Slashdot Mirror
Australia's Largest ISP Redefines Spam
cpudney writes "According to this article in NEWS.com.au, Telstra BigPond, Australia's largest ISP will monitor its customers' e-mails and suspend the accounts of users suspected of sending spam, viruses or denial-of-service attacks. Under changes to its Acceptable Use Policy, BigPond will investigate cable and ADSL Internet customers sending more than 20 e-mails in a 10-minute period, and BigPond management "may suspend the (user's) account while the customer is contacted" if they are suspected of sending spam. Previously, BigPond's definition of spam was held to be 400 messages sent over a 15-minute period and now it's changed to 20 e-mails over 10 minutes. Internet Society of Australia president Tony Hill said BigPond's new definition of spam was very restrictive and he was concerned the limit had been set too low for legitimate e-mail users."
That's going to make life fun for my parents who use Bigpond, and type all their emails offline.
Log on, send 30 or so emails in 2 minutes, and log off.
Then wonder why they can't email again next week.
I hope they at least contact the user before shutting off service. I can think of many legitimate reasons to send 20 e-mails in 10 minutes. My adress book has many times that, and sending a CC to a fraction of my adress book would trip this.
"Sic Semper Tyrannosaurus Rex."
Who here sends 2 messages a minute for 10 minutes? Do you treat e-mail like IM, or something? I am honestly curious.
Never had to answer 20 emails? Great. Just hope you are online all the time and not coming back from a trip or something, where some emails may have acumulated in your outbox. 20 emails is VERY low - I am now going on a three day trip, and I can bet I will have 40-50 outgoing mails in my mailbox when I return, just waiting to hit our email server. So, with their definition I would be in trouble. WHOW.
Why is BigPond trying to identify a spammer from just 10 minutes of traffic. Or even just 15 minutes? I would think it would be much better to have a metric like 1000 emails in a single day. Or 10,000 emails over a week?
I can very easily go through 20 emails in 10 minutes just because I might be having one of those back-and-forth email conversations. I don't know if I could do 400 in a 15-minute period, unless I was running a mailing list (well, which I do, but that's why I use "personal" business ISPs).
This sort of metric just seems extremely silly. Is someone putting pressure on BigPond, or is one of their executives being an idiot?
Great..a slashdot style limit on time between posts.
Now Telstra's customers are just missing the lameness filter and the moderation. The occasional dupe happens in email allready.
Hm. There's a chance a lot of my work on Healthcare Informatics would be modded -1 Redundant and never reach my professor.
Irene KHAAAAAAN!
Ha!
Don't worry, knowing the 'reliability' of Telstra this system will most likely crash and in one month be completely dismissed and forgotten about because the people in charge of this taking care of this will probably be the next people to be layed off...
This is just another effect of spam limiting real users (again), unfortunately we're probably going to be the one to get screwed over out of all of this.
Well at least there trying.
Execpt when it takes a user 4hrs to get in contact with a telstra bigpond techo to get his account reenabled. As if sitting on hold for 1hr on average isn't long enough....
I couldn't tell from the article exactly how they were counting 20 emails (cc's or bcc's count? groups count?). But the fact that they monitor by email sending rate seems interesting. I think adding just one more step to that process could make it really useful.
1) Monitor all sources of emails in which large numbers are being sent over a short time period.
2) Allow a central repository for people to report which emails are considered spam. Once that amount reaches a certain threshold...
3) Connect the dots, you get a spammer.
--------
Bleah! Heh heh heh... BLEAH BLEAH!!! Ha ha ha ha...
Ok. Great. Let's say I have an indie band with an (e)mail list of people who have said they wanted me to let them know about the upcoming release, tour dates, and mechandise info. Let's say my band is actually good and there are a few hundred people on this list. Let's say I use Telstra BigPond.
Looks like I'm looking for a new ISP.
...if not for Slashdot's 2-minute delay policy.
Sheesh, evil *and* a jerk. -- Jade
Our software team is only comprised of 19 people.
If it were 20 we would be in trouble we contacting by mail !
Ok, just send out a little note to my students that I'm gonna be gone on monday and...
cc: student1@asdf.edu; student2@asdf.edu; studERROR ACCOUNT SUSPENDED
Well then... guess they'll just have to figure that one out on their own.
After I have received the wisdom of good teaching, I will untiringly teach all people. - The Teachings of Buddha
What if I just send one e-mail every ten minutes and carbon copy 1000 people?
lets assume everyone of its users sends out around 25 emails sometime on monday within 10minutes to their friends/family/co-workers. If they suspend all the accounts, what kind of hell are they setting up for themselves?? yikes.
No, this is
There's no reason for this. All an ISP needs to do is institute a policy whereby if someone is caught spamming, the cleanup charge is $20,000. They already have their credit card, all they need to do is charge it.
This is America, damnit. Speak Spanish!
Quote:
Under changes to its Acceptable Use Policy, BigPond will investigate cable and ADSL Internet customers sending more than 20 e-mails in a 10-minute period, and BigPond management "may suspend the (user's) account while the customer is contacted" if they are suspected of sending spam.
It doesn't say anywhere they they will suspend your account if you simply send 20 emails in 10 minutes. All it says is they may investigate users who do, and may suspend their account upon further investigation. I really don't see a huge deal with this, and there isn't any plausible reason to get angry with this policy if it is followed properly.
It's not like there's an automatic suspension for exceeding the limit. They're just advising that 20 in ten minutes is the level that now prompts them to look more closely at. If they aren't stupid about it, it shouldn't be a problem.
Admittedly, that's a big if, given that it's Telestra that we're talking about, but . . .
This is going to be a bit of a problem for people running things like majordomo and so on from
their home linux boxes.
If things have been set up to use the ISP's mail servers as relays, which you might do to save on bandwidth, it's going to get sticky. (Or does one message with a trillion addresses count as one message?)
Now if they block port 25 and then do stuff like this... well, there's always the Yahoo groups sort of thing. Alternately, just get them to reactivate it. If you show that you're sending legitimate mail, one would assume that they'd make sure your account doesn't get deactivated again in the future (assuming they're even halfway competent).
Check out my sci-fi/humor trilogy at PatriotsBooks.
I act as a class rep. for the technical program I'm in at school. I often have to send out information via the class email list... of 24 people... Hmmm... I'll be investigated for each email I send out to the list ?
I have a PDA and when I come home and it syncs up, it sends all the emails I've written during the day. Am I a prime target now?
This is my digital signature. 10011011001
People writing mails offline, people sending out christmas letters, people that send out small newsletters (there are 1000's of them!) all will be considered spammers under this policy. This policy is not unreasonable, it's downright tyrannical!
They're only going to investigate those people, not disable their accounts. If they look at it and see that they sent legitimate messages because they just pop on to send e-mail, they'll be find and their ISP will move on. At least this should make the net big enough to actively catch spammers eariler.
It's not stupid. It's advanced.
didn't think this one through, did you....
imagine you want to send a party invite to 20 friends... well, according to you, you're now in need of a commercial account..
Back to clown-school you go!!
Oh this will be brilliant.
Picture this: Telstra Bigpond email systems die again (just give it another week) and you cannot send out your email. You have 20 messages in your outbox waiting to be sent. Finally their systems come back on-line (for now) and you send all the emails only to get flagged as a spammer and denied to email again.
You end up back where you started.
(\(\
(^.^)
(")")
*This is the cute bunny virus, please copy this into your sig so it can spread
One of my uni lecturers uses Bigpond as his ISP. He also has his uni email accounts redirected to his Bigpond address. He had problems a while ago when Bigpond went down. He normally accepts assignments via email, but everything sent to him got delayed a few days. Thankfully he accepted assignments which had been sent to him on time, otherwise a lot of people would have inconvenienced.
This lecturer also has other responsibilities (I won't go into detail here) which require him to him to send out newsletters to all of the students in our department, plus international committees and a large number of university staff. We are a small department, but still have ~100 students. Sending out a student newsletter would trip the new email limit. I don't know how he's going to get around this from home (obviously he can send it using our uni mail server when he's at work).
Just another example of Bigpond not being up to scratch these days. I personally use a competing ISP, and have never had a problem. I don't know how Bigpond is going to keep its customers with shit like this.
It's been reported that SpamCop is paying upwards to $30K / year for bandwidth as a direct cause of the continous DDOS attacks on it.
The spammers are doing everything they can to squeeze the anti-spammers out. They use frivolous lawsuits (aka Mark Felstein and his porn spamming backers) or DDOS attacks that either knock the anti-spam resources off completely or increase the costs so that no hobbyist can run them.
And while all this is going on, the law enforcement agencies are doing nothing to counter the clearly illegal acts of the spammers.
And ISPs are doing NOTHING to reduce the number of zombies on their networks. So the DDOS attacks continue.
Nice going.
It's only a matter of time when someone (Al Queda?) will use the zombie network for something that will truly be noticed.
Proletariat of the world, unite to kill spammers
Damn these corporate giants! I propose we set up a petition so spammers that use Telstras services can complain about this obvious injustice and unacceptable change in services. Just post your name and home/work address and a representative will contact you shortly.
Also as Australia's most expensive ISP this should only effect the wealthy, the ignorant and unlucky (as in some regional areas you get little choice). This should exclude most us anyway.
SPAM = beer = Foster Australian Beer
How reliable is that article ? Can it be the case that we are supposed to discuss the outcome of Ms. Dudley's 10 minute meeting with some Telstra's authority ? Like "uh-huh... spamming... blocking... sending a lot of messages... ok, thank you...". I doubt if the article actually reveals any technical details, because a decision like the one described is simply stupid.
I like my outfit, it's inexpensive, but cool -- April Ryan
Sure, as of last week this a completely biased email, but I really am one guy who was so happy he bought the company (well 0.0001% of it at least).
In addition, they would do the right thing if they implement filters like my ISP did recently. Filter works and comes with no extra (NPI) charge.
I think its a great policy. All isp's should do this. then maybe just maybe we can have 1 spam in our inbox a day.
Some software money can't buy. For everything else there's Micros~1
In my day we didn't have fancy smancy email. We sent messages by shooting old people out of cannons with messages written on dry, combustable paper. And we liked it!
that's wrong. Or else I will be a spammer by their definition. Yet I am just a regular joe doing my email duties. Where is the justice?
Vote with your wallet people.
When I'm sending e-mails to my disproportionately large extended family while drinking cans and cans of Red Bull.
___ In the words of Gen. Douglas McArthur: "I'll be right back."
I have an SMTP server running on my computer. I set it up a few years ago mainly to try to see how good a handle I had on how SMTP works, and I've continued to make use of it mainly so I can create my own Email aliases and help curb the amount of spam I get and keep track of its "real" origins... But setting it up was very little trouble for me. I grabbed a copy of sendmail, compiled it, spent a few hours figuring out how to configure it, registered an MX record with DHS International and that's it... It's running. DHS was a free service the first few years I was with them -- now they charge me $5 per year.
For a brief period my ISP was filtering access to the SMTP port on my residential address, which meant I couldn't receive messages using my SMTP server... But I was still using it to send them out with no trouble! But at some point I contacted them and told them that I only want to have it running for my own usage, just to help curb the amount of spam I get, that I won't be giving anyone else accounts on it and that I understand how relaying works and have correctly restricted it... And a week or two later my SMTP port became accessible again. (Hopefully they actually reviewed my usage logs and tried to relay something through me before they did this... I'd hate to think they weren't careful.)
Sooooo... If I had no trouble setting up my own SMTP server, isn't it reasonable to assume that any halfway intelligent spamming organization would do the same -- set up their own server, then use that server to send out their spam, and avoid giving their ISP the chance to easily monitor their messages' content?
So isn't this really a more or less completely pointless violation of almost always legitimate Email users' privacy?
Please God, let me find my blue hat with the red trim. (Frances Farmer)
How can my Warhol virus harvest its entitled 15 minutes of fame, if they pinch it off after 10 minutes?
Sheesh, evil *and* a jerk. -- Jade
This isn't about stopping spam, serious spammers don't use their own accounts, they relay off others.
What it will sneak through under the cover of Spam hysteria is the following.
1) It will force budget business users onto more expensive corporate accounts.
2) It will stop people batching their email correspondence to miminise online time which in turn will reduce peak load on telstra and also bring in more money.
3) Less nasty but equally beneficient to Telstra it will allow them to stop worm riddled machines bogging down their email servers (Telstra are facing massive damages over the near collapse of their email infrastructure and associated business losses).
'There is a Light that never goes out.'
I smell a troll here, but I'll bite anyway.
"Reasonable?" I guess you don't run any mailing lists. I'm the webmaster for the local homebrew club. Some of our members opt to not have dead-tree newsletters mailed to them; instead, they receive notification in the mail that this month's newsletter is up on the website. I use a throwaway shell script and Mutt to send notices to the 30 members on the list. If Cox were to impose such a limit, I would end up hitting it once a month.
(FWIW, my "home" cable-modem service is actually business-grade (grandfathered from before they started using DOCSIS for residential service) and I run my own mail server on it. Nevertheless, there are plenty of other legitimate reasons why somebody might fire off a smallish quantity of messages...for instance, somebody might send a change of address to everyone in his address book.)
20 January 2017: the End of an Error.
This is just another cr*p idea from Telstra. Acting before they've thought it through again. There's no way they'll be able to police the thousands of users who exceed this amount. Good luck to them - more jobs for those Aussies.
Come on guys, everyone knows what spam is. Its plain and simple. What this seems to be is a description of common behavior patterns of ppl who send spam. Thing is that this is going to have false hits. Filtering on content is really the only way to be sure (other thing nuking from orbit)
Anyone who uses TLS connections to their email server (IE. Secured - or SSL tunneled) and doesn't use Telstra as their email server will be invisible to this - there is no way to detect the contents of a secured link. So any secure SPAM will still get through.
My mail server always does this where for email client connections, and also tries to use it when delivering email to the target server!!! for security/integrity reasons - doesn't yours.
I can tell you that contacting users before shutting them off is a very bad idea. It's very frequent that a user will have wrong contact info on file when you go to contact them...any time you try to wait to contact them you're almost always just delaying for the sake of somebody who knows nothing about their computer except that how to use word...for the sake of what! Notification == waste of time, 16 years experience agrees with me.
The linux hacker
I opened a super-sized can of worms with a (NULL, Dumbass) of a question... damn brain cramp...
1. Detect 20 e-mails in 10 minutes 2. ???? 3. Profit! And as we all know, Telstra will damn their customers to the deepest pit of Hell if it means at least 1c more profit for them... OK, I promise not to get on a 'why utilities shouldn't be privately owned' rant...
If running a mailing list as a mere user gets you in trouble, then have the ISP host the list. Make sure it can only be joined by someone who actually confirms the subscription. Give the list owner a way to kick people off, and allow them to limit posting privileges to the list owner, list members, or not at all (aka wide open mode).
In other words, welcome to 1993. Colorado Supernet used to host a bunch of majordomo-run lists on their machines - either teal or csn itself. You could have their machines do the work for you instead of trying to slam dozens or hundreds of mails out from your lightweight machine. I'm sure that many other ISPs offered the same services back in the days that shell accounts were the norm.
But seriously folks!
This is what you get for being a sheep and supporting your local (ex)Monopoly. No surprises here, none whatsoever.
Pain for many normal users? Sure!
Likely to increase ISPs income? Sure!
Actually going to make a *real* difference to professional spammers? Not likely!
Not much more than the usual big company thinking It's not important to solve the problem. It is only important that we convince the public we're working hard to solve the problem. (eg Microsoft and Security)
Then again, perhaps it'll encourage a few % more people to seriously consider their Internet Access choices in Australia, and they'll be better off in the long run.
If it's not entirely obvious (read-my-sig), HELLstra is not my ISP.
Visit CryptoGnome in his home.
If someone is intent on sending out mass mailing spam, they have LOTS of ways to accomplish this and I'm guessing by having an ISP limit outgoing messages in an effort to reduce spam is not going to stop them.
This type of a system could be effective in detecting and disabling accounts that are infected, zombies or unintentially sending out spam. While it would be nice if everyone was a "good netizen" and maintained their systems and was security minded.. its not going to happen. A system like this, if it is well designed, could be very effective and not inconvience legitmate heavy email users (mailing lists, CC/BCC, queued mailed, etc..).
Good riddance. Spamcop is a pos service. We do small mailings to "registered" subscribers who were interested in our products. 100% legit emails.
Dumbshits submit us to spamcop and immediately I reply to them and their like "Oh, well I didn't think to try the unsubscribe". I proceed to say "You're the dumbshit that signed up, unsubscribe and say you were wrong on spamcop". Of course they don't so we sit there for 30 days for doing nothing wrong. Spamcop won't remove us either...they just let it expire. Bullshit! Spamcop got put in our bit bucket list along with sexfun.net and all the other loser domains.
It's one thing to follow up on claims and it's another to ban first, ask questions later, and unban even later.
Agreed. But fighting the spammers won't prevent that. The only way to prevent that is to secure the majority of on-line PCs so they can't be zombified.
I don't care if it's 90,000 hectares. That lake was not my doing.
Sections in this document:
English Inflections First off, the OED gives nothing but viruses for the plural. Here's its abbreviated entry:
Other sources that support viruses include Birchfield (n Fowler :-) in Modern English Usage (3rd
Edition), and also the Cambridge Encyclopedia of the English Language .
Classical Inflections
While one would hope that the authoritative sources cited above would
suffice, some writers prefer to maintain the classical inflections on
some English words, particularly in technical writing. For example,
conflicting indexes/indices and minimums/minima are both
easily found, depending on the intended audience and use. In that case, what's
the classical plural of virus?
The simple answer is that there wasn't one. The longer answer follows.
Writers who, searching for a fancy plural to virus, incorrectly write *viri are doubtless blindly applying an overreaching -us => -i rule. This mis-inflects many words. For example, status and hiatus only change the length of the final vowel; genus goes to genera; corpus goes to corpora. Others are even worse if this rule is mis-applied, like syllabus, caucus, octopus, mandamus, and rebus.
Anyway, Latin already had a word viri, but it was the nominative plural not of virus (slime, poison, or venom), but of vir (man), which as it turns out is also a 2nd declension noun. I do not believe that writers of English who write viri are intentionally speaking of men. And although there actually is a viri form for virus, it's the genitive singular[1], not the nominative plural. And we certainly don't grab for genitive singulars for the plurals when we've started out with a nominative. Such hanky panky would certainly get you talked about, and probably your hand slapped as well.
This apparently invariant use of virus as a genitive singular may als
Is Telstra really excessively dumb? I would guess not, so let's suppose for a moment that they aren't.
If they're not really really stupid, they might have thought: Gee, I wonder if there's any way to tell what's 3 standard deviations above the mean as far as peak mail sending rate is? Do we have, anywhere, a listing of all the emails that have been sent by our users? Preferably arranged in chronoligical order, with timestamps? If we had that, why all we'd have to do is a little grep and wc action, toss in some particularly ugly perl to aggregate the results, and we'd be able to figure out what normal is. From there, we'd be able to figure out what weird is. Once we know what weird is, we'll know which accounts we should take a closer look at.
I've gotta think they figured that out. After all, they have to have figured out how to count the mails per minute per user to be able to implement this (and their former rule), right?
Of course, it's possible they really are too dumb to look at their own server logs. Maybe they pulled this number out of some business weenie's ass during one of those catered lunch meetings in the big glass windowed room with the collossal oak table. If this is the case, then they'll get false positives by the cartload and they'll quickly be swamped in the acrid stench of their own foolishness.
I find the latter a little implausible. Telstra may be a big evil monopoly, but I don't think they're a big evil imbecilic monopoly.
Stop-Prism.org: Opt Out of Surveillance
What I want to know is, how do they decide if you're sending spam or not? Do they read your email? If so, that's pretty serious - I'd be interested to know what the user policy is with regards to that sort of thing. And if they just disconnect you while they check, that's bloody dramatic! I guess they can monitor you for continued heavy use, and then make a decision, but I can't see any middle ground between those two alternatives.
Either way, yet again glad I'm not with Telstra!
J.
Physicist, consultant, science communicator
I am so glad that I live in the USA where all of our needs are apparently met so we have nothing better to do than debate stuff like this. I am also happy that companines like the RIAA are so confident that all other problems have been solved so that they can feel free to invent new problems. How many years must go buy before we realize that we are all stuck on the same chunk of rock and that there exists no I in the word Team.
If that happened here, I could only imagine the number of pseudo-mass-mailers that would have issues. You know, the people that send almost EVERYBODY WHOSE EMAIL ADDRESS THEY EVER HAD the greatest joke they read this morning, or funniest picture or....
Even I could get screwed over! After releasing a newsletter, which goes out upto 10 addresses (half in BCC), I get to hours old email, dashing through as much as I can, which tends to probably push the limit about once a month.
Besides, this problem could only be gotten around...oh, what, a dozen ways? Zombies, protocol switching, virii (have to write your own) and lets not forget remote accounts and any combinations you could come up with. Signal to noise is most certainly going to be difficult for Big Pond. As much as I dislike what they've done, I sincerily feel for their tech support.
"Yeah...it was the numbers that were irrational, not the murderous cult of vegetarians...." -- Hippasus of Metapontum
I hope there are some other triggers for this system, for example: Sending more than 20 email in 10 minutes The first time you log on to a new account would probably be more suspicious.
Or for the first month or two. I'm guessing a spammer would be willing to wait a week or two before sending out spam, but not to be a paying customer for multiple months before spamming.
For customers who have been using an account for over a year I would hope that they would be much more conservative before even investigating.
But for customers that are in their first month I think it would be a good thing for even more ISPs to investigate as is being proposed in this case. If spammers had to pay for an account for months before using it to spam that might make spam cost-prohibitive.
This signature used to contain a cute kitty virus with ansii art. Please set the slashdot editors on fire. Thank you
but then i could care less anyways. I got sick of Bigpond's massive outgoing spam, and their complete lack of a clue in responding to it, so i ended the problem permanently. For someone people, there's spam. For everyone else, there's iptables :) ( For the clue impaired, i firewalled all of bigpond's network off from my mail server)
Lawyers, MBA's, RIAA? A jedi fears not these things!
Does bingpond intercept all SMTP connections? If not wouldn't it just be possible to buy a small hosting accounts with AUTH-SMTP and send out via that. The other choice would be to just setup an SSH tunnel on a non-standard port and tunnel to another SMTP server
Rus
Cheap UK and US VPS
It helps get a sense of perspective to realize that Australia has a population of 20,000,000.
Stone the flamin' crows, mate. This bloke thinks himself a true-blue comedian. Don't come the raw prawn with us aussies! Streuth mate!
Reputation sets a lot of precedence in this though. BigPond is known for screwups, and not being overly helpful to customers.
When a company is known for screwing customers over, then customers should be a little wary of what their ISP does might not in customers' best interests
This is probably common with all huge Telco ISPs the world over but I think that Bigpond themselves could do more to prevent tides of Spam originating from their customers... I think these mega ISPs have a "CPE" attitude that's left over from their Telco division - i.e. If it's beyond the equipment we provide - it's "Customer Premises Equipment" and we therefore, don't care.
Bigpond could install heavy default firewalling (especially ports 80 and 25) to protect against people who install default operating systems with Christmas tree options or are infected with spamware so they readily become spam relays and force customers to use ISP provided gateway servers. Better yet, ask customers to knowingly switch off their ISP firewalling if they're providing a legitimate Internet service. (and therefore prove that they know what they're doing)
The end days of open-slather unfirewalled broadband accounts for "Mum and Dad" Internet users is long overdue.
The conspiracy theorists claim that because Bigpond charges customers per Mb for both incoming and outgoing traffic, they really don't care if their customers are open-proxy spam relays because they'll be hit with a bill for the traffic "they've" used at the end of it. That's probably extreme, it's more than likely that they just don't care or have the technical/human resources to do anything about it...
If ISP's run spam filters (eg spam assassin) in their incoming servers, why doesn't BigPond run one on it's out going servers. Any emails with subjects like "G%@fasas!!131ah@#@ you wife will love this!" and etc should warrant a closer look. Or how about when their email servers receive about 3000 bounced emails for the same account in an hour.
I have some legitimate reason to send 50 or more emails in under a minute.
Most people using cable and ADSL, unless they've been ..., or has the habit of ...
Exactly. Most. But not all. You list several legitimate activities yourself that could trigger the spam-detectors. There may be more. Thus, it's a poorly thought-out policy.
The more I have to justify what's in the packets I send and receive, the more 'broadband' just doesn't seem very 'broad'.
The Kangaroo Approach to Data Latency on the Grida roo-se minar.ppt
http://www.cs.wisc.edu/condor/kangaroo/kang
The First Hop
"We have implemented a kangaroo testbed which has most of the critical features:
Each node runs a kangaroo_server process which accepts messages on TCP and UNIX-domain sockets.
Outgoing data is placed into a spool dir in the file system for a kangaroo_mover process to pick it up and send it out.
Bypass is used to attach unmodified UNIX applications to a libkangaroo.a which contacts the local server to execute puts and gets."
Simple mistake. I had viruses there, and thought, "Nope, viruses virii... Bugger virii will do, people still know what I mean".
"I've seen grammar nazis before but this is the most incredible thing I've personally ever witnessed."
I read that and the last part of your previous sentence and nearly fell off my chair laughing.
Great work.
Curiosity was framed; ignorance killed the cat. -- Author unknown
This sort of metric just seems extremely silly. Is someone putting pressure on BigPond, or is one of their executives being an idiot?
Don't wonder too hard mate, this is Telstra .
Right?
I object to this for several reasons:
Debunking the "59 Deceits"
You mean they aren't already?
Can we say utopia? The only real way to fight DoS attacks is to apply ingress/egress filtering on routers. That way, not only can packets be traced back to the source, but your upstream may also have a chance at filtering out the DoS.
Why?
/.ers have a smarter way, and can come up with a ruleset better than this.
This ruins their reputation, and hurts shareholders again. Another decision, with no reasons or technical justification. Probably breaches European Privacy laws too - because dumb monitoring like this fails the needs tests.
They can be smarter than this, and most people have Christmas lists of > 20 friends.
I'm sure other
The second rule should be: does it contain 'ADV' if so let it through ; if the senders address is not faked. Clearly labeled, 'honest' spam is not an issue.
Graffiti from Newtown, Sydney in the 1980's:
Q: What's the difference between Telstra and a bucket of shit?A: A bucket of shit doesn't continually rip you off.
They must not make a shorten period of time to check if is a spammer or not. They must do it longer.
Spammers send more than thousands mails per day. no normal user do that. But normal users can send more than 30 mails in a minute if send a greeting to all the address book.
It is simple... enable Spamassassin not just for incoming mail, but for outgoing mail too.
Then calculate the scores of each user. If a particular user is sending lots of email that Spamassassin is "scoring" highly, then it is likely that the user is spamming or at least sending out spammy emails, and would warrent a closer look.
This would increase the load on outgoing mail servers, but if they want to do this right, and do it much more automated than manually reviewing everyone that sends "X emails in X minutes", then this would be one good way.
Or even... hold user's emails that have a very high score in a "pending" queue, and have an admin go through the queue to make sure it isn't spam before actually sending it.
Of course, this depends on Spamassassin being able to correctly target spam versus ham (and recently spammers are getting better at getting around it) but each new version of Spamassassin gets better at this again, so as long as they keep upgrading, the above system would work pretty accurately, and would minimize intrusion into people's private emails.
**FREE** Track and view your phone's via CellID and/or WIFI and/or GPS
The time scale is definately not too small. If the ISP wants to stop a spammer, he should do that as soon as possible (after 10 minutes or even earlier), not a day later, when 10.000.000 e-mails have already left the pc. Once upon a time one of my servers was an open relay and got abused for a spam-run - I assure you: in 10 minutes the server will spout out several thousands of e-mails! Kudos to Big-Pond!
There was an article, featured on Slashdot, quite some time ago, which could be applied here. The thought was that if an identified spammer tries to send to your SMTP server, the service would be slowed down.
To protect both the ISP and the innocent, they could implement a feature where after 20 mails in 10 minutes, mails would only be processed at the speed of, say, one mail per 30 seconds, and maybe slowing progressively after each 100 mails. When the mail pipe has been silent for a given amout of time, say ten minutes, the "mail slower" would be reset.
This wouldn't make much difference for the legit home user but for the spammer (and for a business connection) it would be a tar pit to avoid.
This could probably be implemented just by installing a crappier mail server ;)
~llauren
You don't wait 24 hours and then check if they exceed the limit, you check it everytime they send an email.
Only an idiot like yourself would implement it as you described.
If I had to set up a community listserver on my private account. As well as any e-mail auto-forwarding. When I go online, I get 20 incoming e-mails and thus 20*n outgoing e-mail messages in a short period of time.
Hm...
I agree. This is just a policy change to make it easier to deal with real spammers. By lowering the threshold so low, any real spammer will be in clear violation of the policy and BigPond can avoid bickering over the details of how many hundreds of messages were sent in such a short period of time. I doubt they'll even really investigate the lower threshold abusers simply because it would be way too much work.
I am a bigpond user. and i know that for many users this is a godsend! you see bigpond has very restrivtive and long contracts which cost a lot to buy out of. this gives us the chance to get out of our contract without paying the fee. also... bigpond has the worst spam of any network in the world...simply because they have incompetent staff. this won't stop it.
I tend to agree. Email conversations will easily trip this limit as you usually just do a reply (or reply-to-all) and jot a brief line. You can easily get through those 20 emails.
Also, what about Play By Email games? I regularly play Laser Squad Nemesis (http://www.lasersquadnemesis.com) . This game requires you to send an email to begin the game, another to issue your orders , and for certain users you can send them external emails to chat. After a few games of that you'll soon fill this quota. I'm sure there are other PBEM games out there that use a greater number of mails too.
I have no sig yet I must scream.
What about users that create emails offline and then dial in and send them all.
wouldn't catching ddosers and putting them in jail help too?
A pizza of radius z and thickness a has a volume of pi z z a
And catching them is sooo easy if you don't even know which machine they launched the attack from!
This reminds me of measures taken by YahooGroups whereby if you sent over 10 messages to them (across any number of groups) within a small timelimit they automatically set your account to a suspended status, which could only be reset by a Yahoogroups employee. (This differed from the Bouncing status they set you to if you get an odd bounced mail)
I might have some of the numbers wrong (it was a while back that this was introduced) but it caught out a LOT of users who wrote their mail offline and then sent them all when they connected. I realise this story is dealing with DSL customers, but the comparison remains.
I have no sig yet I must scream.
I'd really not mind at all, to be honest, if my ISP protected me from spammers by putting a hold on my mail if I sent too much within ten minutes. It will indeed affect them most with recurring offline batch users such as myself -- and I'm alright with that.
Once they went away, there was a very different interface, including a "report this as spam" button.
I can only conclude that they've included a baysian (sp?) filter into hotmail.
I've seen a few press releases about upgrades in NZ but no major discussion in places like /.
Was I sleeping the day hotmail did this in the US or is this a pilot trial.
FYI: US corporates often use NZ as a trial location as we
a. Speak English after a fashion
b. Don't matter as there are only 3 people here and 10 million sheep.
that I have on my ADSL, so I am happy that I am not living there.
Some ISP's have blocked port 25 on ADSL connections. But I would rather prefer if it was open and then they should be more than welcome to block it if people started to send spam. and charge 100$ to open it again.
The question arises as to whether or not this is intruding in on not only invasion of privacy, but also a restriction of a medium that (for all intents and purposes) is to be "unlimited and unbridled." Granted I hate spam as much as the next guy, but the thing that bothers me is, will this cause a cascading effect in which will cause further restrictions elsewhere? For instance, many ISPs block certain ports that have been deemed "in use by P2P applications." This I find insane. I don't care if this is a noble cause, it violates 2 things (at least what is acceptable here in America)... "Unlimited" Internet, and invasion of privacay via e-mail monitoring.
- Mr. S.R.
THEY'LL SIMPLY INVESTIGATE IT!!! NOT ARBITRARILY SHUT IT DOWN! AUUGH!
sorry. wading through 100 pages of "well I have am ate who sometimes sends more than 20 emails" articles tends to wear on the nerves.
Might i point out that long-term analysis of mail volume is pointless because in that case by the time the accont is closed alreay more than enough damage will have been done.
We're talking looking at emails for things like "Cheap V1agra! Click here" so I doubt "Newsletter attatched" will pose much of a threat. Admittedly thry could have stressed the "investigate" and "possibility of" sections of text a bit more, but only to protect the stupid from thier own paranoia.
I am one of many. My idea is not unique, nor do I expect my voice alone to sway you. I speak in a chorus of opinion.
I realize you are looking to the ISP to solve the problem.. but is it truly theirs to solve? Heck, why not lobby the huge backbone carriers of the world to start filtering and regulating email traffice? Why not hardware manufacturers? OS vendors?
I WANT them to act like a common carrier, and stay the fuck out of what I do. Charge me for the data I send, not what particular port it is, or what sub-protocol I'm using.. all they should be doing is routing IP.
Letting large ISPs filter and work like this is a slippery slope.... example:
One of the first things to be blocked large-scale by ISPs was port 139. They felt it helped customers, who were using windows in an insecure manner.. and of course, it did help. Others had to follow suit, because their competitors did it and would even advertise the fact.
Then we get ISPs who force you to use their mail server. Sure, someone could just tunnel to their own.. so all the ISP is really doing is making people jump through hoops.
Then we get ISPs that are going to block VOIP traffic, block VPN traffic, block incoming port 80 traffic because it's "not for servers".
Seee the problem?
Yes, the ISP *could* solve the spam problem. I'd rather see them do it by enforcing a policy in this way (investigating if they think there is abuse) rather than filtering traffic.
I thought most people here dislike or even hate spam, DOSS attacks and people with outlook who send out virusses?
Isn't it a bit of a good idea that at least someone is trying to limit all those attacks? I think it is. I'm pretty sure that the legitimate users won't be affected by that monitoring limit (or am I wrong?).
http://www.inspirelight.net/
Stef convinces Pointy Head that its easy to track spammers. I see the whole staff of Columbia Internet explaining to dozens of people why their personal lists got flagged. "Have you considered Jabber?"
Oh, wait, better, a web page that says, "Just click this button to automagically send a complaint to our PHB and Marketting department that you're not a spammer and offer them a chance to be on your personal joke/pr0n/anime list. Additionally, just to clarify, their email addresses are phb@columbia-internet.com and putz@columbia-internet.com. Since they're in charge of this decision, feel free to add them to any list that you think will make them happy or, at least, keep them from flagging down perfectly innocent people like you."
Huge button.
Another AJ to the rescue strip, which will bring the total upto *check* four.
"Yeah...it was the numbers that were irrational, not the murderous cult of vegetarians...." -- Hippasus of Metapontum
One reply to a chainletter will get you shut down.
Damn evil chainletters!
nt
"Sic Semper Tyrannosaurus Rex."
A more realistic cap would be 50 in 10 min. Now if someone would get MSN, Yahoo, and moomia to do the same, at least 70% of all SPAM would dissapear.
Professional Politicians are not the solution, they ARE the problem.
As if Telstra's Mail servers will stay up long enough for people to send 20 emails in 10 minutes. And, given the recent problems, what spammer in their right mind would use Telstra's mail servers if their spam will take up to 2 weeks or a month to get out to everyone?
LOAD ".SIG"
PRESS PLAY ON TAPE
It does take more resources than most anti-spammers have. A little help from law enforcement would be nice -- hopefully before someone uses the same technique to take down something else other than "just that anti-spam stuff".
One line blog. I hear that they're called Twitters now.
All these people talking about having tons of messages in their outbox and logging on to send them must of not read the article. This has nothing to do with dial up. ONLY cable and dsl customers. They are always online (unless you know people who unplug their modem when they arn't using it.)
At least the news from Canada is a little better ... except that's
attributed to their French cultural influence!
"with their freedom lost all virtue lose" - Milton
Ignore the frequency of email. If you are going to go digging into the details of your subscriber's emails, perform a one way hash on all of the recipient addresses and simply count the number of unique recipients in the last month (storing only the hash ensures privacy). More than 1000 - spammer. No spammer could make much money spamming less than 1000 people.
Granted, this is going to add some processing and storage overhead, but it could be done offline, and the statistics gathered used to suspend accounts once a day.
-josh
I had an account with Connectix, I believe it was called, cris.com, where they charged $500 if you went over their arbitrary email limit, which was something like 25 addresses (I think that was a cc:)! (I don't recall the exact particulars of this, but that was rather impressive to have that hanging over one's head.
A simple mailing list, or hell even a forward of something to all your friends and family at once would fall under that limit and get your connection cut off..
Nice they are trying to address spam, but this is a bit overkill....
---- Booth was a patriot ----
ISPs do need to more closely monitor mail that is sent from their subscribers computers--not the content but the destination and headers. Similarly, ISPs need to filter incoming mail as described below. I am glad to see an ISP like BigPond taking some step though I think they could more narrowly tailor their efforts.
Right now three domains owned by members of my family have been chosen by spammers as the forged source domain for their spams, which are primarily sent to AOL, MSN, Yahoo. Working with AOL's postmaster team (which took a long time to find), we have determined these messages originate all over the world from a number of machines on many dozen ISPs and universities--directly from clients on those networks, not mail servers. AOL says there isnt a thing they can do about it (apparently even thousands of spam messages aren't a lot for them and no filtration process exists to, say, block any email which purports to originate from a domain but doesn't originate from the ip address of that domains email server) and I should contact each network directly (a daunting task since no one reads postmaster emails anymore).
Meanwhile, AOL's, MSN, Yahoo, etc. postmaster account sends hundreds of rejected messages to our domains daily.
The spammers' chosen method seem to be to create a relay on these public access networks. Chose a random source domain (which remains relatively constant) and then apply a number of random email account names to create a forged source. Then send to every possible subscriber at a major ISP in small but continuous batches.
Short of requiring authenticated emails, it would still seem relatively easy to detect this spam both leaving and coming in to an ISP:
-- mail is being sent directly from a client and not relayed either through the ISPs mail server or another relay which matches the reply to domain.
-- mail from the same machine continually iterates reply-to names
-- if 100s of messages are being rejected, then logically 1000s must be successfully sent--which means these machines should be more than a blip on ISPs server logs.
-- while messages come in waves, they continue throughout the day (and mail sent by humans is sent in small batches usually during waking hours)
What I would really like is a registry, perhaps tied to my domain registrar, wherein I can register the mail server(s) of my domain(s) and other ISPs can do a lookup for incoming mail and block email which isn't relayed through that mail server/IP address. This simple method would stop all my spam--at least until spammers find a new method.
uce@ftc.gov
I wonder if they *read* your mail to see if
it is spam, or if they log the quanity, or addresses....
> Agreed. But fighting the spammers won't prevent that. The only way to prevent that is to secure the majority of on-line PCs so they can't be zombified.
Perhaps 3/4 of the zombies exist because someone ignored every single warning about opening an executable attachment, and ran it anyway. I'm not saying "users are lusers", merely unsophisticated users are going to compromise any system that isn't so locked down it's unusable. Securing the desktop is important, but no matter what, the immediate upstream also has to be secured as well, so when a box is compromised, the damages can be limited.
I've finally had it: until slashdot gets article moderation, I am not coming back.
Because the VB script that does the counting uses an interger that can only count to 32,767 before becoming 0.
Friends don't help friends install M$ junk.
Friends don't help friends install M$ junk.
SSH and Mutt. He can load whatever he's working right up via sftp then send it out to as many people as he wants much faster than he can email 20 people per 10 minutes.
Friends don't help friends install M$ junk.
By default, hosts exceeding permitted rates temporarily see answers to SMTP commands delayed. Mail gets through, but very slowly.
Clearly the default rate needs to be somewhat higher than 1 recipient/second, and some sort of whitelist for legitimate ISP mail gateways would be appropriate.What I do is reformat the list of network blocks found on the PDL into the spamthrottle configuration file format.
For example, my mailserver is willing to accept no more than one message per second from the DSL dynamic /17 address block used by Ameritech to serve all dynamic DSL customers in downtown Chicago.
That works fine for the one or two DSL users who run their own mail servers and who need to send me mail, but stops bulk scan runs and dictionary attacks.
The same code can be used on an ISP "smarthost" to slow down relayed mail acceptance from their average end user.
I do not deploy Linux. Ever.
I use MailWasher each night - and I usually find 30 or 40 unwanted e-mails. When I use MailWashers's 'process mail' function, it attempts to bounce all of the blacklisted e-mails. This usually results in 30 to 40 e-mails being sent within 10-20 seconds.
Your monitor is staring at you.
Does any of you has a clue about mail servers?
.. well, much longer than otherwise.
Has anyone heard of tarpitting?
You can send 5000 messages if you want, it's only that after the 20th (for example), SMTP server will "sleep 1", then after the 21st, "sleep 2" so you will be able to send all 5000, it's just that it will take
Yeah, thats what I got out of the article - that it was just the threshold that they use internally to determine who's worth looking at and who isn't. Actually I am surprised that they even published the number, as that will just tell spammers how far they can go before they get caught. All the places I've worked at that had limits on what you could do on the internet never told internal triggers that would set off an investigation. That way you knew you were being watched, but didn't know how to keep from being caught, so the only safe action was to not do the things the company didn't want you to do.
At least they will learn to write better. I mean, the only people this would innocently hurt are those that pop off one stupid email after another. Come on! Take more than 30 seconds to write something. This could help reverse the trend of absolutely crappy grammar and speeling you see in emails today...
There exists no way of exchanging information without making judgments. --Bene Gesserit Axiom
One of the 1st things ISP's need to do is clamp down on forged headers.
So you send out what is a reasonable amount of email and they now put the magnifying glass on you, possibly to the point of reading your mail?
Oh yeah, that would give me confidence in my ISP.
It should be clear to any casual observer that when this miserable failure created the Internet, he intended for it to become the hot bed of pr0n and other vices that is today. I mean, the man's own wife wouldn't let him listen to music with the word fuck in it.
If you sent 19 emails in ten minutes... then x6 x24 = 2736 emails a day. That number is pretty hard for a single email. I mean, on a good day I might send a hundred, but never a thousand. However, what would be better is to, for example, get a 'demerit' point every hour you sent more than 20 in ten minutes. If this occurs, say, 10 times a week, THEN they look into it. Would minimise the number of false checks, and thus unhappy customers and checking-staff... Another way would just to check the top 500 accuonts at the end of each week, etc.
This ISP is so bull headed about stopping spam that just one mistaken spam report to them, will permenently disable the users account - NO EXCEPTIONS....
I think this is a bit harsh, and ISP's need to adopt a more reasonable policy of dealing with spam and spammers, and some are just clueless to the fact that most spam from them are as a result of an innocent FUCKUP when a PC users mistakenly opens an attachment.
I suspect that more and more ISP's are going to follow this policy.
John
Forget it - anyone stupid enough to use Winblows is certainly not going to be smart enough to understand the concept of the dangers of opening up attachments. Bill Gates knows this, that's why his wallet is so Phat.
They redefined "Spam"? That's nothing. Those guys already redefined "Unlimited Broadband".
Karma: It's all a bunch of tree-huggin' hippy crap!
how about this: Fuck you and suck my anus you fucking asshole.
Its sad to see fuckhead pigs like you with no fucking humor fucking talk.
Id beat you down too you pasty fat sexless nerdy puke. Fuck off.
Its sad to see fuckhead pigs like you with no fucking humor fucking talk.
Id beat you down too you pasty fat sexless nerdy puke. Fuck off.
Oh, no, whatever can I do? An annonymous coward has cussed me out! I feel so horrible that I have hurt his feelings.
Funny that I replied to Eskarel (565631) and I suddenly got cussed out by an AC, isn't it? I wonder who (Eskarel 65631) it could be?
if one fucking moron shoots another fucking moron in the head in cold blood, then all the fucking morons shoot others in the head and it becomes ubiquitous for any fucking moron to randomly kill you, then it should be legal and accepted right?
when you act like a fucking moron, eg, saying virii, you should be punished for your fucking moronacy by society so you can become a better member of it. not continue to be a fucking moron.
FUCK YOU IT WAS ME LORD TSARKON.
Thou shalt suffer greatly for not knowing when a god strike syou in anger and fury!
Look JuggleGeekFuckingPrick.
You stupid fucking asshole. You are polluting my troll thread.
I cant believe your stupid dumb prick ass doesnt realize WHO THE FUCK you are arguing with. You stupid fucking shitbitch. Lets assume you think this isnt Lord Tsarkon and someone you are having an argument with. So fucking what. So fucking what. You look like the fucking prick asshole here. Now you have polluted my trolls for the last time you hear you little cum guzzling fucking bastard. Fuck off. You need to get a fucking life, maybe a job, pay a hooker for your first time sex, lose a little weight, take a bath and maybe you should also consider going back to school, you strike my as only partially educated.
You stupid fucking shitbitch. I wish you would just shut the fuck up.
Lord Tsarko has spoken.
HAND CODED HTML! WHO WOULD HAVE THUNK IT COULD STILL HAPPEN?
You mean "Thought it would happen," not thunk. Thunking is something a "programmer" should know about. Most people hand core or use code to generate HTML. Big fucking deal
WELL, IT'S MOSTLY HAND CODED. BUT TO BE FAIR, I HAVE USED
HOMESITE 2.5, AND IT IS PRETTY NICE.
So it is not hand coded. Make up your mind. Moron
MOSTLY, I LIKE HAVING A QUICK ONE-KEY METHOD OF SEEING HOW
THE PAGE LOOKS AT ANY GIVEN POINT.
HACKER : STEPHEN WHITIS
You cannot hack HTML. That is an amateurish, juvenile thing to say. You can author HTML, no more. Its as easy as using a typewriter
Stephen "JuggleGeek" Whitis's Resume Page (p1 of 3)
- Moron error. Possessive form of Whitis is Whitis'.
I am currently seeking employment.
Forgone conclusion. That is why resumes are written. Moron.
I am interested in Delphi programming, with an emphasis on internet related applications, user interfaces, and databases. Web design is not a specialty area, but I have basic skills and an interest in developing them further.
Interest in a subject is not a reason to hire you. No one cares what you like. It is about what you can do for other people. Moron. So, you want your next employer to teach you not to suck in web design?
I currently live in Dallas, and have no interest in moving.
I currently have a company "INSERT COMPANY NAME HERE" and have no interest in hiring you.
I am not looking for "traditional" work. Part time work would be considered, as well as telecomuting [SIC] work. The usual 9 to 5 job doesn't interest me, as I have an ongoing project which already takes up a certain amount of my time.
Translation: I'm a loser that cant keep a real job. I don't have the attention span or the responsibility to finish anything. I like to telecommute to further hide my ability to do nothing. I fail to mention the project because its probably killing small animals or fucking sheep.
If you have a project you need done, and the project interests me, I can be hired cheap.
You can be hired cheap because you suck
If you are looking for a full-time, long term, 9-5 kind of guy, then I'm not the one you're looking for. I'm a self taught programmer with 20 years of professional experience. I'm confident that I can be successful with any programming project I take on, but I will only accept offers where the project interests me and the working conditions meet with my non-standard lifestyle.
This isnt a resume. This is a stupid conversation you are having with no one. Self taught means you point out the fact most real programmers will rip you apart. 20 years? Doubtful. Most of your expoerience is more IT than programming. You have never contributed to an opensource project to prove you can submit code, you have no code portfolio. Non-standard lifestyle. FUCK YOU.
I get a lot of emails from headhunters wanting me to consider jobs out of state. I am not leaving Texas. (And I'm very unlikely to leave Dallas.) If your out of state company wants to hire me, then I'll need to telecommute.
You are threatening your employer with the fantasy you might be having about being head-hunted all the time. You will begin by saying, "You want me, but I'm constan