Tracking Spam to the Source 366
cygnusx writes: "MSNBC is carrying a Wall Street Journal article on one reporter's attempts to track the spam she receives to the source. Armed with a few Hotmail and Yahoo accounts, reporter Stacy Forster actually responded to most of the barrage of spam she began to receive after a week or so. Not quite the best investigative jounalism ever seen, but still a good glimpse (or so I thought) at those who send us those unloved missives about "exciting business opportunities" and "millions of $$$ waiting"."
Recommendation (Score:5, Informative)
My solution to stop spam... (Score:5, Informative)
Before installing it, I got ~20 spam messages a day. Now I get at most 1-2 a week. Spambouncer does come with very restrictive default settings, though. For example, you must specify if you want to receive email from free web mail services like Yahoo and Hotmail, otherwise it'll filter those out.
It also logs everything it does and has the option of sending blocked email to a file instead of
In my case the only inconvenience was it blocked legitimate email from Amazon.com and eBay -- these are filled with disclaimers and have HTML, which Spambouncer doesn't like to see. In any case, it's easy to mark those domains as safe and start receiving their email again.
Harris Poll/MS spam (Score:2, Informative)
It took a little guts, but after 2nd and 3rd thoughts I reported it via spamcop.
Not sure if I'll take the poll anyway. I think it sucks that MS has me on their list. Maybe they scraped microsoft.public.???.
Re:maybe if we stop answering it... (Score:5, Informative)
Absolutely, these HTML mails are dangerous with their 1x1 gifs with a custom URL so "they" know you've read the message.
I check the source and add the urls to junkbuster's list. If the filters don't get the mail, then the images still don't get requested.
from the story.. (Score:2, Informative)
Guess I have someone else than abuse.net to forward unsolicited spam to now..
Re:I want to know HOW they got her address... (Score:2, Informative)
The spammer said he used "an e-mail harvesting program called Target 2001
So it is possible that neither Borders or Yahoo are lying
Beware spammer dictionary-attack (Score:4, Informative)
Sig: What Happened To The Censorware Project (censorware.org) [sethf.com]
OS X Mail has this too (Score:2, Informative)
A (partial) solution... (Score:2, Informative)
What I think I might want to check is to see if it can't also directly forward the original email to that ftc mail address...
Re:Email harvesters: an answer? (Score:2, Informative)
and there exist tools like wpoison [google.com] (the better one i came across while googlewhacking escapes me) that do exactly what you're talking about
How to track who sold yours email to spammers (Score:5, Informative)
Here is my easy method to track the bastard that sold your address. All you need is your own domain and control over the e-mail server - as many of my fellow geeks do.
Using my domain - I created an account for dealing with spam. I then created an alias which will put all e-mails without a specific mailbox into that account. (for example - the qmail/vmailmgr allows you to create "+" alias as such catch-all address)
Now comes the fun part- every time I need to use my e-mail in public - I make up an e-mail address that makes it easy to figure out where I used it. To make sure I do not create a real mailbox with same name - I use a specific prefix (like ns- for no spam) to make all of those e-mail addresses stand out (example - when signing up for e-bay, I sign up with ns-ebay@mydomain.com. Now when that spam arrives I can find out which e-mail address it is destined to - and which place it came from.
The last part of this comes after a while. Eventually some addresses start getting too much spam and you seem to end up where you started. No problem. I create a new alias that bounces or
If I find that I gave out an address to a trustworthy source, I can even create an alias to go to my main mailbox.
Of course, if you go to a source that is guaranteed to leak your address to spammers, no point to even bother with all this - that's what the free webmail accounts are for
The interesting part of all this is that to my own surprise I find that most sites are pretty good at keeping your privacy when you sign up. So far the biggest culprits were postings on USENET (well, duh!) and ebay - but e-bay were all from massmailings by people I bought from and they were good at removing my address when asked to.
Hope this helps.
-Em
Re:Email harvesters: an answer? (Score:2, Informative)
And some of the email harvesters have routines that tried to detect fake email pages. But of course if the fake page is not overdone, it might still fool them.
Anyway When making web pages, I like to make people's emails on the page a a small
Filtering (Score:3, Informative)
I export the email addresses in my address book to a file which I FTP to my server. Here is the procmail recipe I use on the server:
-------
SHELL=/bin/sh
FROM=`formail -rzxTo:`
:0
* ! $FROM ??
* ! $FROM ??
* ! $FROM ??
* $ ! ? cat emaillist.txt | fgrep -iqs "$FROM"
! spam@account.com
----
Re:My favorite part of the article? (Score:2, Informative)
MSNBC does random popup ads, in that not every time you load the page will an ad be displayed, but if you browse around on the site enough, or just get unlucky, you'll get a pop-up. I'm not sure I've ever seen a pop-under ad on MSNBC, but then I use a combination of Adzap [zip.com.au] with my Squid proxy and NoPopIE [daishar.com] with Internet Explorer to banish most advertisements and popups. You may be using similar things, if you're never seeing popups on MSNBC
Re:maybe if we stop answering it... (Score:1, Informative)
Note that the *default* setting of Mozilla/Netscape/Outlook is to send HTML mail. People aren't going out their way to make your (our) lives difficult with HTML -- it's accepted as the standard now. And I've got better things to do than try to argue with the world about mail formatting, esp when they are paying me or sleeping with me. Punching myself repeatedly in the balls would be more productive.
(Although Hotmail is really fucking annoying in that it only sends text/html without the text/plain backup. That sucked when I was using an elderly version of pine as a remote mail solution.)
Re:maybe if we stop answering it... (Score:3, Informative)
A simple solution (Score:5, Informative)
Re:Just use PINE and... (Score:5, Informative)
Spam has to be bounced at the SMTP server level before reception is complete to be effective at all, and even at this point it's usually pointless as the spammer is probably just bouncing off some random open relay in China. All this will do is fill up the clueless administrators mailbox of the relay in china with bounce messages. Maybe this will cause them to close their open relay, but with hundreds of thousands more open relays to choose from, it does little good in the overall picture.
Spammers have found another method too. Relay through some lammer's poorly-configured wingate or squid proxy.
Use spamcop, bounce messages, write nasty notes all you want, but you will not make a dent in the spam problem.
The only thing you can do that might have ANY impact at all would be to complain to your congressmen that they need to outlaw spam. Once laws are in place we can sue the pants off these assholes, and maybe even get them some jail time.
What scares me more than the "make money quick" or "loose 150 lbs in 10 minutes" spams are the pseudo-legit type used by businesses.
Think about that... If only 1% of american businesses decided to use spam, and they only sent one spam email a year to 1% of the population,
that's still thousands of messages A week per person!
With all the filters I have setup, I block about 600 spam attempts per day to my server, another 50 or so a day get filtered into a spam folder automatically, and about 2 or so a day get all the way through to my main inbox folder. This is on an email address I've had for 7 years, so just about every spammer seems to hit it.
Considering that I only get about 100 legit emails a day (including several mailing lists) I'd say the problem is WAY out of hand. With the levels of spam increasing about 10% per month, my guess is that we have about a year left before email is completely saturated with spam making it impossible to communicate.
So Please, do as I have and write a physical letter (no emails, they just junk those) to your congress critters (or what ever government officials you have in your country that pass laws) to ban spam.
More mainstream media on spam (Score:5, Informative)
I arrive at my office, uncap my coffee, unwrap my bagel, open my e-mail and face the first searing public policy question of the day: "Do you want to watch teens make their first porn video?"
It's called "The Great American Spam Attack" [washingtonpost.com], by Ellen Goodman.
I work for date.com... (Score:3, Informative)
However, such programs generate incredible amounts of traffic - the money generated far exceeds the bad publicity and attention the occasionally poorly targeted email generates.
Re:Recommendation (Score:4, Informative)
Accessibility? (Score:2, Informative)
When making web pages, I like to make people's emails on the page a a small .png file instead of text with no mailto: link. This prevents that these programs can pick it up.
It also prevents that blind people using a speech reader can pick it up, which may be a violation of your jurisdiction's disability code.
just use spamgourmet and... (Score:2, Informative)
The idea is to set you free to surf/sign up at will and make it easier to not get spam than it is to get spam.
Re:maybe if we stop answering it... (Score:3, Informative)
In my experience so far, the only way to run a fairly spam-proof SMTP server is to be utterly ruthless with blacklisting. Blacklist insanely large portions of IP space, but configure your SMTP server to produce a bounce message which describes a way around the block (like a postmaster address, or something). A legitimate sender should receive and read the bounce (unless they have one of those ghastly SMTP servers which discards error message text and "helpfully" translates it into "the user does not exist"), whereas a spammer is likely to ignore it. If someone responds to the bounce message in the manner described, whitelist the associated IP address. Spammers send out so much mail that they can't attend to every bounce message personally. (And contrary to some opinions I've seen expressed elsewhere in this article, I've yet to see any evidence that spammers remove addresses which consistently bounce.)
Another possibility is to use the "MAIL From:" address: construct a whitelist of names from whom you will accept mail, and bounce all the others with a similar "how to get around this" message. As before, add the address of any such person who reads the bounce message to your whitelist. Note that both of these techniques could, in principle, be automated. Note also that although a spammer can trivially forge the "MAIL From:" address, it's not nearly so trivial to match every "RCPT To:" address with a whitelisted "MAIL From:" address.
I don't pretend that the above approach to spam-blocking is polite, but rather that it's the only one I've found to be very effective, given the limitations of SMTP. Most people are quite horrified at the number of IP addresses I blacklist: one spam from an open relay is usually enough to convince me to blacklist that IP address at the class B level (approx 65,000 IP addresses in its neighbourhood). It's not about raw numbers, though: it's about the impact that it has on your mail service. If I'm never likely to receive a legitimate email from that IP range, then why not blacklist it?
Ultimately, though, the solution will be to replace SMTP with a protocol that recognises one simple fact that SMTP does not: parties engaging in mail exchange are potentially hostile to each other, and thus the protocol must only allow progress when there is mutual agreement between the parties that the transaction should go ahead. IM2000 [cr.yp.to] is an interesting and potentially useful proposal, for example, albeit a bit short on details (and stagnant, judging by the recent lack of traffic on the mailing list). As it happens, I've chosen to make this problem (replacing SMTP) the subject of my Honours thesis, and that's due to be finished by July. Whether or not my proposals will actually be adopted by anyone is a different matter, of course.
Poison the spammers mailing lists (Score:3, Informative)