Slashdot Mirror
Unplugging Email To Combat Spam
monkeyserver.com writes "from Reuters (via CNN) we hear that 'Consumers who allow their infected computers to send out millions of 'spam' messages could be unplugged from the Internet under a proposal released Tuesday by six large e-mail providers.' They are looking at 100 per hour or 500 per day; this doesn't really sound like a bad idea, though it could cause problems for a few people trying to run companies from their basement..." On the other side of the coin, rastakid writes "It appears that Microsoft is taking its actions against spamming a little bit too far: Hotmail accounts which are suspected of sending spam are closed without a single investigation. This article states that Maariv International registered a new Hotmail account and sent an abuse message about spamming activities from that account, while not a single message was sent from it. Microsoft closed the account immediately, without investigating."
Microsoft closed the account immediately, without investigating.
They own the account! Not to mention, it's a free account...you get what you pay for. Caveat Emptor, Greg...
Before this gets slashdotted:
Exclusive: Hotmail shuts down "spammers" who don't spam
Complain you got spam from a Hotmail user, and Hotmail's abuse team will shut down their account, no questions asked.
Hotmail.com shuts down Hotmail accounts shortly after receiving complaints about spam being sent from them, without checking if the user has actually sent spam, NRG Maariv has learned. Thus, malicious users can cause the shutting down of accounts, as an act of revenge or just for kicks.
In its haste to fight spam, Hotmail has foregone looking into abuse reports it gets from email users. In three instances documented by NRG Maariv, Hotmail's abuse team shut down Hotmail accounts less than 24 hours after receiving complaints about spam being sent from them, even though the spam mail clearly did not originate from those accounts.
In two of the instances, the spammers spoofed the sender's address so it looked like it was sent from a Hotmail account, while they were actually sent through an Israeli ISP. In both instances, the spoofed accounts were shut down.
The third instance was a test: NRG Maariv opened a new account with Hotmail and sent no email whatsoever from it. Using a different email, we filed a spam complaint, saying it came from the new Hotmail account. Attached were Internet headers from an old spam, where the sender's address was replaced with that of the new account.
Within less than 24 hours, we received a message saying the new account was shut down.
"My name is Claire, and from what I have read in your message, you are complaining about the unsolicited email you received from a Hotmail account", said the message written by Claire C. with MSN Hotmail Technical Support. "I have closed the account you reported in accordance with the Hotmail Terms of Use (TOU). It is a strict violation of the TOU for our members to send objectionable material of any kind or nature using our service".
Trying to log on to the Hotmail account, we found it closed. No explanation was provided, just a laconic message saying "Account Closed. Access Denied". No appeal procedure was mentioned. The account was shut down for good.
Hotmail's public relations representative, Waggener Edstrom, has yet to respond to the story.
Really. Those types of machines really are the bane, since Comcast actually started 'doing' something I've seen *nothing* from them. My inbox was empty for the better part of 2-3 weeks, no spam just e-mail. Then yesterday, I start getting a barage of spam from asian open relays. 35 e-mails to 70 spams a day and now it's climbing through the roof, really now. Pop online and I see 207 spams. Gah.
I mean come off it. And you *wonder* why entire asian hosts are blocked. It's because of crap like that, secure your machines or boot the bloody idijits off of them.
I don't care if you are too stupid to figure out *how* to do it, pay someone, call that smart 12 year old who knows how but do it. But bloody well do it.
Om, nomnomnom...
Neither.
"Caedite eos! Novit enim Dominus qui sunt eius"
"Slay them all! God will known his own!"
-Abbe Arnaud-Amaury, before the slaughter of Beziers during the Albigensian Crusade
Someday, you're going to die. Get over it.
It is attributed to Arnaud-Armaury, the Abbot of Citeaux, and "spiritual advisor" to the Albigensian Crusade.
Pope Innocent III ordered the Albigensian Crusade, to purge southern France of the Cathari heretics. It began in the summer of 1209, with their first target - the town of Beziers. The Catholic faithful in Beziers refused to give up the Catharis among themselves. The crusaders invaded. When Arnaud-Amaury was asked whom to kill he replied "Kill them all. God will know his own." They did. The crusaders slaughtered nearly everyone in town, over 20,000, either burned or clubbed to death. Thus they achieved their goal of killing the estimated 200 heretics who were hiding in the town among the Catholic faithful. The brutal crusade continued on for the next twenty years. Eventually the Catholics devised a new approach for dealing with the remaining Cathari heretics in France. It was called "the Inquisition".
"Only one thing, is impossible for god: to find any sense in any copyright law on the planet." Mark Twain
If they do in fact routinely close down accounts after a single complaint without investigating, I find it hard to imagine that hotmail users aren't already being effectively DOS'd. I get so much e-mail spoofing hotmail "From" headers (839 of these messages so far this month at one account), that I'd imagine a significant number of complaints about these spams must be going to hotmail and not to the actual originating ISPs.
...So the system can be up-to-date with all known patches, and still be attacked. Fining people for things that flat-out aren't their fault is likely to be, at best, contrary to the ISPs customers idea about what makes a good ISP...
I work at an ISP where we do virus removals on customers computers. If someone comes in with a virus, we determine whether it slipped through the email virus scanning. If so, we don't charge them. Otherwise it's usually about half an hour labour to clean the system up. Sooo...basically, if it isn't their fault, there's no charge. Mind you, that's if our system doesn't keep the customer's email clean. Whether their Norton or AVG is up to date or not, and the virus didn't come through email, or they're not on email virus scanning, then we charge them for labour regardless where the virus came from.
Hope be with ye,
Cyan
What would it take to look for one email, from one account ? Could they even do it ?
They could, but only if the emails were sent using their SMTP server. If someone uses a hotmail account as the return address but then uses an open relay to send the spam, they would have no way of knowing. Although I suspect that they would see an unusually high number of bounce messages (unless the spammer used an extremely up to date and accurate bulk address list).
Wanted: witty unique signature. Must be willing to relocate.
Their attitude is just assinie, and quite frankly shows that they don't know anything abuot how the internet works (hint: anyone can send email claming to be from anyone else. And almost all spam is faked this way)
You do own your own domain, right?
I'm signed up with one-hosting. They dissallow "anything that might get them blacklisted" basicaly, so sending spam or using your page to host a spam-promoted site. But no black-lists will list you for being jo-jobed (the anti-spammer term for whats happening to you).
The worst part of being jo-jobbed is that there's really nothing you can do about it, since you can't track down the offender. And the hundreds of bounce messages you get every day...
autopr0n is like, down and stuff.
You assume bandwidth and willingness to install. XP needs about 25mb of patches on top of SP1A. And the patches need to be accepted by the user, they won't autoinstall by default. I have seen SO many computers where the little icon for "patches are ready for download/install" is a permanent feature on the systray as the user never clicks it. And by the way thats a great many hours downloading at 56k. Broadband makes us lazy perhaps.
In the tradition of the subject matter... its obviously necessary to make it compulsory or deprive the user of service, in the name of the greater good.
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
grep username logfile(s)
"Champagne for my real friends - and real pain for my sham friends!" http://ericblade.postalboard.com/
Or at least they did when I worked there. I could see 100/hour being an issue for mail lists, but usually 500/day is reasonable and I think that's the only filter they have. One it detects higher than that it blocks port 25. It stays blocked until the user calls in to complain, at which time they get interrogated about mailing lists, viruses, etc. Usually it doesn't get unblocked until they demonstrate that they've gotten updated antivirus etc.
There was that one guy with the legitimate 3000 user mailing list though, he was really annoyed that we weren't going to let him run that.
Introducing the new Occam Fusion! Now with sqrt(-1) fewer blades!
Most of the time the end users have no idea of what is going on, and although they paid for the computer and OS and internet connection they are going to be disconnected.
...
Shouldn't the computer vendours and ISPs be much to blame as well? They are in such a rush to sell their products/services that they fail to tell their customers about their responsabilities as computer/internet users. Then they come around and bite them in the ass by unplugging their connection and charging to fix their infected computers.
Ignorance has a price indeed
Simple. Run a virus scan, which will tell you what virus it is. Do some research on the reported virus(es). The writeup on that particular virus will help you determine how it propagates.
Hope be with ye,
Cyan
Umm, no. The days when you could send emails from your own SMTP server are long gone now.
First, the cheapest ISPs blocked port 25 entirely, except to their own SMTP server. The idea caught on, and most are blocking port 25.
Now, even with the very good ISPs, you can send mail over port 25, but even major ISPs are using different spam lists like the SORBs DUL, that blocks ALL EMAIL from dynamic IP addresses, bar none.
In the near future, having a static IP and one of the better ISPs won't help still. You'll also need to be running your own DNS server, and provide SPF records.
Frankly, limiting people to 500 emails per day is rather benign compared to all the other measures that have already been taken up to this point. All signs point to the future being even worse for anyone who doesn't want their e-mail service provided by one of the big ISPs.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
So get the webhoster (or whoever is hosting the DNS) to set up the SPF record correctly so that the ISP's mail servers are allowed to send email for the customer's domain.
Which brings up another point, the owner of the domain should have 'control' of the DNS (and thus make the decision on whether or not to publish SPF ecords) for their domain.