Slashdot Mirror

← Back to Stories (view on slashdot.org)

I am the Most Spammed Person in the World

Posted by timothy on from the heart-goes-out-to-you dept.

jefp writes "In November 2004, Microsoft's second-in-command Steve Ballmer made some headlines by mentioning that Chairman Bill Gates was getting four million spams per day. At the time, I was dealing with a little spam problem of my own - I was getting around a million spams per day. I found it a little comforting that my problem wasn't quite as bad as Bill's. However, a couple of weeks later Ballmer corrected himself, saying he mis-remembered the stat and Gates actually gets four million per year. This means I was getting one hundred times as much spam as Bill Gates. I've written a tutorial explaining why I get so much crapmail and how I deal with it."

18 of 478 comments (clear)

  1. nowhere by magarity · · Score: 3, Interesting

    I'm pretty sure whoever runs nowhere.com can give you a run for your money in the most spam inbound. Although a lot of those are probably from organizations thinking they're sending to legit opt-in requests.

  2. Good test for thttpd. by caferace · · Score: 2, Interesting
    Seeing as how he's the one who wrote it.

    Hi Pokey!

    -jim

    1. Re:Good test for thttpd. by jefp · · Score: 2, Interesting

      Thttpd is handling the load just fine. My CPU is 90% idle. The problem is collisions. The two-foot ethernet link from the DSL box to my switch is half-duplex. At the height of it I was getting about 400 collisions/second out of 1500 packets/second. It's tapering off now.

  3. Favorite Spam by strongmace · · Score: 1, Interesting

    It would be interesting to know what his favorite spam type is. My personal favorite are the African princes who always need access to my bank account for something sketchy.

    --
    "If we hit that bullseye, the rest of the dominos will fall like a house of cards. Checkmate." -Zapp Brannigan
  4. qmail by mmkkbb · · Score: 3, Interesting

    I like his slam on qmail. Does djb ever address such concerns?

    --
    -mkb
  5. Re:A quick suggestion... by gosand · · Score: 2, Interesting
    Your name in the posting is a link that resolves directly to your email address.

    I always wondered this. OK, Bill Gates gets a lot of email just because of who he is. But why do "everyday" people get hundereds of SPAM messages a day? I don't get it. Are you just handing out your email to everyone? Are these unfiltered messages on your own mail server? I just don't get how you can possibly get that many SPAMs in a day. I have 5 email accounts at various providers, and I get maybe 5-10 a day TOTAL. Are my providers just much better at filtering? Am I just more careful about who gets my email address?

    I have to think that if you get that many SPAMs a day, it is because you are loose and easy with the address, or have a high-profile address.

    --

    My beliefs do not require that you agree with them.

  6. Re:Tip #1 by phildog · · Score: 4, Interesting

    thanks for the plug xtracto, I created and maintain dodgeit.com :-) We were getting well over 1 million spams a day before we started using DNS blacklists. I'm stunned that the story author is weathering the storm with sendmail. I never could configure that beast. Dodgeit is a postfix shop.

    --
    slashsearch.org - slashdot search. powered by google.
  7. What to do... by SamMichaels · · Score: 5, Interesting
    Well his site is dead, mirrordot chokes on frames, and I'm too lazy to google....so I'll risk getting -1 RTFA and post anyway.

    This guy's SMTP server:
    220 gate.acme.com ESMTP Sendmail; Wed, 8 Jun 2005 11:53:27 -0700 (PDT)
    EHLO myhostname
    250-gate.acme.com Hello [myip], pleased to meet you
    250-ENHANCEDSTATUSCODES
    250-PIPELINING
    250- 8BITMIME
    250-SIZE
    250-ETRN
    250-STARTTLS
    250-DE LIVERBY
    250 HELP
    Pipelining is turned on for untrusted hosts. Nice.

    Either way, a good portion of the spam hitting my system never even makes it to EHLO/HELO time because if there's any sort of resolution problems with the dns/rdns or if the hostname contains the IP address in it (RFC violation) I delay the connection 20 seonds before the greeting. RFC states clients WILL NOT send data unless asked to do so, except for pipelining which is not advertised for untrusted hosts. When the MTA sees a bunch of incoming crap, it drops the connection because they violated the RFC rules for handshaking (clients MUST wait for the greeting). This does not affect legit MTAs with temporary problems.

    I go through a whole bunch of other checks even before DATA time, delaying at each step if there's a problem. 90% of the spam/viruses never even make it to scanning for spam/viruses because they violate something before that and the connection get drops (or they drop it from waiting). Once again, delaying 20 seconds does NOT affect legit MTAs.

    Big writeup on SPAM filtering

    My MTA
  8. Re:Greylisting by Elwood+P+Dowd · · Score: 1, Interesting

    Greylisting will prevent you from receiving email from a variety of non-complying SMTP hosts. Lotus Notes/Domino/Whatnot among others, IIRC.

    --

    There are no trails. There are no trees out here.
  9. Re:Greylisting by Greyfox · · Score: 2, Interesting
    It would appear that a number of phishers actually go through real mail servers rather than some spam software designed to blast out thousands of mails at a time. Since I installed postgrey, the vast majority of the spams that have made it to my desk have been from phishers. Enabling spf checking filters out a good number of thouse, although for some reason I get soft-fails instead of fails from forged e-bay addresses (Easily solved, just blacklist anyone claiming to be from ebay at the mail server, since I don't deal with them anyway.)

    I'd really like to see everyone adopt SPF so I can start refusing domains that don't have SPF records published for them.

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  10. Re:Greylisting by Just+Some+Guy · · Score: 2, Interesting

    The nice part is that it only takes one major ISP enabling greylisting to automagically fix those out-of-spec servers. People might not fix their configurations for me, but I'm pretty sure they might respond differently to AOL or Earthlink.

    --
    Dewey, what part of this looks like authorities should be involved?
  11. I have a high-profile address... by argent · · Score: 3, Interesting

    I have had the same address since 1989, long before there WAS a spam problem. My email address was all over Usenet when Cantor and Seigel sent out their first spame, which means it's all over Google Groups. The horse is so far out of the barn its grandchildren are headed for the glue factory.

    In 2000, the last time I added it all up, I was getting 300M a month *after* applying blacklists. At this point my mailserver is blocking several countries and ISPs, using multiple blacklists, and running some custom greylist software I wrote myself (for qmail... sorry, Jef), and my local mail client's only seeing 20-30 spams a day out of the hundreds of thousands (maybe as many as a million, it's too depressing to keep track) of delivery attempts that show up in my logs.

    If you don't mind changing your email address now and then, more power to you, but I'm damned if I'll give the bastards the satisfaction.

    A billion MIPS for defence, but not a byte for tribute!

    1. Re:I have a high-profile address... by gosand · · Score: 2, Interesting
      If you don't mind changing your email address now and then, more power to you, but I'm damned if I'll give the bastards the satisfaction.

      Or if you don't have a choice. I used to use my work email for all my usenet stuff back in the late 90s. Then I left that job, and started using my own email address. That provider changed domain names, then I dropped them altogether when they took away all shell accounts. Then I had Earthlink for several years. I then moved across the country, and now have a new provider. So I have changed my email address, but only about every 3 or 4 years or so. But I have had a Yahoo account for about 5 or 6 years now, and I don't get much spam at all on it.

      I think it all comes down to not giving out your email account. But even then, you don't have much control. At my last job, I ONLY used my work email account for work, I never sent email to anyone that wasn't work related. Then some dope at work got their laptop infected, and all of a sudden I was getting spam (my address was in their address book). Or if you get people who use that "send this news story to a friend" link to send you news stories and crappy little animated doo-dads that they find funny. ARGHHH!

      --

      My beliefs do not require that you agree with them.

    2. Re:I have a high-profile address... by Just+Some+Guy · · Score: 2, Interesting
      Same here (although for not nearly as long a time), and I'm not about to replace my address - it's too widespread to migrate my friends and family to something else.

      I wrote an article about my Postfix + Amavisd + SpamAssassin + ClamAV + Greylisting setup; I'm down from many-thousand spams per day to one or two. We've reached the point where technology can do an excellent job of separating the wheat from the chaff, but people seem slow to adopt it. I'd go as far as to say that if you or your company still get significant amounts of spam, then it's a voluntary decision.

      My only wish is that SPF were more widespread. One of my domains, honeypot.net, seems to be a favorite for spoofing, and it wouldn't hurt my feelings to never receive another whiny email from someone who just decided that they've had enough and wants to start fighting back.

      --
      Dewey, what part of this looks like authorities should be involved?
  12. Re:And that's why.... by Anonymous Coward · · Score: 2, Interesting

    http://www.vischeck.com/vischeck/

    This makes it past most filters becuase it is needed for web developers. It renders a page as if you had one of the three forms of color blindness.

  13. That's not all. by Grendel+Drago · · Score: 2, Interesting

    Ha---that's nothing. I saw someone modded up to at least +4 for responding to himself with a caustic put-down of his own original post.

    I replied, saying "Did you actually get modded up to +4 for pimp-slapping yourself?". He had.

    --grendel drago

    --
    Laws do not persuade just because they threaten. --Seneca
  14. Annoying Spammers with pf/spamd by Alejo · · Score: 2, Interesting

    A very nice read:

    http://www.benzedrine.cx/relaydb.html

  15. Re:Greylisting by csk_1975 · · Score: 2, Interesting

    Problem is that when spammers are using bot armies of millions of machines, resource costs aren't such a barrier for them.

    The downside of grey-listing is that the easiest way for spammers to circumvent it is to simply use their bots to flood a recipient mailbox with the same message again and again until the greylisting timeout expires and the message(s) is accepted. To the recipient MTA there is very little difference between a proper message being retried and a spambot crapflooding the hell out of a mailbox - especially since some MTAs make a really poor job of being standards compliant and seem to take a 4xx temporary error as an invitation for an all out DOS to try and get their message delivered.

    This has the unfortunate side effect of spam zombies sending 100s of copies of the same message for hours at a time. And on systems without greylisting it means a huge increase in duplicate spams being received.