Spamcop is one of the blocklists that has been under perpetual attack by spammers. Recently, spammers started a rather major DDoS against spamcop and several other services.
Antispam services that have limited operating resources (such as the now defunct monkeys.com and osirusoft.com) -- while extremely useful services, simply didn't have the means to withstand major attacks. Those two services had to be shut down because the owners could not deal with the onslaught. Spamhaus, and probably now Spamcop will be able to withstand attacks.
Kudos to any company that joins in on the spam fighting effort. Also worth mentioning are the good folks at Easynet, who have been running top-notch anti-abuse DNSBLs that are available to the public.
Only in Asian countries, where there is true technological freedom, can one hope to innovate to such a degree and blow open a new market. It is too bad that the US and EU, in their anti-innovation and pro-corporate protection mindset, is closed to new ideas.
The problem has nothing to do with Exchange, or SMTP itself. It has to do with SMTP AUTH -- an extension that allows clients to authenticate themselves. This allows a roaming client (connecting from anywhere) to authenticate via username and password, and they are then given relaying rights as if they were directly on the ISPs network.
The attacker simply finds a frequently used account such as 'guest' and guesses a few passwords on it. This is classic account/password compromise, nothing more. Once the spammer is 'authenticated' they are free to relay. They could have also guessed any real user's password, the effect would be the same.
but I'm sort of thinking that benefitting from a crime must be illegal
That's very interesting. Maybe somebody (but who?) could nail the Industry for benefitting from proceeds of crime. But realize this can't happen. The Industry owns government. They can do whatever the hell they want.
I would be curious to see how much of a commercial tone the Internet service would have. For instance, ISPs (especially cable) don't like to allow people to run their own servers because they want to sell people another (rather meaningless) 'tier' of service -- the 'business plan'. This has always bugged me because there is no technical reason for such restrictions, but I am pretty sure that a publicly available service would not impose such corporate-minded restrictions.
This would be a neat way to watch for nasties on the wire. But most ISPs still don't use even the simplest form of filtering on their mail servers that would stop all viruses cold. The goddamn software is free; why can't ISPs use it? For filtering out viruses at mail servers:
Once the US and EU jails are filled with teenagers, society can truly enjoy the New Renaissance. I for will be glad to see the earth cleaned of this scourge that is casual media duplication.
All hail Great Enterprise, Who knows no international boundaries. Thou arst truly the Corporate Ruler in this modern age. Cleanse us of our sins, oh Corporate one. Show us how to become better Consumers! Without Thou we are lost; we canst not thinketh by ourselves. Help us think! Neigh, think for us! Please take our money, and tell us what to do. We are forever in Thy humble service.
Now every manufacturer is suing practically anybody who just dares to have a peek inside their product.
In the United States they certainly are. Not so in other countries, especially around Asia. You had better believe that Asia is going to start kicking ass real soon. The US will never know what hit them (Those CEO's who do know will clutch their bags of money and escape)
Pretty funny, but even more funny when you replace "terrorist" with "communist." Same paranoia, different era.
Good call! People need to be afraid of something (clearly somebody in power believes this). Look how much network television news broadcasts are about fear mongering.
Oh geez, terrorists, terrorists, terrorists, we're all so afraid of terrorists. You may be a terrorist, your neighbor might be a terrorist, and I'm petrified by fear. I'm so paralyzed by fear that I think we should pull the plug on any project that might be potentially used by terrorists. Whether it's technological, or medical... hell, who cares that we might be coming up with new biological agents to help fight cancer... throw that research out the window! The terrorists might somehow morph the results of the research and create an Osama-superbug that's even wors that SARS and anthrax!!!
There's more to a stock-buying decision than simply what the statistical trend looks like. We know that this stock is headed for trouble, because the company is headed for trouble -- they've been making jackasses of themselves, and have attracted legal attention. This has got to be one of the riskiest stocks out there; I would sell now and lock in my profit.
Whats scary is that this article is right next after one that says Microsoft Moving Into Chip Design
Good point. Electrical Engineers know that microcontrollers rule the world. Now although Microsoft is interested in the gaming side of things, I for one would be terribly worried if Microsoft actually started to get the world to use its microcontrollers (along the lines of Motorola 68K etc.). These core units are found in just about every electrical device you have contact with. I would seriously shit my pants if Microsoft-made hardware found its way into critical equipment.
Just you wait, there's more in store. Except it seems now that virus authors have major financial backing (spammers) and are establishing a sophisticated zombie infrastructure running on Windows machines that will cause years of serious trouble. Time to start seriously prosecuting these a$$holes (spammers, virus authors, or Microsoft... you decide!)
Amen! This is a perfect example of one of many serious threats to end-to-end transparency in the Internet . . . I don't know what can be done
Unfortunately, these Windows viruses that make a broadband customer act as a spam relay are a big reason that ISPs are considering blocking mail from dialups/dynamics.
If Internet communications gets divided between consumer/corporate lines, I will place the blame on spammers and Microsoft (no joke).
First, it's obviously a bad idea to block all IP traffic for an entire netblock (except under extreme circumstances -- attacks, for instance).
Spam is a huge problem, and there are some very effective DNSBL's (DNS blocklists) out there that can let a mailserver reject mail coming from a certain IP address. There are many different DNSBL's out there, and each has their own policies on what IPs they will list, how they will de-list, etc.
I don't like DNSBL's that list IPs based on non-spam related criteria. Examples include: country/continent of origin and service class (consumer vs. commercial). Blocks based on such criteria just divide the Internet, and don't even take into account where spam is coming from. I think it's a slap in the face of the Internet for a company to say, "I'm going to block all traffic from dynamic IPs, because they are not commercial connections".
Then there are the blocklists that block IPs that send spam. I like this approach because the lists are designed to block what I don't want; spam. sbl.spamhaus.org blocks regions of the Internet that perpetually send spam. blackholes.easynet.nl similarly list established spam sources. relays.ordb.org and list.dsbl.org block open relays and proxies that were found to be points of abuse.
If so, why don't you use your ISP's server as smarthost and relay through them?
Why don't I use my ISP's mail server? Because:
My ISP's mail server sometimes takes as much as 3 hours to deliver a single email
Mail sometimes gets lost entirely, and without access to logs I have no clue what happened
I have a host with TCP/IP abilities just like everyone else. Just because I'm not paying thousands of dollars doesn't mean I can't establish a port 25 connection to another host. I resent the drive by industry to segregate connectivity based on service class (consumer/business). TCP/IP knows no such labels.
These newest virii, ie MSblster, are made to impact users, how could you think otherwise?
If I understand you correctly, you're making the point that viruses not related to spam are equally destructive. My problem is that spammers are creating viruses as part of a long-term strategy. They are establishing an infrastructure that is already showing long-term impacts on the Internet (huge regions of the net being blacklisted; dynamic and dialups no longer being treated equally).
A teenager gives up on viruses when he gets laid; a professional spammer builds up a million dollar underground business and will not give up. Spammers have the advantage of huge email address lists that they can use to inject their viruses into the world. They have several orders of magnitude more power than joe average hacker.
Spammers' viruses are more dangerous than teenagers' viruses.
Many of the people writing newer viruses (those that relate to spam) are of a different breed entirely. I personally believe the people responsible for modern Internet spamming worms are more malicious than teenage hackers would ever want to be. These menaces to society consider themselves businessmen. You wish we were dealing with teenage hackers. Read up on Internet spam and viruses, and see this less technical article along the same lines.
You know what... I really don't care if corporations get scared away from Linux. FINE! Show those people the door. Letting big business into the Linux groundfloor is like allowing that annoying kid Tyler into your awesome secret clubhouse: he screws around with too many things, then the club is ruined.
Linux was created by geeks and academics, and I prefer a world in which _we_ are the only ones who can benefit from this amazing technology.
I am the owner of two small businesses, and a small business finds it very hard to get the word out about its existence. If you don't know it's out there, you won't go looking for it.
You realize, of course, that many spammers justify what they do with similar logic. Just as I have a right to read my email without being harassed by advertisers, I have a right to use my telephone service with being harassed by advertisers.
Now if I watch television, I'm asking for advertising. "Please give me advertising!" I say. Of course, small guys can't afford TV ads. It's an unfortunate situation, certainly.
As with spam, this is an issue of consent, not content! The thing you want to advertise could be fantastic... that doesn't change anything.
I think what we're seeing is characteristic of business mentality. In business, you have a lot of pressures: paying employees, meeting deadlines, reducing capital investment, satisfying shareholders with snazz. A business simply can not afford to create software that is as secure as software generated by academics, or even small developers.
Not for a while, but it really does make you wonder. Pretty much all of the strongest encryption we have to date (except huge one-time pads shared between parties) rely on classical crypto: it's all about computational infeasibility of solving certain equations.
Quantum computing does have the potential to make this obsolete. All SSL -- used by banks, governments, might be breakable. PGP would be breakable.
It seems reasonable that governments will tightly control developments in this field once they catch on to what's at stake. IMHO, an enemy with the power to break classical crypto is a much greater threat than a jackass carrying an exacto knife.
Slashdot Mirror
Spamcop is one of the blocklists that has been under perpetual attack by spammers. Recently, spammers started a rather major DDoS against spamcop and several other services.
Antispam services that have limited operating resources (such as the now defunct monkeys.com and osirusoft.com) -- while extremely useful services, simply didn't have the means to withstand major attacks. Those two services had to be shut down because the owners could not deal with the onslaught. Spamhaus, and probably now Spamcop will be able to withstand attacks.
Kudos to any company that joins in on the spam fighting effort. Also worth mentioning are the good folks at Easynet, who have been running top-notch anti-abuse DNSBLs that are available to the public.
Only in Asian countries, where there is true technological freedom, can one hope to innovate to such a degree and blow open a new market. It is too bad that the US and EU, in their anti-innovation and pro-corporate protection mindset, is closed to new ideas.
The problem has nothing to do with Exchange, or SMTP itself. It has to do with SMTP AUTH -- an extension that allows clients to authenticate themselves. This allows a roaming client (connecting from anywhere) to authenticate via username and password, and they are then given relaying rights as if they were directly on the ISPs network.
The attacker simply finds a frequently used account such as 'guest' and guesses a few passwords on it. This is classic account/password compromise, nothing more. Once the spammer is 'authenticated' they are free to relay. They could have also guessed any real user's password, the effect would be the same.
I would be curious to see how much of a commercial tone the Internet service would have. For instance, ISPs (especially cable) don't like to allow people to run their own servers because they want to sell people another (rather meaningless) 'tier' of service -- the 'business plan'. This has always bugged me because there is no technical reason for such restrictions, but I am pretty sure that a publicly available service would not impose such corporate-minded restrictions.
Once the US and EU jails are filled with teenagers, society can truly enjoy the New Renaissance. I for will be glad to see the earth cleaned of this scourge that is casual media duplication.
All hail Great Enterprise, Who knows no international boundaries. Thou arst truly the Corporate Ruler in this modern age. Cleanse us of our sins, oh Corporate one. Show us how to become better Consumers! Without Thou we are lost; we canst not thinketh by ourselves. Help us think! Neigh, think for us! Please take our money, and tell us what to do. We are forever in Thy humble service.In the United States they certainly are. Not so in other countries, especially around Asia. You had better believe that Asia is going to start kicking ass real soon. The US will never know what hit them (Those CEO's who do know will clutch their bags of money and escape)
Good call! People need to be afraid of something (clearly somebody in power believes this). Look how much network television news broadcasts are about fear mongering.
What me worry?Just you wait, there's more in store. Except it seems now that virus authors have major financial backing (spammers) and are establishing a sophisticated zombie infrastructure running on Windows machines that will cause years of serious trouble. Time to start seriously prosecuting these a$$holes (spammers, virus authors, or Microsoft... you decide!)
Unfortunately, these Windows viruses that make a broadband customer act as a spam relay are a big reason that ISPs are considering blocking mail from dialups/dynamics.
If Internet communications gets divided between consumer/corporate lines, I will place the blame on spammers and Microsoft (no joke).
First, it's obviously a bad idea to block all IP traffic for an entire netblock (except under extreme circumstances -- attacks, for instance).
Spam is a huge problem, and there are some very effective DNSBL's (DNS blocklists) out there that can let a mailserver reject mail coming from a certain IP address. There are many different DNSBL's out there, and each has their own policies on what IPs they will list, how they will de-list, etc.
I don't like DNSBL's that list IPs based on non-spam related criteria. Examples include: country/continent of origin and service class (consumer vs. commercial). Blocks based on such criteria just divide the Internet, and don't even take into account where spam is coming from. I think it's a slap in the face of the Internet for a company to say, "I'm going to block all traffic from dynamic IPs, because they are not commercial connections".
Then there are the blocklists that block IPs that send spam. I like this approach because the lists are designed to block what I don't want; spam. sbl.spamhaus.org blocks regions of the Internet that perpetually send spam. blackholes.easynet.nl similarly list established spam sources. relays.ordb.org and list.dsbl.org block open relays and proxies that were found to be points of abuse.
Why don't I use my ISP's mail server? Because:
If I understand you correctly, you're making the point that viruses not related to spam are equally destructive. My problem is that spammers are creating viruses as part of a long-term strategy. They are establishing an infrastructure that is already showing long-term impacts on the Internet (huge regions of the net being blacklisted; dynamic and dialups no longer being treated equally).
A teenager gives up on viruses when he gets laid; a professional spammer builds up a million dollar underground business and will not give up. Spammers have the advantage of huge email address lists that they can use to inject their viruses into the world. They have several orders of magnitude more power than joe average hacker.
Spammers' viruses are more dangerous than teenagers' viruses.Many of the people writing newer viruses (those that relate to spam) are of a different breed entirely. I personally believe the people responsible for modern Internet spamming worms are more malicious than teenage hackers would ever want to be. These menaces to society consider themselves businessmen. You wish we were dealing with teenage hackers. Read up on Internet spam and viruses, and see this less technical article along the same lines.
You know what... I really don't care if corporations get scared away from Linux. FINE! Show those people the door. Letting big business into the Linux groundfloor is like allowing that annoying kid Tyler into your awesome secret clubhouse: he screws around with too many things, then the club is ruined.
Linux was created by geeks and academics, and I prefer a world in which _we_ are the only ones who can benefit from this amazing technology.
You realize, of course, that many spammers justify what they do with similar logic. Just as I have a right to read my email without being harassed by advertisers, I have a right to use my telephone service with being harassed by advertisers.
Now if I watch television, I'm asking for advertising. "Please give me advertising!" I say. Of course, small guys can't afford TV ads. It's an unfortunate situation, certainly.
As with spam, this is an issue of consent, not content! The thing you want to advertise could be fantastic... that doesn't change anything.
I think what we're seeing is characteristic of business mentality. In business, you have a lot of pressures: paying employees, meeting deadlines, reducing capital investment, satisfying shareholders with snazz. A business simply can not afford to create software that is as secure as software generated by academics, or even small developers.
Not for a while, but it really does make you wonder. Pretty much all of the strongest encryption we have to date (except huge one-time pads shared between parties) rely on classical crypto: it's all about computational infeasibility of solving certain equations.
Quantum computing does have the potential to make this obsolete. All SSL -- used by banks, governments, might be breakable. PGP would be breakable.
It seems reasonable that governments will tightly control developments in this field once they catch on to what's at stake. IMHO, an enemy with the power to break classical crypto is a much greater threat than a jackass carrying an exacto knife.