I get a small amount of spam to my main address, but I don't think it gets harvested often, since I've managed to remove it from most web pages (at least the ones Google finds).
Sure, advertisers have a right to free speech. Let them setup a website to promote their product, everybody who wants to see their commercials can go to their website and see it.
Suggesting that spammers have a right to free speech on the public property of others is like saying that I have the right to start digging around in your garden.
Is the answer Jon Postel?
While you may have broadband, not everyone does. Probably 50% or more of Internet users are still on dialup.
While you may only check your mail from one machine, not everyone does. And most people don't have the luxury of setting up an IMAP server so they can access their post-filtered mail remotely. (I do, but a cable modem connection isn't the most reliable, so I often find myself having to read raw unfiltered spam-laden mail.)
Also, wireless access to email from cell phones (either "dumb" WAP browsers or "smart" integrated PDA/phone solutions) is becoming more common. Have you tried downloading 100 messages over a 14.4 connection, only 5 of which weren't spam? Have you tried sifting through 100 subject lines on a cell phone screen. (It's painful even on a Palm PDA screen like my Kyocera 6035's). Thanks to the proliferation of spam in my inbox, I cannot even THINK about using my wonderful phone for email, something which it would normally be excellent for.
It doesn't matter how good client-side filtering is (mine is a manually maintained blocklist, plus a few rules to detect malformed HTML that is always spam and fake Yahoo/Hotmail/Netscape addresses not coming from their servers.), the client still must pay for bandwidth, and in the case of wireless users, per-minute download time at 14.4 (Or in 2.5G systems like Sprint Vision and Verizon Express Network, per-kilobyte.)
Simply put, it costs the user money to receive spam, therefore something needs to be done about it before it reaches them. Server-side blocking reduces user costs in:
a) Download time/bandwidth for the mail
b) Storage costs on the ISP server that are passed on to the user in the form of higher fees.
These are both costs that cannot be negated with client-side filtering.
retrorocket.o not found, launch anyway?
OT, but hey. I started testing Bogofilter this weekend. I preloaded 594 good and 253 bad emails. Had 0 false positives and 2 of 24 false negatives in 24 hours. I had to create a new mail folder called "IsSpam" that I could dump false negatives into. I occasionally have to run "bogofilter -S ~/Mail/IsSpam" to force bogofilter to re-evaluate those emails as spam. My question:
Can I setup a fifo or something such that when I move an email into that file, my system will actually execute "bogofilter -S" with the email as STDIN before sending it to the bit-bucket? TIA
Intelligent Life on Earth
I believe that Verio hosts both Iraq's UN page and the Saddam Hussein page link off of it.
About 20% of my spam actually comes from Verio.net. Yes, I know how to decoded the headers, but I let spamcop do it for me. Verio refuse spam reports from spamcop. I hope they see the light once people start refusing them service.
Posting to usenet seems to work well, especially if it's in one of the groups that are constantly full of flames.
Just pick a few flamewars in alt.scientology, or comp.lang.basic.visual (or whatever the vb group is), and join in with something that's basically a repeat of what someone else just said, only with worse grammar and spelling.
Even if you somehow miss the regular spam email harvesters, if you piss off enough people, they'll sign you up to all the spam lists they can find. Let them do your work for you.
Where I work we used to be a Verio corporate customer. When I saw the direction they were apparently headed wrt letting spammers live in their space, I got us moved out of there. Glad I am that I did so!
Mine too. I've noticed a SIGNIFICANT drop in my hotmail spam.
Now, realize I ONLY use the hotmail account for "commercial" communications - receipts, etc from online purchases so the volume of SPAM is normally huge -- like 40-70 per day before whatever change took place. Now its more like 10.
...the sound they will here will be a resounded *PLONK* as they are entered into a thousands of mail admins' personal blacklists everywhere including my own. When Exactis sued MAPS, all they managed to do was to get permanent REJECT entries in Sendmail ACLs everywhere. Verio should expect no less.
In fact I said it in a later posting. If Verion lawyers up and cartooneys, the sound that they'll hear is resounding *PLONK* from admins like ourselves as they earn themselves their own entry in our personal DNS blacklists. I don't mind one bit blacklisting them to hell and gone if they pull a legal stunt. They can rot in my spambin.
WRONG!!! Alan Brown aka ORBS blocked commerical competition or ISPs that just pissed him off.
WRONG!!! Alan Brown did not block anything. He simply maintained a list. If your ISP used ORBS, then your ISP was blocking the e-mail because it came from a server listed in ORBS. That was the point.
E:\>ver
Microsoft Windows 2000 [Version 5.00.2195]
E:\>help at
The AT command schedules commands and programs to run on a computer at a specified time and date. The Schedule service must be running to use the AT command.
S:\>ver
Microsoft Windows XP [Version 5.1.2600]
S:\>schtasks
SCHTASKS
Description:
Enables an administrator to create, delete, query, change, run and end scheduled tasks on a local or remote system. Replaces AT.exe.
Congratulations, I Am The Owl! A winner is you!
But the organisation, as a whole, needs to change it's policies. Blocking just the end user address space would prevent spam, but not have a great effect on verio.
Blocking all of verios customers, so that they take action, is another.
Hopefully, Verio will file an action sounding in tort, and this abuse by spamhaus and others will come to an end... in much the same way as MAPS received its legal slap in the face. Geeks have to learn that there are legal ramifications for their actions. A mass protest on slashdot, or in the media, will not change the fact that they will be held accountable in a court of law.
Geeks seem to make a lot of noise (mostly online) regarding the law, but have little of substantive value to contribute to the laws themselves. I see so much rhetoric, assumption and lack of understanding of these matters by the geek community that it's obvious why they're not taken seriously in the legal world. So be it... just as man cannot live in a vacuum for very long, geeks cannot survive in the legal world.
Just "report" spammers as easy paths for al qaeda to send messages and order attacks.
Theyll be running from predators in no time. >:>
Does any one know of spam filter that really works? Thanks, The Natural
My understanding of this whole situation is this: Verio allows their costumers to participate in SPAM related activities, and so a very large blacklist has banned them completely. Verio does not fund these organizations, they simply provide access to a very popular TCP/IP network ("the internet").
Now, I'm all for blocking spammers. But seriously - Verio is a service provider, I don't see how it is their responsibility to tell their clients what data can and can't be transfered through thier infrastructure. Infact, it comes very close to what I consider the invation of privacy.
If I use my ameritech phone to call Billy the hitman, and ask him to kill my cheating wife suzy - is that ameritech's fault?
Spamming is a problem, I agree. Something needs to be done, I agree. But leave the service providers out of this --- I believe in free speach, i'm not going to blacklist anybody for not sensoring material that they didn't write. Quote it word for word. I want to hear it from the source. and if I don't like what I hear, I'll take it up with the source.
Don't shoot the messenger.
My question is, how does Verio email a complaint if their corporate servers are blacklisted?
When modding "Informative", please make sure it both has a source and IS actually informative.
Don't spammers hate getting spam?
Knowledge is like ignorance.. too much can be just as bad as not enough.
no, I'm not saying spammers have a right to free speech. It's illegal to spam. As for YOUR resources, they aren't yours anymore than my apartment is my landlords. He can't walk in the door without my permission, and he certainly can't decide what guests I do or don't invite. He can kick me out (though only with proper legal notice) but until he does I can get phone calls from whoever I want, I can have charlie manson over for dinner, he not only has no right to a say in who I invite over. He has no buisness KNOWING what MY decisions were on the matter. I'm straying from my original point though. The reason those who believe in freedom should fight this, isn't an issue of free speech. It parallels the issue of fair use in copyrights. It's the same philosophy that makes it wrong to implement copy protection mechanisms in cd's, books, etc. I have the right to copy it for personal use, the right to print the book out and use the pages for wallpaper, or quote brief passages. Anything that prevents users from printing or copying these materials may or may not stop the criminals, but it also stops ME from doing what I paid for the right to do. If for every 10 spammers you block, you block one legimate user (buisness, home, scientific, it really doesn't matter) then your blanketing that user over just like copy protection schemes blanket legitimate fair use of copyrighted materials and that is wrong.
another note, if this is your personal server, and mail being sent to you, YOU have the right to block anybody sending anything to YOU. It's when your making this decision for others that it becomes wrong.
Cmon, this is informative! How come it hasn't been modded up yet :)
Why not fork?
Abuse.net doesn't rely on the admin of the domain. They just keep a list of abuse addresses explicitly known for various domains. Where a domain doesn't have a known address, it defaults to abuse@the.domain. Anybody can submit an update for a domain if they have information (obviously, authoritative sources are preferred).
For sites with non-english reading admins, there's not a whole lot more you can do (unless you know their language). If they're lucky, they may be able to have someone (babelfish?) translate your letter for them. I wouldn't mind learning mandarin, but I'm not going to learn it just so that I can do multilingual spam warnings.
OS Software is like love: The best way to make it grow is to give it away.
Thank you so much for that! I've downloaded everything and it looks like it's time for me to start learning perl. Your good commenting practice will make it a lot easier. Perl seems both very powerful and somewhat cryptic at the same time. ;-)
The startling truth finally became apparent, and it was this: Numbers
written on restaurant checks within the confines of restaurants do not
follow the same mathematical laws as numbers written on any other pieces
of paper in any other parts of the Universe. This single statement took
the scientific world by storm. So many mathematical conferences got held
in such good restaurants that many of the finest minds of a generation
died of obesity and heart failure, and the science of mathematics was put
back by years.
-- Douglas Adams
- this post brought to you by the Automated Last Post Generator...