Slashdot Mirror
Where Does Spam Come From? No, Really?
jnazario writes "The Center for Democracy and Technology has recently put together a really neat paper studying the methods by which spammers get your email addresses. The report posted otherwise unused email addresses in a variety of locations, using different techniques for visibility (ie HTML encoding vs plaintext) and then watched what accumulated after six months. They generated some interesting results into the methods by which spammers can track you (with publicly available websites containing your bare email address being the most popular method) and even some techniques to stop spam, such as HTML encoding your email address. A very interesting read."
This seems familiar.
that Spam comes from a 'SPIG'. Cousin to the pig, but has to be mechanically seperated before being canned and served.
From those damn Spamers I'd guess.
:)
No wait, better - it comes from those companies who profit from the utilisation of bandwidth. People who sell email servers marketed as coping with massive volumes of email too. Oh, and lets not forget the people spam filters!
Cynical? Me?
If Slashdot posts the same report three times, is that slashspam?
SLAM: An unsolicited duplicate Slashdot story.
"'These antispammers should get a life[...] Do their fingers hurt too much from pressing the delete key? How much time does that really take from their day?"
S PA M.html?pagewanted=print&position=
s s/ 1877197
"By contrast, she said, '70 million people have bad credit. Guess what? Now I can't get mail through to them to help them.'"
The whole story is available at:
http://www.nytimes.com/2003/04/22/technology/22
Also available at
http://www.chron.com/cs/CDA/ssistory.mpl/busine
Is Alyx Sachs the female Alan Ralsky?
I like to have fun with this one. Make sure that you take out any "serial numbers" which might be embedded in the link. Call as many dynamic scripts on the page as you can.
#!/bin/bashCOUNT=0
while [ $COUNT -lt 2000 ]; do
lynx -dump $1?YOU_FILL_MY_MAILBOX_WITH_UNSOLICITED_CRAP_AND_
let COUNT=COUNT+1
echo $COUNT
done
Okay, it's ugly. And who knows if they actually check their weblogs? But it makes me feel better.
Besides, they were warned on my webpage, which outlines all the policies with regard to sending e-mail to my domain.
A really neat extension would be to have a script which parses the e-mail for links, de-fluffs them (to remove redirects through Yahoo and obfuscators like that) and automatically hits each and every one of the URLs given... but I haven't gotten around to it yet.
Fire and Meat. Yummy.
Conclusions
1. E-mail addresses harvested from the public Web are frequently used by spammers. By an overwhelming margin, the greatest amount of spam we received was to addresses posted on the public Web.
When an address has been posted on the public Web, it can potentially be viewed by hundreds of millions of users. People who develop spam lists exploit this feature by using address-harvesting programs to surf across thousands of web sites, collecting any e-mail addresses that they encounter. Most users have no idea that their addresses have been harvested until they begin receiving spam.
2. The amount of spam received by an address posted on the public Web is directly related to the amount of traffic that Web site receives. The more visitors a Web site has in a given period of time, the greater the likelihood that an address-harvesting program used to send spam will scour it. As a result, addresses posted on high-traffic Web sites are likely to receive a greater amount of spam than address posted on smaller sites -- popular Web sites are more frequently "harvested," and addresses posted on those Web sites are added to a greater number of spam lists.
3. E-mail addresses harvested from the public Web appear to have a relatively short "shelf life." When e-mail addresses we posted on the public Web were removed, there was a pronounced drop in the amount of spam they received each day. The change was not absolute -- on a given day, an address might receive a few spam messages even months after it had been removed from the public Web. But such spam was on the order of 2 or 3 messages per day, compared to the thirty or more messages received by addresses still on the public Web.
4. Addresses posted in the headers of USENET messages can receive significant spam, though less than a posting on the public Web. Like most Web sites, USENET postings are publicly accessible and may be targeted by e-mail address-harvesting programs. When a user includes his or her address in the heading of a USENET message, that address can be harvested and used to send spam. Our preliminary data indicates that some USENET newsgroups are more frequently harvested for e-mail addresses than others.
5. Obscuring an e-mail address is an effective way to avoid spam from harvesters on the Web or on USENET newsgroups. Even when posted in publicly accessible areas, none of the addresses we obscured -- whether in English ("example at domain dot com") or in HTML -- received a single piece of spam. Users who want to avoid spam should consider obscuring their addresses when possible.
6. Sites that publish their policies and make choice available to users generally respected those policies. A major element of the CDT project was to submit e-mail addresses to a number of popular businesses and other organizations on the Web. Many of these sites had privacy policies describing how they handle e-mail addresses and other potentially sensitive pieces of information. While the terms of these policies varied, we found that almost all sites followed their policies. In addition, when consumers were offered choices about how their personal information would be handled, those choices were respected.
7. Domain name registration does not seem to be a major source of spam. Despite the fact that the WHOIS database is publicly accessible, our project received just a single spam message to an address that was in WHOIS for six months. This leads us to believe that, at least for some people registering new domain names, listings in the WHOIS database may not be a major source of spam. However, because our project had a relatively short duration, we were not able to examine whether additional spam would be received as a domain name approached its renewal date.
8. Even when an e-mail address has not been posted or shared in any way, it is still possible to receive spam through various "attacks" on a mail server. In our study, a "brute force" attack on the mail server generated a t
Works for me, anyhow.