Slashdot Mirror
NZ Spammer Shutdown Makes Big Difference
lump writes "A notorious spammer, based in New Zealand, who had his name and other personal info released first in a national newspaper, and then on the web, has shut down his operation, citing harassment. What interests me about this case is that, in the 5 or 6 days since he has supposedly stopped operating, I personally have had one (1) spam email, to an address which had previously averaged around fifty per day. Colleagues report a similar reduction in spam. All I can say is 'excellent.' Hate to say it, but in this case, vigilante type action seems to have had the desired result. This needs to be publicised, as anything which slows down spam can only be a good thing."
I really have noticed a dramatic decrease in the amount of spam I've received in the past 4-5 days. I figured it was just due to my dilligence with unsubscribing myself to mailing lists but everything just suddenly dropped off.
It's "Viruses", not "virii". Grrr.
My personal account has begun receiving 5-6 SPAM mails per day in the last 2 weeks. Before, I received nothing, ever. I've had the account 2 years. Our business account, i.e. our own domain, has had the e-mail service blocked by our ISP (knology.net) for 6 days!!!!!! They claim it is in response to the worms/viruses spreading throught their systems right now-they have blocked traffic intentionally and will not unblock until they think it is safe. They also hinted that they were mildly infected! Yeah, our SPAM is down to ZERO at work, but not for any good reasons!
Last week: 179 spams
Previous week: 210 spams
Previous week: 277 spams
My spam dropped by 35%. Though I can't discount the possibility that it's just the increased virus traffic slowing the rate at which spammers can send their emails.
I live in NZ and read the original article. + the followups.
The original article was in the national paper The Herald, around two weeks ago. The original article was only a moderatly sized peice at the back of the paper (IT section). The author had simply had enough of the spam and was also worried for his daughters exposure to things such as viagra. So he went about tracking the spammer down. He eventually found him, rang him and organised an interview. Thus the spammers name appeared within the paper and thus harassemnt began.
So then the spammer become worried for his family .
some peoples moderation does not include weed
I read the original article and all the followups. The important part here is the spammer in question agreed to being interviewed...
some peoples moderation does not include weed
We've outed and shut down one minor spammer.
The Register of Known Spam Operations lists nearly two hundred more hard-core spammers, along with everything the anti-spam people have been able to find out about them. Check the list, see if any are in your area, and take whatever action you feel is 'appropriate'.
455fe10422ca29c4933f95052b792ab2
It's not that microsoft is somehow selling hotmail names. That would be a terrible business decision for them, as it costs them an arm and a leg to deal with spam. If there was a way that they could easily stop it with no false positives (pipe dream, alas) they would. Otherwise they're stuck paying for the enormous bandwidth and storage costs associated with running hotmail.com and msn.com. (Yes, I know there's ad money involved, but I would wager it doesn't come close to paying for operations.)
The reason hotmail.com is such a spam hole is precisely because it's so popular. Spammers pound the hotmail mail exchangers relentlessly, throwing any sort of likely username pattern at them and seeing what doesn't bounce. I'm sure if MS published their hotmail rejection logs it would be hundreds of thousands of "aaa1aa3a2: 550 No such user here", "aaa3aa4a2: 550 No such user" and so on. The spammers know that there are millions and millions of hotmail accounts, so if they just spew user names fast enough they're bound to get enough successful deliveries to make it worthwhile.
you've included your real email in a Slashdot submission about spam! Spammers will do everything they can to find out your identity or at least hijack or render your account usable. They're vendictive as heck, so don't reveal your identity when posting this kind of stuff.
I've been using Mailwasher to bounce all his spam, figuring eventually his email would show up in the spam lists as being dead
Please stop. Bouncing spam after the delivery phase is not only naive and stupid, but it makes the life of innocent third parties harder. The From: line is nearly 100% guaranteed to have absolutely nothing to do with the persons responsible for the spam. In most cases it's a random third party, this is called a "joe job." When it happens to you, you receive thousands and thousands of these idiotic bounces (in addition to thousands of angry replies and "please remove" messages) from clueless mail software and cluless users. All you are doing is adding to the problem by "bouncing" spam. You are not bouncing it, you are just forwarding it to someone else's inbox. The only legitimate bounce that you can do with spam is during the mail delivery phase, before the connection has closed. As soon as the message has been delivered, that's it: either delete it or possibly submit it to a spam corpus, but for heaven's sake don't try sending it back to either the envelope-sender or the From: line, as both of these are spoofed and invalid.
"Bouncing" just adds to the spam problem. Stop.
Other related :
Vigilantes wage war on spam
Spammers hit below men's belts
My amount of spam is exactly the same as the previous couple of weeks... so much for this (weak) story. I think we need to "take out" more than one spammer for people to really notice a difference. -pug
I haven't noticed a difference outside of what can be considered 'statistical noise' in my daily spam load. SpamAssassin (or rather the procmail filter that catches what's flagged) puts spam sent to me in a spam trap, from there it's easy to count the number coming in. SpamAssassin is still catching a veritable torrent of spam.
:-]
Funnily enough, SpamAssassin is also flagging the Win32/SoBig worm as spam. It's in the DCC (distributed checksum clearinghouse) and has a number of other 'spammy' features, such as obviously forged From: address and malformed datestamps. Not that it'd run on Linux anyway
Oolite: Elite-like game. For Mac, Linux and Windows
Jeez. I just thought of another vexing thing. Surely John Ashcroft would look the other way if everyone did a DoS/slashdot to the genuinely vile links from ratware distributors.
is that you become pissed because of the bounced e-mail, you go after your ISP and piss him off, and if it's not its fault it will go after his upstream and pass the piss on, and until the problem is fixed, rinse and repeat.
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
The only reason a hosting company has for shutting down a spammer is that they've been blackholed. This is the only thing that works. I have NO pity for folks who also have hosting from these scumbags who are collateral damage. Find a new hosting or colo company or feel the wrath.
... chop, chop!
Oh, if it were just that easy. We're not just talking about copying a few files. Many companies at colocation facilities cannot simply 'switch providers.' The logistics of that are a nightmare. It'd be like saying, oh, just move your entire office
Our company has been looking to move to a colocation facility. In terms of service and support, we chose RackSpace.
We were working out a contract with them. Now we've run into a snag. They have had a history of not dealing with spammers quickly, and being blacklisted. The problem is, a little over a year ago, they remedied this... they now react very swiftly to spammers. Yet they are still blacklisted in a lot of places.
It's one thing to blacklist the spammer, but to blacklist an entire ISP with a huge number of legitimate companies which cannot simply move their entire company without suffering major financial damage is borderline harassment.
Suppose this happens, and the legitimate companies eventually convince the ISP to remedy the problem or they'll leave. Do you really think these blacklist sites take the ISP off then? Oh no, it could take months or years to fix the damage. It's ridiculous.
As someone that maintains a mail server, I will find other ways to combat spam.
Computerese variant; you can find it all over the websites of virus authors and script kiddies.
We here on earth call that "slang." Every industry, culture, and sub-culture has it. All well and good. Sometimes a slang term gets to be so prevalent it will enter a dictionary and be noted as such (usually with sl.) If the term can really hang on, and/or enter into a mainstream culture beyond it's industry (as "byte" has) it may receive "official, formal" language status. The English language "benchmark" (to borrow the technologist's phrase for a moment) is the OED. I'm sure the folks who edit that are monitoring "virii" very closely *cough*
The word "viruses" refers to biological organisms, and the distinction is valid and desirable.
What, are you making this up as you go along? I give you credit for thinking on your feet. The OED cites several colloquial and figurative uses of "virus" as a rapidly spreading "poisonous influence." It's from this sub-text that computers are said to have viruses. No distinction between non- and biological use exists. Good one, though.
Now back on topic: The previous poster contended that "virii" was a Latin term. It's not. The plural of "virus" in Latin (if one fancies oneself as a dead Roman) is "virus." (I don't know what the plural is in Klingon.) Currently, "virii" is a *slang* term spottily popular among youthful script kiddies for the plural of virus. It is akin to "boxen," only several tiers more dorky as many of its users actually think it has some etymological legitimacy, and is not merely a made-up "play-on-words" word.
Happy to help. Glad you stopped by. First one's free.
Well, you could always RTFM. Post your question on NANAE or NANAB and the group will tell you exactly why you're in SPEWS.
for what it's worth, the stats at spamgourmet.com confirm a drop off in spam the last couple of days. (if you look at the graphs, note that there was a server move near the beginning of July that accounts for the big drop and spike at that time).
Are we saying, beyond the featured shutdown, that SoBig, etc. have actually taken the *spammers* out of commission for awhile -- not only by clogging mail servers, but by infecting and disabling their boxes?
who's moderating the meta-moderators?
Boxen is actually just a german word...
:)
It means "boxes"
Here are my spam stats, generated with Rob Park's excellent mboxstats:
Jul 01, 2003 102
Jul 02, 2003 84
Jul 03, 2003 83
Jul 04, 2003 87
Jul 05, 2003 64
Jul 06, 2003 62
Jul 07, 2003 81
Jul 08, 2003 95
Jul 09, 2003 73
Jul 10, 2003 90
Jul 11, 2003 88
Jul 12, 2003 84
Jul 13, 2003 77
Jul 14, 2003 110
Jul 15, 2003 122
Jul 16, 2003 112
Jul 17, 2003 84
Jul 18, 2003 112
Jul 19, 2003 103
Jul 20, 2003 83
Jul 21, 2003 92
Jul 22, 2003 89
Jul 23, 2003 103
Jul 24, 2003 86
Jul 25, 2003 91
Jul 26, 2003 90
Jul 27, 2003 66
Jul 28, 2003 98
Jul 29, 2003 92
Jul 30, 2003 95
Jul 31, 2003 98
Aug 01, 2003 97
Aug 02, 2003 93
Aug 03, 2003 66
Aug 04, 2003 83
Aug 05, 2003 80
Aug 06, 2003 76
Aug 07, 2003 107
Aug 08, 2003 85
Aug 09, 2003 59
Aug 10, 2003 63
Aug 11, 2003 75
Aug 12, 2003 63
Aug 13, 2003 68
Aug 14, 2003 71
Aug 15, 2003 58
Aug 16, 2003 75
Aug 17, 2003 63
Aug 18, 2003 51
Aug 19, 2003 34
Aug 20, 2003 62
Aug 21, 2003 60
Aug 22, 2003 66
Aug 23, 2003 67
Aug 24, 2003 64
Aug 25, 2003 65
There's no getting around it -- the quantity of spam that has decreased in the past couple of weeks.
Note that the corpus is my UCE folder for my primary e-mail address. I do not use any RBLs to block, but I do use SpamAssassin to filter, and then I hand-review my UCE folder daily, weeding out viruses and the occasional legitimate message.
-Waldo Jaquith
In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. In order for Slashdot's garbage filter to let this post through, I need this really long line to bring up the average line length. Sorry about that.
You can be on SPEWS for giving the wrong look. Seriously, SPEWS is an incredibly bad blacklist. The notion of throwing out entire IP blocks, entire ISPs, even entire backbones that MIGHT support spam, is entirely insane. The list is such a joke that the RBL test may be taken out of SpamAssassin in the next version.
The only thing more inaccurate than SPEWS is URBL. (And yes, that is a subtle joke.)
Zodiac Survey