Slashdot Mirror

← Back to Stories (view on slashdot.org)

Giving Your Greytrapping a Helping Hand

Posted by timothy on from the longing-for-more-actual-violence dept.

Peter N. M. Hansteen writes "Some spam houses have invested in real mail servers now, meaning that they are able to get past greylisting and even content filtering. Recently Peter Hansteen found himself resorting to active greytrapping to put some spammers in their place. The article also contains a list of spam houses' snail mail addresses in case you want to tour their sites."

9 of 109 comments (clear)

  1. Couldn't you just blacklist those servers? by interstellar_donkey · · Score: 3, Insightful

    It just seems like it'd be easier now to find out the spam mail servers and block everything that comes from them.

    --
    The Internet is generally stupid
    1. Re:Couldn't you just blacklist those servers? by Anonymous Coward · · Score: 0, Insightful

      Or everyone could just abandon email and move to using facebook to communicate.

      Oh, that already happened.

    2. Re:Couldn't you just blacklist those servers? by Jurily · · Score: 1, Insightful

      Your post advocates a

      You know what, fill it out yourself.

    3. Re:Couldn't you just blacklist those servers? by gmuslera · · Score: 2, Insightful

      They are likely not keeping these servers indefinitely but renting them temporarily which makes this not a viable long-term solution.

      For the ones renting them servers.

    4. Re:Couldn't you just blacklist those servers? by FooAtWFU · · Score: 4, Insightful

      This is the point where we send you Gmail invites and suddenly you've blocked Gmail.

      --
      The World Wide Web is dying. Soon, we shall have only the Internet.
    5. Re:Couldn't you just blacklist those servers? by JoshuaZ · · Score: 2, Insightful

      And are we not to expect that anyone renting servers has to check in advance that the people aren't spammers and if they mess up at all then they lose their entire business? How is that either just or practical?

  2. Re:Um, by tepples · · Score: 4, Insightful

    So is spam really that large of problem in 2009?

    It's Gmail's problem. The cost of filtering spam means Google has to put more ads on your messages and, if Gmail becomes unprofitable, possibly even terminate free Gmail.

  3. Re:Um, by noidentity · · Score: 4, Insightful

    I have gotten exactly one spam message that has made it past Gmail's spam filtering this year (2009) and it was quick and easy to delete. I don't give my e-mail address out to everyone, but I do sign up to many things with it yet still it is very rare for spam to make it to even my spam filter. So is spam really that large of problem in 2009?

    I have seen exactly one malware on my machine that my virus scanner picked up and it was quick and easy to delete. I don't leave all my machine's ports open, but I do leave several vulnerable ones open yet it is still very rare for any of the malware's operation to be noticeable to me. So is malware really that large of a problem in 2009?

  4. Easy by coryking · · Score: 3, Insightful

    Because it is cheaper in terms of bandwidth and CPU to first reject email based on things other than content. For example, you can quickly weed out about 85% of all spam traffic by just rejecting assholes who use mail-formed HELO's or don't have proper DNS. Filtering based on simple things like that dont eat your CPU and are very effective*. You can also weed out a bunch of trash by simply blocking residentail IP addresses using Spamhaus**. Greylisting will nuke about 10% of the rest, leaving you with 5% for content filtering.

    If spammers buy "real servers" it means they aren't sending you bullshit headers with funky smelling DNS. It means they will eat into your CPU budget because you now have to fall back on content filtering. You dont want to do content filtering. You want to have spammers strike out because they aren't acting like real mail servers. 85% of spam comes from shit that acts nothing like a legit mail server.

    * If you your EHLO doesn't match your reverse DNS record, say HELO to a disconnect. If AOL and Yahoo are doing it, I'll do it too. Cause if you don't have it configured the way the big-boys like it, you have worse problems then me rejecting your email...

    ** whose list of residential IP's are provided by the carriers themselves, not a bunch of spiteful assholes like SPEW's. And if you insist on running some SMTP server at home, you can de-block yourself automatically by visiting their website. Plus I'm pretty sure the bigboys use this list as well, so again, if I block your email, AOL and Yahoo are blocking it too.