Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > any ideas how to stop this

Reply
Thread Tools

any ideas how to stop this

 
 
Rich
Guest
Posts: n/a
 
      05-06-2005
I know GetViagraNow.Com is one of the biggest spam clearing houses on the
net. I have tried to block their unsolicited junk for about 8 months now. I
don't know if it is related but I have had more virus attacks on my computer
since their junk email has come in. It feels like it is coming from them. I
have tried getting my isp to block them but Bellsouth.net has been no help
at all, for the past months they have been sending me around in circles
saying send us email-no call tech support-then you call tech support and
they tell you to email them with the problem. I have sent them emails of the
spam I am getting and after the first couple of times, they blocked me from
emailing tech support. Bunch of great guys. You would think they would care
because obviously these spammers are sending mail to all of bellsouth's
customers, but it is like they don't care or they are in it with the
spammers.
In despiration I even contacted the offender-GetViagraNow.com at their site
through their communications system but they didn't respond and there has
been no change. I still get 30 of the exact same email every day.
Anybody know how to block them?
Appreciate any help.
RichMason101(at)hotmail
Thanks


 
Reply With Quote
 
 
 
 
Michael Pelletier
Guest
Posts: n/a
 
      05-06-2005
Rich wrote:

> I know GetViagraNow.Com is one of the biggest spam clearing houses on the
> net. I have tried to block their unsolicited junk for about 8 months now.
> I don't know if it is related but I have had more virus attacks on my
> computer
> since their junk email has come in. It feels like it is coming from them.
> I have tried getting my isp to block them but Bellsouth.net has been no
> help at all, for the past months they have been sending me around in
> circles saying send us email-no call tech support-then you call tech
> support and they tell you to email them with the problem. I have sent them
> emails of the spam I am getting and after the first couple of times, they
> blocked me from emailing tech support. Bunch of great guys. You would
> think they would care because obviously these spammers are sending mail to
> all of bellsouth's customers, but it is like they don't care or they are
> in it with the spammers.
> In despiration I even contacted the offender-GetViagraNow.com at their
> site through their communications system but they didn't respond and there
> has been no change. I still get 30 of the exact same email every day.
> Anybody know how to block them?
> Appreciate any help.
> RichMason101(at)hotmail
> Thanks


It sound like you are using email from BellSouth? Are you using their email
servers or do you have your own? Please describe your "setup".

Michael
--
"Trusted Computing" is a SCAM
http://www.gnu.org/philosophy/can-you-trust.html

Protect your rights
http://www.eff.org/
http://www.publicknowledge.org/
 
Reply With Quote
 
 
 
 
Jim Watt
Guest
Posts: n/a
 
      05-06-2005
On Fri, 06 May 2005 03:05:50 GMT, "Rich" <(E-Mail Removed)>
wrote:

>I know GetViagraNow.Com is one of the biggest spam clearing houses on the
>net. I have tried to block their unsolicited junk for about 8 months now.


You are on a kicking to nowhere with Bellsouth, I spent a lot of time
on the phone to them at their expense trying to eliminate a
particularly nasty daily email originating from their IP block.

Get an email service that provides filtering.


--
Jim Watt
http://www.gibnet.com
 
Reply With Quote
 
Moe Trin
Guest
Posts: n/a
 
      05-06-2005
In article <iaBee.3518$(E-Mail Removed)> , Rich wrote:

>I know GetViagraNow.Com is one of the biggest spam clearing houses on the
>net. I have tried to block their unsolicited junk for about 8 months now.


http://www.stopspam.org/email/headers.html Most spam is sent by overseas
systems hired for the task, and zombie computers (computers owned by fools
who shouldn't be trusted with something as complicated as a hammer, and
therefore filled with viruses and worms that allow spammers to send mail
from everywhere). Spam is rarely sent 'direct' from the spammer.

>I don't know if it is related but I have had more virus attacks on my
>computer since their junk email has come in.


Probably a coincidence. But then, what are you using as a browser?

>It feels like it is coming from them.


What gives you that indication?

>I have tried getting my isp to block them but Bellsouth.net has been no help
>at all, for the past months they have been sending me around in circles
>saying send us email-no call tech support-then you call tech support and
>they tell you to email them with the problem. I have sent them emails of the
>spam I am getting and after the first couple of times, they blocked me from
>emailing tech support. Bunch of great guys. You would think they would care
>because obviously these spammers are sending mail to all of bellsouth's
>customers, but it is like they don't care or they are in it with the
>spammers.


Actually, a lot of the world blocks mail (or everything) from SBC and it's
various children (snet.com, bellsouth, swbell, pacbell, pbi, ameritech
among others) simply because they do absolutely nothing to rein in the
abuse that comes from their networks. As for 'GetViagraNow.Com', that's
a domain in the spam capital of the world 'Southern Florida" and is hosted
by Internap Network - themselves largely blocked by the rest of the world.
Try reading the newsgroups 'news.admin.net-abuse.blocklisting' to gain an
insight of who is naughty, and who is nicer.

>In despiration I even contacted the offender-GetViagraNow.com at their site
>through their communications system but they didn't respond and there has
>been no change. I still get 30 of the exact same email every day.


Congratulations - you did the big no-no, and confirmed to GetViagraNow.com
that your's is a working address with someone reading the crap. Your address
will be (if it hasn't already been so) sold to spammers as a live one.

>Anybody know how to block them?


1. Close the current account at bellsouth. The address is known to be
a sucker - and is going to be inundated with spam. You think it was bad,
you ain't seen nothing yet.

2. Get a new account, preferably with someone other than bellsouth. If
you expect to use the account for mail, choose a username that doesn't have
your real name, but something "close", but unlikely to be found in a phone
book, or dictionary. If you DON'T plan on using it for mail (or only
mail from a very limited number of people) choose a username of RANDOM
letters/numbers. For the public usernames, I send the output of a
random character generator (in UNIX, it's called /dev/random - microsoft
hasn't invented that yet) through a binary to printable_character converter
(uuencode, or mimencode) and use the first 8 characters of that string.
That gives names like 'muUECA3N', 'wYW0xAJ1' or 'UbXPaOBD'

3. Don't post a real username ANYWHERE.

4, Don't EVER respond to SPAM. You are posting with Outhouse Express, and
really shouldn't be using it at all, because it likes to help you by
auto-opening (and sometimes auto-installing) every piece of sewage that
may come through the mail, or appear on the web pages you may visit. The
spammer sees your mail tool coming to the hidden URL in the mail, and knows
someone is reading the mail - you. That brings on more spam. OE is also
the vector used by most viruses and trojans to infect your system.
ANYTHING ELSE would be a better tool.

Old guy
 
Reply With Quote
 
Jon
Guest
Posts: n/a
 
      05-07-2005
>...choose a username that doesn't have your real name, but something
>close", but unlikely to be found in a phone book, or dictionary. If
>you DON'T plan on using it for mail (or only mail from a very limited
>number of people) choose a username of RANDOM letters/numbers. For
>the public usernames, I send the output of a random character
>generator (in UNIX, it's called /dev/random - microsoft hasn't
>invented that yet) through a binary to printable_character converter
>(uuencode, or mimencode) and use the first 8 characters of that
>string. That gives names like 'muUECA3N', 'wYW0xAJ1' or 'UbXPaOBD'


What would be the purpose of that? I haven't heard of spammers using
cracking software.


Jon

 
Reply With Quote
 
Moe Trin
Guest
Posts: n/a
 
      05-09-2005
In article <(E-Mail Removed) .com>, Jon wrote:

>>...choose a username that doesn't have your real name, but something
>>close", but unlikely to be found in a phone book, or dictionary.


Note the last phrase

>>If you DON'T plan on using it for mail (or only mail from a very limited
>>number of people) choose a username of RANDOM letters/numbers. For
>>the public usernames, I send the output of a random character
>>generator [...] through a binary to printable_character converter
>>(uuencode, or mimencode) and use the first 8 characters of that
>>string. That gives names like 'muUECA3N', 'wYW0xAJ1' or 'UbXPaOBD'

>
>What would be the purpose of that? I haven't heard of spammers using
>cracking software.


I haven't heard of them doing so either, and even if they did decode
those eight character names, they'd get the output of /dev/random

[compton ~]$ whatis random
random (3) - random number generator
random (4) - kernel random number source devices
[compton ~]$

which is a statistically random string of characters from 0x00 through
0xFF. The encoding is merely to convert this string, which includes 62%
unprintable characters into ASCII required by RFC0822/2822.

To find out why I am using this technique, go to groups.google.com, and
search the newsgroup 'comp.mail.sendmail' for the words 'dictionary attack'.
Briefly, spammers (or their support crew) are connecting to mail servers,
and trying to "send" mail to names apparently taken out of phonebooks,
often with a single letter prepending, or post-pending. If you understand
regular expressions, this means (for example) "[a-z]jones" and "jones[a-z]".
(The names tried may also include 'name' post-pended with 1 to 4 digits.)
They close the connection after trying 10-50 names, without sending a mail
body (which shows up in the logs). They are depending on the mail server
returning a "250" result code for valid names, and a "550" for invalid
names to harvest a list of valid addresses which can be spammed/sold. See
section 3.1 (bottom of page 4) of RFC0821 or section 3.3 (middle of page
17) of RFC2821.

Old guy

 
Reply With Quote
 
Frode
Guest
Posts: n/a
 
      05-09-2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Rich wrote:
>In despiration I even contacted the offender-GetViagraNow.com at their
>site through their communications system but they didn't respond and there
>has
>been no change. I still get 30 of the exact same email every day.
>Anybody know how to block them?


Assuming you're talking about a POP3 based mail account:

http://keir.net/k9.html
and
http://www.spampal.org/

Spend a few weeks training K9, then make a rule in your mail program to
auto-move any mail that scores a hit from both of the above to trash. And
another rule to move the ones that get marked by only one of the above to a
"suspect" folder.

Almost 70% of the mail I get every day (roughly 100) is spam, and the
combination of K9 + Spampal is ridiculously effective in my experience.
I've seen a single spam in my inbox in the past 400 or so days. And I'm
getting a quite easy to handle 1-5 in the "suspicious" folder.

If the mails you're talking about are really identical, K9 will block them
consistently after your first day, regardless of point of origin.



- --
Frode


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQn+uyeXlGBWTt1afEQI88gCg/CTuEEW/inToVhzFgQlBhr/nmZsAoKgK
wZfMnfRf86a5m11xUL9M/ou5
=q4LS
-----END PGP SIGNATURE-----

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: How include a large array? Edward A. Falk C Programming 1 04-04-2013 08:07 PM
Re: Ideas for a signature to stop FWD emails richard Computer Support 9 01-09-2010 11:03 PM
Re: Ideas for a signature to stop FWD emails Mike Easter Computer Support 0 01-09-2010 02:10 AM
501 PIX "deny any any" "allow any any" Any Anybody? Networking Student Cisco 4 11-16-2006 10:40 PM
Cant view any icons that are saved on my desktop>? any ideas Fokker Computer Support 3 09-20-2003 09:00 PM



Advertisments