Trouble Getting to SpamCop? 245
geekwench writes "SpamCop was apparently the victim of a recent DoS attack. A false complaint to their domain registrar led to all primary DNS information being pulled. The problem is now fixed, but there may still be access issues for the next couple of days as ISPs clear the old DNS information out of their caches. You can read about it here and here. (Sounds to me as if SpamCop is proving to be a good-sized thorn in the sides of a number of spammers.)"
Tip (Score:5, Informative)
Re:Tip (Score:3, Informative)
The problem isn't outdated or incorrect information in the spamcop.net zone. The problem is the information on the .net zone. This means that everything under spamcop.net (Including mail records) cannot resolve until the .net servers are updated (Already d
Re:Tip (Score:3, Informative)
ns1-117.akam.net
ns1-11.akam.net
ns1-109.akam.n
asia3.akam.net
ns1-93.akam.net
ns1-90.akam.n
use1.akam.net
ns1-73.akam.net
Spamhaus too, maybe. (Score:3, Interesting)
Re:Spamhaus too, maybe. (Score:3, Insightful)
Spam doesn't stand a chance
N.
2004 promises to be interesting (Score:5, Interesting)
In the natural world, something like 60% of all species are parasitical, and the war between parasites and hosts is one of the defining aspects of all nature. Sex, for instance, is a way of shuffling locks faster than parasites can evolve keys.
It seems inevitable that software and communications will have to develop similar kinds of defenses against what is an inevitable onslaught from the parasitical forces that have developed to snack on the soft underbelly of the Net.
Cybersex, anyone?
Re:2004 promises to be interesting (Score:3, Interesting)
Interesting analogy
Or are there parallels in biological contexts that show parasitic organisms actually inducing host organisms to have sex? But, maybe you shouldn't since bringing this out would cause an influx of more spam beyond what Viagra has brought. Maybe, the word is "Mum"...
Re:2004 promises to be interesting (Score:2)
Sexual reproduction has bloody little to do with parasites, who thrive just fine thank you on sexually reproducing mammals. It's about creating genetic diversity more rapidly, which allows favorable mutations to occur more often and be selected, while culling unfavorable ones through selection and lack of interoperability (most genetic defects render you sterile). This is an advant
Re:2004 promises to be interesting (Score:2)
And which do even better on axesual animals (which have correspondingly shorter lifespans, but read on...)
If you're interested in the subject, I would suggest you check out a copy of "The Red Queen" by Matt Ridley from your local library (or Amazon, if your local library isn't up to scratch). In it, you'll find multiple discussions which consider many possible reasons for sex, heav
Re:2004 promises to be interesting (Score:3, Insightful)
This whole thing reminds me of the war on drugs. If the cops wanted to really stop the drugs from existing on the streets, they could. But they don't have any incentive for that because it works against their budgets to pull all the drugs off the streets.
The police profit f
Re:2004 promises to be interesting (Score:2)
Do you really have a clue as to how Spamcop works? It takes emails submitted by users and finds the sending server (as well as the ISP for any webpages spamvertised therein). If you've had a false complaint from SpamCop then your beef is with the submitter, not SpamCop itself - and you should contact SpamCop to take that account offline.
the anti-spam and anti-virus corporations profit f
Re:2004 promises to be interesting (Score:2)
Yup. Spamcop was protecting people by going after the spammers. That is a good thing!
By anti-spam corporations, I meant programs like Outlook for Office that has anti-spam features. These are marketed features that would not exist if spam was anihillated, like it should be!
Hotmail subscriptions offer more features to protect against spam, if you pay extra.
Without spam, there isn't a reason for users to be enticed to pay money to prevent it.
Without viru
Re:2004 promises to be interesting (Score:2)
Re:2004 promises to be interesting (Score:2)
I made ya a friend for your trouble.
Re:2004 promises to be interesting (Score:2)
Interesting assertion. Care to back it up, by disclosing this great plan for the removal of all drugs from our streets (working within the boundaries of the US Constitution and Legal system, as cops must) or do you prefer to just sit back and slander pe
Re:2004 promises to be interesting (Score:2)
Don't be stupid. The USA is always going on about market economies and how they are the best way of allocating resources; you need to realize this is just an example of a market. Drug sales are just a market and, as long as you have demand, you will have
Re:2004 promises to be interesting (Score:2)
That's good advice.
The drug war is a sham because you can never completely cut off supply.
I agree!
The only way to kill drug crime is to flood the market with cheap drugs so that its no longer profitable for criminals,...
Spoken like someone who doesn't have any kids.
I like this second part better.
Re:2004 promises to be interesting (Score:2)
Spoken like someone who doesn't have any kids.
I expect what makes drug use look appealing to kids falls under 2 main categories, 1) a change from their everyday life (which may be ugly or seem ugly because of poverty, crappy scholastic environments, abusive home life, just boredom, or something else) and 2) peer pressure that drugs are exciting because they're forbidden.
Spend enough
Re:2004 promises to be interesting (Score:2, Interesting)
Re:2004 promises to be interesting (Score:4, Funny)
Analysis in my journal (Score:2)
here [slashdot.org]
Distrubited Blacklist (Score:5, Interesting)
Re:Distrubited Blacklist (Score:4, Interesting)
Re:Distrubited Blacklist (Score:2)
Re:Distrubited Blacklist (Score:2)
Bayesian filters have the downside that spammers will eventually craft emails so bland that they cannot be filtered without tagging a lot of legitimate email.
The problem with spam is that it combines 2 qualities - it is in bulk and it is unsolicited. If senders of unsolicited email could be restricted in quantity (to, say, a couple
Re:Distrubited Blacklist (Score:2)
I do not think so. It might make it slightly more difficult for someone to spontaneously set up a SMTP relay, but the benefits exponentially outweigh any inconveniences imposed.
Look at it this way. The way the current SMTP system is set up, it's analagous to a TLD system that requires no registration: anyone can flip on a SMTP
Re:Distrubited Blacklist (Score:2)
Where do relays come into this? We are talking about end users running whitelists, right?
The way the current SMTP system is set up, it's analagous to a TLD system that requires no registration: anyone can flip on a SMTP relay and start spewing crap to the Internet with bogus header information which in turn creates DDOS situations.
Hence my proposa
Re:Distrubited Blacklist (Score:2)
Re:Distrubited Blacklist (Score:2)
Re:Distrubited Blacklist (Score:2)
Re:Distrubited Blacklist (Score:2)
Get a clue!
Re:Distrubited Blacklist (Score:2)
Can you actually decipher that one, or am I going to have to explain it to you?
And I still soldier on... (Score:3, Interesting)
It isn't helping, but maybe one of the ones I help get shut down will quit.
Re:And I still soldier on... (Score:2)
Yikes! (Score:5, Insightful)
We need to secure the domain registration/ownership process... seriously... We might not be able to take down microsoft.com, but with this complaint technique, I'm sure we could do some damage to a lot of less high profile companies... We need to get this fixed now! It's almost as bad as being allowed to call your neighbour a terrorist, and have him/her arrested indefinetly, with no proof...
Re:Yikes! (Score:2)
Can't (Score:2)
Unfortunately, that policy can also bite you in the ass. You can't have it both ways.
Re:Yikes! (Score:2)
False, but not falsified. They gave a phone number which was later disconnected, and they forgot to update their registration. Falsified would mean they did what spammers do, and gave fake details from the beginning.
Thorn? It doesn't matter, (Score:5, Insightful)
> good-sized thorn in the sides of a number of
> spammers.
Maybe, but maybe not. The DOS attacks by spammers have been getting pretty brazen of late. SpamCop's a well-known name, and that's probably all it took to make it the target of an attack, regardless of how effective it is.
They've gotten almost no resistance to the attacks they've launched so far. They've got no reason not to launch an attack on anyone who even attempts to block spam at this point.
Re:Thorn? It doesn't matter, (Score:2)
I religiously reported problem emails to Spamcop, for about a year straight, and only *once* did an ISP actually write me back to report that they removed someone's account, and thanked me for reporting the issue. On t
Re:Thorn? It doesn't matter, (Score:2)
I also believe that it's in the spammers best interest to remove your email address from lists. After all, your address is now a 'active spamcop reporter' address, and is poison for their spamming efforts.
(This doesn't apply to the virus/distrubuted spammers, of course, since spamcop and other IP-based block lists ar
Re:Thorn? It doesn't matter, (Score:2)
Re:Thorn? It doesn't matter, (Score:2)
Blocking china wont block where most of the spam comes FROM, though.
More's the pity.
Surge in spam (Score:5, Interesting)
Re:Surge in spam (Score:2)
At the office, over 20,000 are deleted off the bat, and that doesnt include what gets thru.. ( though that is a major domain with over 40,000 users.. )
Re:Surge in spam (Score:2)
Mine has doubled (at a minimum) over the last 6 months. I regularly purge 100-200 spam messages a day, though some days it's much lighter.
Re:Surge in spam (Score:2, Interesting)
The good news is that with Bayesian filtering I only saw 13 of them in October.
Interestingly, my Bayesian filter continues to increase in accuracy. In October I was up to 99.8%. My guess is that they're increasing the number of times they do each spam run and that only makes Bayesian that much more accurate. That's the explanation I have for seeing such an increase in the volume
Re:Surge in spam (Score:2)
I am on a simple cable modem, but the rogers network has been having huge problems the last while(virus, trojans, headend issues, DNS issues, DHCP server issues, on and on). I wonder if they(spammers) pay attention to the fact that rogers has recently upped the speeds from 1.5mbps to 3mbps; were unsure if this is perm. yet or not. But it could be and that would be boon to the spamm
How effective is SpamCop? (Score:5, Interesting)
Problem being, that several of the network authorities are huge megacorps where the complaints get filed with the rest of 98,000 or are spamhosts themselves.
I gave up in favor of SpamAssassin and Mozilla's spam filtering, which turned out to be far more effective.
Isn't effectiveness the whole reason eight-year-olds tattle in the first place? ("Billy hit me!" Billy gets in trouble. (And Tommy gets beaten up after school.)) Somehow, I don't think enough spammers got in trouble.
Re:How effective is SpamCop? (Score:3, Insightful)
Re:How effective is SpamCop? (Score:4, Insightful)
Had they taken the thirty seconds to actually look at the headers, it'd've been obvious that I was, effectively, as much a victim of the spam as my user.
A "disconnect first, ask questions later" policy is fine, assuming you bother to ever actually ask.
Re:How effective is SpamCop? (Score:3, Interesting)
Re:How effective is SpamCop? (Score:3, Informative)
Regarding Joker registrar policy wrt to validation procedures, I suppose that the fact that SpamCop goes away tells it all.
Re:How effective is SpamCop? (Score:5, Insightful)
You could utilize some minimal checks like forward dns or just a HELO name check, which my company used for a while. But, there are SOOO many exchange servers out there that identify themselves as "microsoft.msft" (which is of course not correct) that some of our clients couldn't get their mail. They'd call, "Hey, so and so can't send me email." I'd telnet to their port 25 and check what they returned in their HELO... sure enough, it was incorrect, so I'd notify the administrator and our client that their email server is not configured correctly (and it's an open relay to boot). A couple of days later this client would call again saying, "Other people can receive this guy's email, but I can't. What's wrong with your server?"
After a while, it's just a perception problem. You've got to be able to receive from everybody (except the absolute worst spammers). So we accept all mail and tag it with spamassassin using the X-Spam-Status tag. Clients then can filter it and check at their leisure. If they have a little more no-how, we tell them to download and install mozilla-mail or thunderbird with built in spam filtering. You've got to train it, but it works.
Email is too important and too ubiquitous to be screwed around with. The surest and best way to deal with spam is to filter/tag at the end user or ISP. Legislation won't cut it. Threats won't cut it. Whitelists/Blacklists won't work. You can't even rely on first line HELO identification checks. There are just too many monkeys who've set up email servers out there.
And just think about this: even ipv6 STILL isn't widely deployed.
Re:How effective is SpamCop? (Score:2)
I'm glad someone finally got it right. Let's come up with a technical solution instead of a legislative solution. This way, everyone is fr
Re:How effective is SpamCop? (Score:2)
Re:How effective is SpamCop? (Score:2)
The HELO check was a life saver during sobig. And I don't care who you are, reporting yourself as microsoft.msft is just stupid even through a nat'd connection.
One more thing... magic must defeat magic!!
Re:How effective is SpamCop? -- We Love It! (Score:2, Informative)
The SpamCop reports have ALL the information we need (timestamps with time zone are crucial) to track dow
Re:How effective is SpamCop? (Score:2)
Re:How effective is SpamCop? (Score:2)
I used to work at the helpdesk at a small dial-up ISP. I ended up taking care of abuse complaints, and SpamCop came in handy many times. For a while we had a spammer sign up once a month for a throwaway account, and the very first indication was always SpamCop. I flatter myself that after being shut down a few times in a row, he went elsewhere.
SpamCop is easy to use, quick, and it provides the admin with all the information she needs.
Re:How effective is SpamCop? (Score:2)
I gave up in favor of SpamAssassin and Mozilla's spam filtering, which turned out to be far more effective.
That depends on your goal. You apparently want to not see the spam after it's sent, but don't care about paying for it's transmission. Some people care about the latter and view the spam problem as a social one that must be addressed.
Re:How effective is SpamCop? (Score:2)
Re:How effective is SpamCop? (Score:2)
Re:How effective is SpamCop? (Score:2)
2) I'm not convinced by Bayesian filters. It took tens or hundreds of Sven viruses before Mozilla started automatically moving it to my junk folder. I would say that half the stuff that get's past Yahoo also gets past Mozilla, even though I've trained Mozilla with about 15,000 pieces of mail (half-and-half junk and not junk).
Re:How effective is SpamCop? (Score:2, Interesting)
What the spammers may have latched onto is the concept of overfitting. However due to implementation details, this shouldn't be a problem unless those ope
DNS (Score:2)
When I send mail to spamcop, my ISP's mail server bounces it with a fatal DNS error.
Spamcop's a waste of time. (Score:4, Insightful)
It would be far more effective to simply drop any SMTP connections from networks in Brazil or China. Even better would be to actively scan emails for links pointing to that IP space, and dump any messages received. This would eliminate most spam from user mailboxes.
Spamcop is a nice parser, though, for those rare occasions in which reporting would do any good. Unfortunately, they're in bed with Cyveillance--don't forget to uncheck that box to avoid helping them.
Re:Spamcop's a waste of time. (Score:2)
Being that I"ve used Spamcop now for 3 or 4 years, just curious.
Re:Spamcop's a waste of time. (Score:2)
Why?
Re:Spamcop's a waste of time. (Score:2, Interesting)
Re:Spamcop's a waste of time. (Score:5, Insightful)
Alternatively, you can simply drop all SMTP connections from the entire IPv4 address space! That would eliminatate all spam from user mailboxes!
P.S. I'm being sarcastic, but blanket bans suck [somethingawful.com].
Re:Spamcop's a waste of time. (Score:3, Interesting)
P.S. I'm being sarcastic, but blanket bans suck.
Banning is the proper way to deal with unethical Internet activity. There's nothing wrong with it. If an ISP chooses to allow unethical behavior to occur on its network then it will need to learn to deal with the consequences of the rest of the Internet shunning it. Sure, it hurts innocent people, but people sh
Re:Spamcop's a waste of time. (Score:2)
There are several levels. The "complain to the ISP" is just one of Spamcop's services. Their network employs an automated system maintaining a real-time relay blacklist based on spam reports. Even if the ISP doesn't respond or take action, rogue smtp relays will be automatically blacklisted and participating networks will begin to refuse to accept mail from these systems, whether the ISP chooses to deal with it or not.
well (Score:2)
I wonder how much better a distributed system would work . .
SpamCop costs (Score:5, Interesting)
The spammers are doing everything they can to squeeze the anti-spammers out. They use frivolous lawsuits (aka Mark Felstein and his porn spamming backers) or DDOS attacks that either knock the anti-spam resources off completely or increase the costs so that no hobbyist can run them.
And while all this is going on, the law enforcement agencies are doing nothing to counter the clearly illegal acts of the spammers.
And ISPs are doing NOTHING to reduce the number of zombies on their networks. So the DDOS attacks continue.
Nice going.
It's only a matter of time when someone (Al Queda?) will use the zombie network for something that will truly be noticed.
Proletariat of the world, unite to kill spammers
Re:SpamCop costs (Score:3, Interesting)
Re:SpamCop costs (Score:2)
"We are 100% certain that they have Zombies of Mass Destruction" - GW Bush
'A false Complaint' (Score:2)
Just wonderful... (Score:3, Funny)
Complaints don't work (Score:3, Interesting)
We do the following:
1. Opt-out only. You do business with us, you're on the list and have to taken yourself off of it to stop getting our mailings. There is no choice to opt-out at time of purchase, no choice to omit your email address.
2. Sell your address to our partners. Our contracts with our partners requires us to collect addresses when we make a sale for them, and pass the address lists along.
3. Pass off opting out of partners' lists to our partners.
(We spell all this out in the online Terms of Service which is displayed before a customer makes a purchase. People still buy).
Still, with all these "bad practices" in place, we only get a dozen complaints out of several million spams sent. We're on AOL's whitelist of approved spammers^Wmarketers whose mailings bypass their spam filters. We're on other ISP whitelists, too. If we get a Spamcop complaint, I dutifully click on the link in the notice, check "account terminated" and that's the end of it. But with only a handful of them each week, I can take care of the Abuse mailbox in less than a hour a week. Anti-spammers have had no adverse effect on us in the four years we've been doing it this way.
lawsuit? (Score:2, Insightful)
On top of that, there is ofcourse the question of: how is this possible? are there rules for actions of this kind? returning a fax is, IMHO, inde
New email worm that DDoS's Spamcop/SPEWS/Spamhaus (Score:4, Informative)
There is a new email worm called W32/Mimail-E that is designed to create a distributed denial of service attack on the anti-spam websites of spamcop, SPEWS, and spamhause. See: sophos write-up [sophos.com].
Was it an attempted LART? (Score:3, Interesting)
There is no proven connection between the issues at the registrar and Jamie Baillie's attempt to have SpamCop shut down, but the complaint to Joker (the registrar) was anonymous and clearly vindictive.
Oh yes.. the domain name cesmail.net will often work in place of spamcop.net for those still struggling to get through.
Spamcop is infuriating - can't interpret anything (Score:2)
So I tried this
Re:Spamcop is infuriating - can't interpret anythi (Score:2)
What's it like to live your life at Defcon 1 with Outlook?
Re:Spamcop is infuriating - can't interpret anythi (Score:2)
Outlook doesn't forward all the headers properly if you just use the "Forward" button which makes trying to submit spam that way useless. There is a way to get the complete headers, but it's time consuming, so SpamSource makes things much easier.
It's partially free, depending on what features you enable. Hopefully someone will create a totally free full featured workalike eventually.
Outlook is the problem - read the FAQ (Score:2)
Spamcop has a detailed explainantion [spamcop.net] of the issues with the way the Outlook forwards mail. They also have suggested workarounds for Lookout's shortcomings.
Joker.com's lack of due diligence. (Score:2)
They *assume* that email is a reliable way of contacting someone, but the *require* you to fax a document to them. I do not even have a fax machine and, off hand, I don't know where I could send a fax from the US to Germany. I suspect that it would cost at least a couple of bucks and would take a fair amount of time.
They sent *one* email before shutting the domain down. They did not reply to the (one) email that was
Spamcop works! (Score:2)
There have been times when I have reported spam to Spamcop and received an apology from the spammer's ISP less than two hours later.
SpamCop's odd choices for providers? (Score:4, Interesting)
Second, on their pages, they have at the top a recommendation for a specific web hosting company, presumably the one they use--this isn't a banner ad, but rather an ad written right into their HTML, so it sure looks like it is their personal recommendation for web hosting. When I was looking for a new hosting company for my site, I wanted to find one that was not soft on spam, so that I would not have to worry about ending up in SPEWS, and figured that the one SpamCop uses would have to be good. Checked out their plans, and they were good. I was ready to sign up, but decided it would be dumb not to at least Google a bit...and I found that that hosting company does NOT have a good reputation in the anti-spam community!
You'd think one sure-fire way to find a white-hat ISP would be to use the one that a major anti-spam site recommends, so this was quite a shock.
Spamcop works (Score:3, Informative)
I still think by the time spamcop gets to us it's too late though. You can't unsend spam, once it's out it's out. They'll just get a different account on another host. What we need is some kind of filtering on the incoming and outgoing sides. Or the world could just switch to something besides Outlook, which helps these viruses and worms propagate.
Best working solution we have right now (Score:3, Interesting)
In the last 24 hours, one of my modest-sized mail servers reported these stats:
accepted mail: 2480 messages
spamcop blacklist rejected mail: 8216 messages
This is with no legitimate mail being blocked and a rather conservative set of relay blacklist rules.
That's more than 70% of the e-mail we receive clearly identified as spam and rejected at the server level.
But at least we stop the spammer as soon as he connects. We don't receive any of the junk e-mail once we identify mail coming from a known spam source. This reduces our operational costs, tax on hardware and software and available bandwidth to all users. Client-side filtering consumes all these resources and offloads the burden on the end-user to pay for software that still does not effectively deal with spam.
When you employ client-side filtering you do NOT stop spam; you do NOT reduce anyone's operational cost. When you deny mail relay access from spammers you DO cost the spammers time and money!
Spamcop has proven itself to be the most effective and productive solution at present, which is why it's being targetted by spammers. Using Spamcop's RBL, spammers can't even connect to participating networks. When you employ client-side filtering, you help spammers because their argument for de-regulation of spam involves putting the cost burden on the users - all they care about is delivering X messages and that is still accomplished, whether your mail filter catches it or you manually delete the junk, so this "solution" encourages future spam activity and also breathes more life into companies like Symantec that actually profit from the spam epidemic.
There are only two more-effective solutions to the spam problem: 1. The Federal Government finally deciding to pursue the spammers who break into computer systems (which has been illegal since before the Internet existed), and the employment of a sanctioned smtp whitelist.
I posted a previous comment with my detailed analysis of the issue and exactly how it can be realistically solved. [slashdot.org]
Re:Best working solution we have right now (Score:2)
Believe me. My clients let me know pretty darn quickly if any legitimate mail gets blocked. Our system bounces the e-mail with a URL to a page where they can contact us to let us know that their
Spambayes (Score:2, Informative)
Just use <A href="http://spambayes.sourceforge.net/">SpamBaye
Re:SpamCop doesn't work.. (Score:3, Interesting)
I'm a spamcop member but I realized that whenever I reported spam, I'd start getting more emails a few days later. I stopped reporting them and the number of messages went down a few weeks later.
A couple weeks ago I thought I was just being paranoid, so I started reporting them again. Same thing happened.
Overall they are doing a great service. But somehow (random letters, or reports being sent to the wrong people), my add
Re:SpamCop doesn't work.. (Score:2)
I had exactly the opposite experience. I've been a regular Spamcop user since last year. For about a month this spring I was too busy, and stopped reporting, and the amount of spam I was receiving doubled. It's kept fairly steady since then.
I suspect that my name is listwashed by some spammers, and added to ot
Re:good service (Score:2)
Re:Funny, but evil (Score:5, Informative)
That's funny because a false complaint against us by spamcop led to all our servers being off the net for a day last year. They did ZERO research on the complaint and took it straight to our ISP (rather than trying to contact us by our abundant and up-to-date contact info available in our emails and on our websites). Their conduct was beyond reckless, it was vicious.
I'm all for good anti-spam but those guys can bite me. Serves them right IMHO.
Re:Funny, but evil (Score:2)
Re:Funny, but evil (Score:2)
A user types in an email they say is spam and asks SpamCop to process the email. Spamcop uses a variety of techniques to track down the administrators responsible for the originating IP, and for web pages and email addresses linked in the email, and gives users the option of sending email to the administrators it finds.
You're not required to do this, but if you register an abuse address at abuse.net then SpamCop will find it.
Besides, shouldn't your gripe read: M