I'm using Multisync with my Siemens S55 (connected via Bluetooth). Via IrMC, it can sync mobile phones via IrDA, Bluetooth or serial cables. Providers for SyncML, Evolution, OPIE (Sharp Zaurus or HP iPAQ running GNU/Linux), WinCE, LDAP, Palm and Backup exist as well.
What they can't hide is the spamvertised target, as they want their victims to click onto a link and order something. Now you can resolve a link's IP address and check it against some common DNSBL blacklists (most spamvertised hosts are listed on SBL, SPEWS or chinanet.blackholes.us), or extract its domain and test it against some RHSBL or manual lists.
What is more, if you multiply Bayesian or "word list" spam scores with results obtained with other methods, spammers may put "non-spammy" words into their spams as they like, but they only score their crap up instead of down.
They should do something about all those spammers using their service. Seems like about 20% of the spams I run through SpamCop resolve back to Comcast as the email source.
That's why most Internet users call them "Spamcast" and don't accept any email from their IPs. But it's good to see that Spamcast *has* an anti-abuse policy, it just doesn't get enforced to combat spam originating from their netblocks.
Maybe some mass-downloads of pr0n, w4r3z and m0v|3z through open proxies would finally make Spamcast shut them down. A year ago mass-downloads of premium-rate dialers (frequently spamvertised by German spam gangs) through open proxies within Latin American netblocks (200/7) helped to have most of them closed.
...to get the spamvertised ISP's hat color and adjust spam scores.
A while ago, I made a SpamAssassin patch which resolves any URL found within an email and tests the resulting IP addresses against blacklists which are otherwise used to block unwanted email. A lot of Chinese bulletproof servers' IP addresses are listed on the Spamhaus Block List (SBL) and/or SPEWS as well as on certain *.blackholes.us lists.
WindowMaker's dock keeps the most important application icons and applets in place. As the workspace clip's icons are specific to virtual desktops, it is quite easy to use one virtual desktop for word processing and spreadsheets, another one for drawing and a different one for WWW and email. Icons of minimized applications stay out of the way, too.
For my Usenet and Web forum activities, I'm using unmunged email addresses with "temporary" subdomains, e. g. "slashdot@expires-200401.docsnyder.de". After some time I will deactivate them in my DNS - they no longer exist, neither do their MX records. Except for a few DNS queries, spammers don't even cost me any significant network traffic - they don't find my email server!
Of course it's some work changing email addresses after expiration (I'm rotating most of them after three months), but it's less work then eating all their spam.
Bluetooth provides approxamatly 784k/bits a sec transfer speed. This is terrible... even slower than USB 1.1
As a different approach, if Bluetooth had a universal storage protocol like USB-Storage or CF/PCMCIA or SD/MMC/whatever, a camera might directly store a new photo on an iPod-like fileserver in the backpack, connected via Bluetooth. Or imagine a "wireless USB stick" as a storage medium, remaining in your pocket while you access or store some files on it. Bandwidth would certainly be too weak for video streams but sufficient for some photos or documents.
CHAMPAIGN, Ill. (AP) - Soon spammers in the United States, China and Russia will be able to collaborate in cyberspace over a new high-speed computer network that includes the first direct computer link across the Russia-China border, developers say.
The network, expected to go online next month, will ring the Northern Hemisphere, connecting spammers in Chicago with machines in Amsterdam, Moscow, Siberia, Beijing and Hong Kong before hooking up with Chicago again, said Alan Ralsky of the National Center for Bulk Email Advertising, one of the leaders of the Little CHINANET project. Spam will flow at 155 million bytes per second.
"This new network permits us to learn more from each other in areas where we have not worked together in the past," Ralsky said Monday.
[...]
Spammers have always chosen black-hat ISPs that assure them the capacity to send huge volumes of emails at speeds much faster than typical deliveries and for real-time bargains on high-tech penis enlargements, Ralsky said.
Little CHINANET - an acronym for Common Harbor for Incredibly Nasty Advertising Networks Exceeding Tolerance - will allow spammers and bulk hosters to work together on such issues as ignoring complaints, safeguarding spamvertised sites, monitoring server performance or joint open proxy exploration.
[...]
Little CHINANET is a "first big step" toward development of the higher-speed CHINANET, Ralsky said. That effort, expected to be launched later this year, will send spam at 10 gigabytes per second, 60 times faster than the Little CHINANET.
Computer connections have fostered spam collaborations that otherwise might not have happened, Ralsky said.
"There's some advantage to having people being able to talk more regularly," he said. "There are fewer misunderstandings. I think these networks are going to be more important to the more critical issues that we're all addressing together."
T-Online got probably the most useless abuse department of all major ISPs. I wonder what they will do to AOL?
Both AOL's and T-Online's abuse departments aren't that bad. If you know some people who work there and inform them directly about abuse, they'll react quickly and correctly.
What's wrong on both ISPs is the way abuse notifications are being handled officially, that is, if you don't know any people there and inform them via official addresses. abuse@aol.net seems to be equivalent with/dev/null - e. g. the German AOL abuse team won't ever see any emails sent to this address, and if they do, it's way too late. abuse@aol.de (which might be useful to reach them directly) doesn't exist, that's why aol.de is listed on rfc-ignorant.org.
T-Online has a slightly different problem. Their Whois records list "abuse@t-ipnet.de" for abuse notifications. A few days or even a week later you'll receive a message by T-IPnet Abuse, telling you that they just forwarded it to T-Online.
...that spam can be a steganographic medium to transmit anti-regime propaganda. Maybe China will finally start doing something really good to the rest of the world.
In the past, a secondary MX should ensure email reception after a failure of the primary MX. Nowadays it's quite useless if the Internet connection between the secondary MX and the human recipient is interrupted - it's even contraproductive as a sender might have seen his email being delivered, with the recipient not knowing anything about it.
Apart from load balancing, a single MX is often enough - if it's unreachable, emails will stay queued on the sender's systems and get delivered later.
Trying to block spam by blocking email seeming to originate from specific servers just does not work. Email headers can too easily be forged.
"Received" lines are written by the receiving email system and can't be forged by the sender. Of course the spammer can use some tricks like inserting faked "Received" lines oder the recipient's IP address as HELO string, but no spammer can hide the IP address the spam has been sent from. And these IP addresses will get blocked.
The vast majority of the spam we received -- over 97% of it -- was delivered to addresses that had been posted on the public Web.
So let's beat them with their own weapons. Sugarplum is a WWW spambot poisoner feeding them with lots of email addresses which are faked, spam traps or addresses of known spammers and spamfriendly people - collected from spam emails or experience with spamfriendly ISPs. As a motivation, a lot of spamfriendly institutions don't see the problem "spam" as serious until they get a really high dosis of unwanted email per day.
My Sugarplum installation gets scanned really often. At the moment, the French superspammer Artmarket is coming back almost every day, harvesting my Sugarplum site and dumping about 100 spams each time into my spam trap box. My ratio between spam trap and spammer is 1:50, so each time Artmarket will spam about 5000 spammers.
Some German dialer operators who had a really big spam problem half a year ago are actually trying to hire people to fight against spam they are getting on their own - no wonder, their domains were about the first to be spambaited massively in Usenet newsgroups and on WWW sites. Some 419 scam gangs who spamvertise their email addresses have to change them about once a month, as they will get flooded with "counterspam", and what is worse, they rely on the availability of their email addresses to get replies from their victims - that's why they spam.
SMTP means "*Simple* Mail Transfer Protocol". It's the equivalence of a letterbox - simple and efficient. Of course it can be abused for spamming, but so is any successor of SMTP and any different messaging service. As long as it is possible for anyone to send email, it will be possible for anyone to send spam.
The main problem does not consist in trying to stop spam in general (that would be impossible), but in making *anonymous* spamming *very* difficult. Standards are there - but many legitimate operators don't care about a standards-compliant infrastructure, stifling security efforts that would be good enough to keep a lot of spam out.
For example, each IP address should have a DNS reverse record pointing to a valid hostname, which resolves to the same IP address. HELO strings and message ID domainparts should be FQDN and not only "office" or "workstation", the sender's host should be an official Mail Exchange (MX) for the envelope-from domainpart, and so on. This way you could easily - using *existing* standards - make sure that the sender is authentic. Anonymous spamming via open proxies or open relays would be impossible, and spammers using their own infrastructure can be RBLd.
So why invent new standards with millions of people having to switch on, which would take 10 or 20 years? Why not use and push existing standards not only as "nice option" for email communication, but as requirements?
Contamination of Mars et at. with terrestrial life
on
New Hope for Life on Mars
·
· Score: 3, Interesting
I'm sure they will discover life on Mars in the near future - and discover later that they brought it themselves with their space vehicle. Some microbes are strong enough to survive the space trip and settle on even hostile environments, of which Mars would surely be good enough.
Isn't AMI afraid of many many people boycotting any products of TCPA-friendly vendors? In the near future, "voting with their money" will be the only chance for millions of PC users to fight against TCPA.
"Counterspam" as a method to get rid of a spammer
on
HOWTO: Annoy a Spammer
·
· Score: 5, Informative
For quite some time I've been putting any relay test dropbox, any spamvertized domain, any spammer or spamfriendly hoster's domain into my Sugarplum installation. Harvesters scanning my web site will fall into the trap at the beginning without discovering the rest of my site.
What is more, these adresses get posted into Usenet *.test groups. These newsgroups get harvested like crazy, with spam incidents occuring only a few days after posting and hitting several times per day. Since there is no obligation to use realnames for *.test postings, the most effective way to have spammers spam each other is using their addresses as sender ("From" header).
A few weeks ago a 419 scammer annoyed some members of the German anti-spam community with his crap. Usually most 419 scammers spamvertize their email address within the email body, Reply-To or even From. As his address seemed to be valid (to receive answers of fool^Wcustomers), we posted it into quite some *.test newsgroups. A day later, someone with a Nigerian IP address answered "don't mess around with us, read ya". Followup was "Oh, you're spamming each other? Here is some more food" and a list with hundreds of spammer's and spamfriendly people's email addresses.
The occurrence frequency of 419 scam has actually declined since then.
In Germany we have a BIG problem with porn dialer spam. Most of these spammers use accounts on the Canadian freeweb hoster "netmails.com", who refuses to kick spamvertized sites even on several spam incidents which have been spamvertizing the same accounts for weeks. We suspect "pink contracts" between the spammers and Netmails as well as between Netmails.com and its uplink AT&T Canada to keep these accounts and the spamhaus Netmails.com online.
Lots of the spam recipients are just fed up, and after each spam run thousands of annoyed people slashdot spamvertized accounts on Netmails.com until it blows the whistle. With the effect that "paying customers" look for a new hoster with better performance and will no longer supply Netmails.com with money. Hosting costs (traffic) on Netmails.com's side are growing, income is shrinking - so finally Netmails.com will have to change their spamfriendly business model or go down.
If spammers and spamfriendly hosters will make the experience of each spam wave resulting in an enormous amount of network traffic and server load, they will have to think twice whether their infrastructure withstands the next spam run...
Unfortunately, Latin America has become the new Far East, as far as spam sources are concerned. About three out of four spams are coming from open proxies within the 200/8 netblock, that's why more and more people are blocking it. You'll find about 5 or 10 proxies within each class C netblock.
If LACNIC wants South America to be able to communicate with the rest of the world, they better have Embratel et al. fix their proxy problem or join China and Korea with their "spammy intranet"...
Slashdot Mirror
I'm using Multisync with my Siemens S55 (connected via Bluetooth). Via IrMC, it can sync mobile phones via IrDA, Bluetooth or serial cables. Providers for SyncML, Evolution, OPIE (Sharp Zaurus or HP iPAQ running GNU/Linux), WinCE, LDAP, Palm and Backup exist as well.
What is more, if you multiply Bayesian or "word list" spam scores with results obtained with other methods, spammers may put "non-spammy" words into their spams as they like, but they only score their crap up instead of down.
That's why most Internet users call them "Spamcast" and don't accept any email from their IPs. But it's good to see that Spamcast *has* an anti-abuse policy, it just doesn't get enforced to combat spam originating from their netblocks.
Maybe some mass-downloads of pr0n, w4r3z and m0v|3z through open proxies would finally make Spamcast shut them down. A year ago mass-downloads of premium-rate dialers (frequently spamvertised by German spam gangs) through open proxies within Latin American netblocks (200/7) helped to have most of them closed.
A while ago, I made a SpamAssassin patch which resolves any URL found within an email and tests the resulting IP addresses against blacklists which are otherwise used to block unwanted email. A lot of Chinese bulletproof servers' IP addresses are listed on the Spamhaus Block List (SBL) and/or SPEWS as well as on certain *.blackholes.us lists.
What's left: "MSIE Hole".
Still left: "MSIE"
As most serious security problems affect MSIE, it can be omitted as well. The least redundant informative headline would be:
WindowMaker's dock keeps the most important application icons and applets in place. As the workspace clip's icons are specific to virtual desktops, it is quite easy to use one virtual desktop for word processing and spreadsheets, another one for drawing and a different one for WWW and email. Icons of minimized applications stay out of the way, too.
(_) Bill Gates
(_) Linus Torvalds
(_) George W. Bush
(_) Darl McBride
(_) Richard M. Stallman
(_) The Pope
(_) CowboyNeal
I bet CowboyNeal would win. ;)
Of course it's some work changing email addresses after expiration (I'm rotating most of them after three months), but it's less work then eating all their spam.
At least pharmacourt.biz is still responding to well - c'mon, let's /. these spammers like they are /.ing our email accounts!
#!/bin/sh /dev/null /dev/null
while true; do
wget http://www.pharmacourt.biz/ -O
wget http://www.valuepointmeds.biz/ -O
done
Unfortunately, wives compatible with hi-tech households are quite rare.
As a different approach, if Bluetooth had a universal storage protocol like USB-Storage or CF/PCMCIA or SD/MMC/whatever, a camera might directly store a new photo on an iPod-like fileserver in the backpack, connected via Bluetooth. Or imagine a "wireless USB stick" as a storage medium, remaining in your pocket while you access or store some files on it. Bandwidth would certainly be too weak for video streams but sufficient for some photos or documents.
The network, expected to go online next month, will ring the Northern Hemisphere, connecting spammers in Chicago with machines in Amsterdam, Moscow, Siberia, Beijing and Hong Kong before hooking up with Chicago again, said Alan Ralsky of the National Center for Bulk Email Advertising, one of the leaders of the Little CHINANET project. Spam will flow at 155 million bytes per second.
"This new network permits us to learn more from each other in areas where we have not worked together in the past," Ralsky said Monday.
[...]
Spammers have always chosen black-hat ISPs that assure them the capacity to send huge volumes of emails at speeds much faster than typical deliveries and for real-time bargains on high-tech penis enlargements, Ralsky said.
Little CHINANET - an acronym for Common Harbor for Incredibly Nasty Advertising Networks Exceeding Tolerance - will allow spammers and bulk hosters to work together on such issues as ignoring complaints, safeguarding spamvertised sites, monitoring server performance or joint open proxy exploration.
[...]
Little CHINANET is a "first big step" toward development of the higher-speed CHINANET, Ralsky said. That effort, expected to be launched later this year, will send spam at 10 gigabytes per second, 60 times faster than the Little CHINANET.
Computer connections have fostered spam collaborations that otherwise might not have happened, Ralsky said.
"There's some advantage to having people being able to talk more regularly," he said. "There are fewer misunderstandings. I think these networks are going to be more important to the more critical issues that we're all addressing together."
Both AOL's and T-Online's abuse departments aren't that bad. If you know some people who work there and inform them directly about abuse, they'll react quickly and correctly.
What's wrong on both ISPs is the way abuse notifications are being handled officially, that is, if you don't know any people there and inform them via official addresses. abuse@aol.net seems to be equivalent with /dev/null - e. g. the German AOL abuse team won't ever see any emails sent to this address, and if they do, it's way too late. abuse@aol.de (which might be useful to reach them directly) doesn't exist, that's why aol.de is listed on rfc-ignorant.org.
T-Online has a slightly different problem. Their Whois records list "abuse@t-ipnet.de" for abuse notifications. A few days or even a week later you'll receive a message by T-IPnet Abuse, telling you that they just forwarded it to T-Online.
DocSnyder.
...that spam can be a steganographic medium to transmit anti-regime propaganda. Maybe China will finally start doing something really good to the rest of the world.
Apart from load balancing, a single MX is often enough - if it's unreachable, emails will stay queued on the sender's systems and get delivered later.
"Received" lines are written by the receiving email system and can't be forged by the sender. Of course the spammer can use some tricks like inserting faked "Received" lines oder the recipient's IP address as HELO string, but no spammer can hide the IP address the spam has been sent from. And these IP addresses will get blocked.
So let's beat them with their own weapons. Sugarplum is a WWW spambot poisoner feeding them with lots of email addresses which are faked, spam traps or addresses of known spammers and spamfriendly people - collected from spam emails or experience with spamfriendly ISPs. As a motivation, a lot of spamfriendly institutions don't see the problem "spam" as serious until they get a really high dosis of unwanted email per day.
My Sugarplum installation gets scanned really often. At the moment, the French superspammer Artmarket is coming back almost every day, harvesting my Sugarplum site and dumping about 100 spams each time into my spam trap box. My ratio between spam trap and spammer is 1:50, so each time Artmarket will spam about 5000 spammers.
Some German dialer operators who had a really big spam problem half a year ago are actually trying to hire people to fight against spam they are getting on their own - no wonder, their domains were about the first to be spambaited massively in Usenet newsgroups and on WWW sites. Some 419 scam gangs who spamvertise their email addresses have to change them about once a month, as they will get flooded with "counterspam", and what is worse, they rely on the availability of their email addresses to get replies from their victims - that's why they spam.
SMTP means "*Simple* Mail Transfer Protocol". It's the equivalence of a letterbox - simple and efficient. Of course it can be abused for spamming, but so is any successor of SMTP and any different messaging service. As long as it is possible for anyone to send email, it will be possible for anyone to send spam.
The main problem does not consist in trying to stop spam in general (that would be impossible), but in making *anonymous* spamming *very* difficult. Standards are there - but many legitimate operators don't care about a standards-compliant infrastructure, stifling security efforts that would be good enough to keep a lot of spam out.
For example, each IP address should have a DNS reverse record pointing to a valid hostname, which resolves to the same IP address. HELO strings and message ID domainparts should be FQDN and not only "office" or "workstation", the sender's host should be an official Mail Exchange (MX) for the envelope-from domainpart, and so on. This way you could easily - using *existing* standards - make sure that the sender is authentic. Anonymous spamming via open proxies or open relays would be impossible, and spammers using their own infrastructure can be RBLd.
So why invent new standards with millions of people having to switch on, which would take 10 or 20 years? Why not use and push existing standards not only as "nice option" for email communication, but as requirements?
I'm sure they will discover life on Mars in the near future - and discover later that they brought it themselves with their space vehicle. Some microbes are strong enough to survive the space trip and settle on even hostile environments, of which Mars would surely be good enough.
Isn't AMI afraid of many many people boycotting any products of TCPA-friendly vendors? In the near future, "voting with their money" will be the only chance for millions of PC users to fight against TCPA.
What is more, these adresses get posted into Usenet *.test groups. These newsgroups get harvested like crazy, with spam incidents occuring only a few days after posting and hitting several times per day. Since there is no obligation to use realnames for *.test postings, the most effective way to have spammers spam each other is using their addresses as sender ("From" header).
A few weeks ago a 419 scammer annoyed some members of the German anti-spam community with his crap. Usually most 419 scammers spamvertize their email address within the email body, Reply-To or even From. As his address seemed to be valid (to receive answers of fool^Wcustomers), we posted it into quite some *.test newsgroups. A day later, someone with a Nigerian IP address answered "don't mess around with us, read ya". Followup was "Oh, you're spamming each other? Here is some more food" and a list with hundreds of spammer's and spamfriendly people's email addresses.
The occurrence frequency of 419 scam has actually declined since then.
Lots of the spam recipients are just fed up, and after each spam run thousands of annoyed people slashdot spamvertized accounts on Netmails.com until it blows the whistle. With the effect that "paying customers" look for a new hoster with better performance and will no longer supply Netmails.com with money. Hosting costs (traffic) on Netmails.com's side are growing, income is shrinking - so finally Netmails.com will have to change their spamfriendly business model or go down.
If spammers and spamfriendly hosters will make the experience of each spam wave resulting in an enormous amount of network traffic and server load, they will have to think twice whether their infrastructure withstands the next spam run...
CHEAP VIA^H^H^HMALE PILLS ONLY $20 EACH !!!!!!
Do you want to have GREAT SEX without your girlfriend to get PREGNANT? Check out this GREAT OPPORTUNITY! Order 10 Pills NOW and get 20 FOR FREE!
Unfortunately, Latin America has become the new Far East, as far as spam sources are concerned. About three out of four spams are coming from open proxies within the 200/8 netblock, that's why more and more people are blocking it. You'll find about 5 or 10 proxies within each class C netblock.
See also the large SPEWS listing http://spews.org/html/S1297.html.
If LACNIC wants South America to be able to communicate with the rest of the world, they better have Embratel et al. fix their proxy problem or join China and Korea with their "spammy intranet"...
DocSnyder.
Everyone should be able to access any data on a host - except for the user sitting in front of it.