Slashdot Mirror
Web site identifies anonymous spammers
EngrBohn writes "This NY Times article reports on SpamCop, a website that will extract the real origin of anonymous (and spoofed) spam and then notify the spammer's network administrator. This basic service is free of charge, and for a $15 membership, additional services are available. " Cool-maybe I can get their home address and hire bounty...um...er.
This service does not post the spammer's home address. There would be no way to do this unless they have billing info and access logs for every ISP in the world... and even that wouldn't cover it.
This just decodes headers for you, and weeds out the spoofed garbage. It's nifty, though.
Perl is responsible for SPAM? Wow, the FBI better go after Kernighan and Ritchie. I'm guessing that they're responsible for a lot of virii... :)
Posted by wtr:
The general concensus on several different anti-spam mailing lists is that SpamCop, while somewhat useful, frequently misidentifies the source of the spam. One of the many problems is that many older Sendmail 8.6 systems used by spammers don't correctly identify the source of the email comming through the relay. They blindly stamp on anything you tell them in the HELO statement without any verification.
It would be a lot easier to just block incoming
.ac.kr and .ac.jp.
mail from mailservers that are open for relaying.
The MAPS RBL and the other RBL's only work if the
offending site has already been reported. From
my experience the sites I get spam from have not
been entered, and you have to jump through some
hoops to get them entered. Big deal, so the
spammers use the next server on the list of open
relays they scanned for in
Why can't I set up sendmail or whatever program
to reverse-scan the intermediate mailservers for
misconfiguration and bounce mail accordingly?
I know I might bounce some legit mail, but I'm
willing to do that, since my SMTP server only
receives mail for me and no one else. At least
the bounce message could tell them why their
mail was refused and the sender could take it up
with their sysadmin.
Is there such a method of refusing mail from
_ANY_ open relays already implemented in some MTA?
I got an interesting spam on my throwaway hotmail account today. I read it in full just for kicks, and saw an interesting notation at the bottom, which I've copied here:
/. readers being aware of this site's existence. :)
"***Under Bill S.1618 TITLE III passed by the 105th U.S. Congress this letter Can Not be Considered Spam as long as we include the way to be removed."
"To be removed from future mailings Free, simply respond with "REMOVE" in the subject line. This will permanently remove you from all future mailing: remove@update4u.net"
Of course, it's common knowledge that a response will get you spammed to the nth degree. So clearly they don't intend to live up to their end of the deal. Is their legal reference for real? I know that the legality of sending unsolicited mail is dubious at best anyway, thanks to the fax law that was mentioned before. The main concern is that these spammers might be able to turn the tables on us somehow.
Oh, here's something that a completely unrelated search turned up; a how-to for spammers! Behold this nauseating chunk here: http://www.billminder.com/
For the record, I take no responsibility for any damages that occur as a result of hordes of
(of course, the software could just be virus laden bait; we can dream, right?)
I assert ownership of all trademarks and copyrights on this page.
I've been using this for quite a while. It's great becuase most of the spam I get has forged address information in the header (duh).
All you do is post the entire message (headers and all) and SpamCop parses it out and lets you know the e-mail addresses (abuse@, postmaster@, etc) that you need to complain to. It even composes an e-mail for you to send if you want.
Do you even know anything about perl? -- AC Replying to Tom Christiansen post.
Username: cypherpunks
:-).
Password: cypherpunks
The answer to all your login problems
No. DoS is NEVER in order. It's lame, it's childish, and it's ILLEGAL.
-- Give him Head? Be a Beacon?
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
>>Isn't this a privacy breach?
But that's the point! Its an invasion of *MY* privacy to continuously receive spam when I don't want it. I *PAY* for the right to use my email service, why should I have to put up with unwanted spam? Its my email, I choose who to give my address to. If I want ads from a business, I will give them my email address. Most spam is not of a viable nature. Most of it consists of "get rich quick" or "get this thing cheap here."
The ability to be anonymous isn't the issue. I could care less if somebody wants to surf and email anonymously. As long as this person doesn't use their anonymous status to bother me with spam.
Personally, I don't think email should be anonymous. Its a form of communication. How can you trust an anonymous email? There's no way to validate the sender's name, address, etc. It would be like trusting a guy on the street wearing a ski mask and disguising his voice. You can't see his face and you can't recoginize his voice. Would you trust him? I view spam the same way. They falsify return addresses and their own identity - and they want me to buy stuff from them? HA HA HA HA. Uh, no.
Spam is evil. I wish the clueless morons who use it would just spontaneously combust or something.
adaml