Man gets nine years for spamming

Discussion in 'Computer Security' started by Jim Watt, Apr 9, 2005.

  1. Jim Watt

    donnie Guest

    ##########################
    That's not a very good analogy at all. I won't even answer that.
    donnie
     
    donnie, Apr 11, 2005
    #21
    1. Advertisements


  2. Oh neither do I...but the problem I have is that these one liners are very
    difficult to kill because I could easily send an email to someone like
    that. For example:

    Real email to a friend:

    Hey check out http://www.realwebsite.com

    Where the one line SPAM is almost exact but, with the site they are
    advertising. For example:

    SPAM one liner:

    Check out http://www.myspamsite.com

    How do you distinguish between them? Most get caught with my many DNSBLs but
    occasionally some get through...

    What is your technique?
    Michael
     
    Michael Pelletier, Apr 11, 2005
    #22
    1. Advertisements

  3. Don't argue with Jim-the-gerbil-man. Remember the saying "Never argue with
    the village idiot"...

    Michael
     
    Michael Pelletier, Apr 11, 2005
    #23
  4. Jim Watt

    optikl Guest

    I have a friends list that is pretty narrowly defined. I haven't run
    into the situation you describe. I very rarely accept email from sources
    that aren't on my friends list. Now, that may preclude legitimate mail
    from getting through, but that's more likely to be the senders loss
    rather than mine. For work email, I do a cursory review of the domain
    names, sender names and subjects of any mail I might consider reading.
    So far, I haven't downloaded any SPAM. But, I do see your point.
     
    optikl, Apr 11, 2005
    #24
  5. Jim Watt

    Jim Watt Guest

    On Sun, 10 Apr 2005 17:02:34 -0700, Michael Pelletier

    <nonsense snipped>

    Filtering spam is not the solution, it still takes up bandwith to
    receive, and computer resources to process it.

    However good the filters might be the spammers change their
    tactics to mimic genuine messages so some gets though and
    even worse some genuine messages get trashed, which mean
    one either has to manually review the trash, or suffer possible
    economic loss

    Thats why the law is needed, although a rethink of the
    entire email system is the final solution, not the current
    sticking plaster methods.
     
    Jim Watt, Apr 11, 2005
    #25
  6. Jim Watt

    Solbu Guest

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    if he instead raped someone and confessed
    he would only get 1, maybe 2 years.


    Clearly SPAM is more dangerous that destroying someones life.
    :-\

    - --
    Solbu - http://www.solbu.net
    Remove 'ugyldig' for email
    PGP key ID: 0xFA687324
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.1 (GNU/Linux)

    iD8DBQFCWu9jT1rWTfpocyQRAubuAKC8bbpK/7xj1xdpDISXBQYKecbc3gCg+fmf
    7ePACtJtjouEC5y8j+HUAB4=
    =SUGE
    -----END PGP SIGNATURE-----
     
    Solbu, Apr 11, 2005
    #26
  7. Jim Watt

    Jim Watt Guest

    That sounds unsubstantiated nonsense, however traditionally
    crimes against property have been treated more seriously than
    crimes against people - although hanging for sheep rustling
    is no longer current.

    The thought of going to jail certainly deters me from killing
    spammers.
     
    Jim Watt, Apr 11, 2005
    #27
  8. Jim Watt

    bowgus Guest

    Sure, you're right ... I might enter a contest, not read the rules, and end
    up with say McDoofie's (aka legitimate spammer) e-coupons in my email ...
    but ... I could respond to McDoofie, say no thanks, and the e-coupons would
    (should) stop flowing. I dunno ... if the choice is freedom of the net or no
    freedom (controls), maybe I'll take the freedom and accept the cost of
    filtering at the firewall :) What you don't know can't hurt you? :)
     
    bowgus, Apr 12, 2005
    #28
  9. True. However, bandwidth is get cheaper with the usage of technologies like
    DWDM...and getting cheaper by the day. My ISP just doubled my cable modem
    speed recently, to keep their customers from going to DSL. For free...
    The system I use, and I give more details if you are interested, does not
    lose emails because of filters. I use a multiple layered system and it
    works quite well. I also, report SPAM through the DNSbls I use. This is
    something everyone should do...
    I agree with you. However, this is really an International issue. This is
    why I am not optimistic that the law will really do anything. The SPAMMERS
    will just move to some overseas to countries that really do not care about
    letting SPAMMERS in.


    Michael
     
    Michael Pelletier, Apr 12, 2005
    #29
  10. Jim Watt

    winged Guest

    I don't concur with law change. It seems our legislators have a hard
    time understanding the issue, and always protects someones special
    interest in trying to fix the problem. Additionally currently over 70%
    of our spam comes from external US locations.

    Our site gets 25000 messages a day that hits the filters. We use
    several mechanisms from baysian filtering to inhouse header
    authentication tools. We have difficulty because we do not have a
    predefined narrow band of potential senders.

    I have used the mail washer product. If one sets the filters
    appropriately one can filter inappropriate mail at 100% provided one
    doesn't require receiving mail from unknown sources to do business.
    This works well in many personal situations, however the job is much
    more difficult in the corporate environment. One has to balance the
    company filters against catching legitimate mail. I our situation we
    have to review all messages caught by the filter, just in case
    legitimate traffic is captured (happens).

    I believe this issue will continue until validation protocols and
    traceability is added to e-mail.

    Winged
     
    winged, Apr 12, 2005
    #30
  11. Jim Watt

    Jim Watt Guest

    99% of spam originates in the USA.

    Get rid of it there and close the free email services that are abused
    by the 419 and lottery scams and most of it goes.

    Any 'small country' involved in spamming is easily blocked. I
    curreltly block some larger ones, like Brazil and Argentina.
     
    Jim Watt, Apr 12, 2005
    #31
  12. Jim Watt

    Jim Watt Guest

    I agree 100% on both counts, indeed made both points.

    The real problem is the current email system was never conceived to
    do the job it has to today and it needs to evolve into something
    better. Simply applying a band aid is not the solution.
     
    Jim Watt, Apr 12, 2005
    #32
  13. I am sorry. But I disagree with that. More specifically, my work and home
    email systems record China, East Europe and South America as being 45% of
    the total SPAM I get.

    The SPAMMERS are not dumb. They do what they do for money. Making strict US
    laws will only make them move to some third World country that welcomes the
    business and more specifically the dollars that come with it. That is why I
    said before, I am not opportunistic about anything real being achieved.
    Sure, they got one SPAMMER. This makes me happy but, not opportunistic
    about the problem being resolved.
    I do no think closing free email again will do much. Honestly, in my data, I
    see the following:

    Idiot users who download "freebie" software not knowing that the software
    is a trojan (email bot)

    Idiot IT people that do not know how to configure their systems.

    Also, people should REPORT the SPAM. Use DNSBLs
    (http://spamlinks.net/filter-dnsbl.htm) When you do, you can report the
    SPAM. This helps us all because the IP address of the server is know
    blocked. If more people did this, we ALL could reduce SPAM by at least 80%
    "right of the top"

    Reporting SPAM to a DNSBL is as simple as forwarding the email to an
    address. That is it...


    Michael
     
    Michael Pelletier, Apr 13, 2005
    #33

  14. Guys, we have been debating Spammers for a while. I would like to advise a
    couple of things:

    Please use DNSBLs. It is easy.
    http://sial.org/howto/sendmail/tips/#s5

    You configure it on your email gateway(s). Sign up to report the Spam.
    Reporting it is a easy as just forwarding the email to the special email
    address the DNSBL provider supplies you...At work I made a contact so
    everyone in my company can report spam by forwarding the spam to the
    address in the contact.

    If we all pitch in, we can inflict serious pain of these idiots..

    If anyone is interested I have a lot of experience in many of the GNU apps
    (Spamassasin, Razor, Sendmail, DNSBLs, etc). I would be more than happy to
    help someone and assist in sticking it to the Spammers...

    ....oh ya, and it COSTS NOTHING to implement.....

    Michael
     
    Michael Pelletier, Apr 13, 2005
    #34
  15. Jim Watt

    Leythos Guest

    I use spamhaus and key-word matching filtering in addition to other
    methods. We catch 30%+ in RBLS and another 40% in matches/other methods,
    but we still get about 5% that's getting through....
     
    Leythos, Apr 13, 2005
    #35
  16. Check out razor...and use muliple DNSBls. I had the same problem I now use 4
    and porbably will increase that too. Some of the DNSBLs specialize in black
    listing cable modem/DSL/Dialup user's IP blocks, etc. I would really
    recommend that also.

    In short you need a minuim of 4 DNSBLs...

    Also, do you report the SPAM to the spamhaus?

    Michael
     
    Michael Pelletier, Apr 13, 2005
    #36
  17. Jim Watt

    Leythos Guest

    What ones do you suggest?

    I've tried 3 or 4 at a time, ones that appeared to be quality ones, but
    since we work with people all over the USA, we found some users email was
    being rejected.
    Not yet, we're trying to build an automated script that summarizes the
    spammers source from the emails and then we'll report them.
     
    Leythos, Apr 13, 2005
    #37
  18. Jim Watt

    winged Guest

    Our Spam statistics tend to follow yours on a close order though we are
    getting more than you indicate from foreign hosts. I don't know
    precisely how many messages we drop at the gateways due to IP range
    blocks. What I find interesting is that 35% of what gets through the
    gateways and caught by filters is known exploit code, not counting the
    various phishing schemes. Of course Spamming our site is the only
    method the bad guys have been successful at. We may see more bad guys
    than most sites, our statistics may not be valid for others. At home I
    block everything outside of those in my address book which is fairly
    effective.

    Winged
     
    winged, Apr 13, 2005
    #38
  19. Jim Watt

    winged Guest

    We have had issues using blacklisting. We still use it, however we have
    found it only moderately effective. Additional management overhead
    occurs when legitimate domains get on the list that must be removed.
    This does occur which can lead to DOS for critical communication links
    where critical information can be lost with no audit trail or recovery.
    It may take some days to even notice a legitimate site is on the list.

    Winged
     
    winged, Apr 13, 2005
    #39
  20. ....I almost forgot. You will have issues occasionally with customer mail
    servers being blacklisted. Here is what I do. First, understand that they
    probably were black listed because they have a crappy IT department that
    has not clue about security. In either case, I whitelist all of our
    customers on the email gateway just in case...I have not had a problem
    since....


    Michael
     
    Michael Pelletier, Apr 13, 2005
    #40
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.