Spammer DDoS-By-Virus On spamhaus.org 568
McDutchie writes "Steve Linford of Spamhaus announced in a press release that the latest Wintel virus, W32/Mimail-E, was created by spammers for the specific purpose of DDoS'ing Spamhaus, Spamcop, and SPEWS. It's becoming more and more clear that the spambags are the ones behind the recent mess with the Windows viruses. They must really be getting desperate."
Spam is dying (Score:5, Insightful)
They're annoying (Score:2, Insightful)
Lists of IPs for "antispam" purposes, drive me bananas. I normally run an MTA on my machine, and don't see any reason to relay mail (slower notification of problems, have to remember to change the relay whenever moving from network to network, etc), and there are groups like the DUL that just block swaths of IPs from sending email.
I hate getting spam too, but not as much as I get screwed over by stupid antispam "fixes".
I'm all for
Re:They're annoying (Score:5, Interesting)
Except, of course, that part of SpamAssassin's checks are to use the 'antispam registries' you are complaining about.
Quite frankly, with the current volumes of spam it is impractical to try and run a mailserver for more than a few thousand users without some form of blocklist or having extremely deep pockets. The problem with SpamAssasin is that it actually increases the load on ones mail servers - a variety of checks have to be run on every single mail. By contrast, using a blocklist means that spam can be rejected before the DATA stage, reducing the load on the server, and the bandwidth consumed by spam.
Re:They're annoying (Score:2)
Sure...but I don't use those.
Reject before accept (was Re:They're annoying) (Score:5, Informative)
Re:Reject before accept (was Re:They're annoying) (Score:4, Informative)
Interruption during the data phase will be considered as a network problem and the mail will be resent, for upto five days. Lots of bandwidth wasted.
Stopping before the data implies that only the helo/ehlo, mail from: and rcpt to: have been sent. Stopping after data but before the quit just implies that your server will not deal with the bounce. It does nothing to save your inbound bandwidth.
Re:They're annoying (Score:3, Interesting)
I'd rather jus
Re:They're annoying (Score:4, Insightful)
Here, you're assuming that everyone who has an occasional need to BCC more than 30 people must also have enough need and savvy to run mailing list software, and that's just not so. Occasional personal announcements are probably the leading realworld use of large BCC sets. And a BCC set may change from one use to the next -- why have to admin a mailing list for something that changes every time you use it? Why make life difficult for ordinary users just because spammers abuse the system?
Besides, most of the spam I get IS sent by mailing list, not by BCC.
Your solution would be be like if since one guy pees in the pool, EVERYONE has to wear diapers.
Re:They're annoying (Score:5, Informative)
Hate to rain on your parade here, but SpamAssassin does use blocklists by default (as described in the FAQ [taint.org]). It is the existence of such blocklists that has forced certain major ISPs to stop writing "pink contracts" to known spammers and they are the only anti-spam measure that reduces the cost that ISPs have to bear in terms of mail-server storage and excess bandwidth that spam causes. Rest assured that the spam epidemic would be far worse without DNSBLs and the cost of Internet access far higher.
Whitelists may work for some people, but others may need to keep their inboxes open (e.g. vendor support).
Re:They're annoying (Score:3, Insightful)
You aren't. No need to worry.
but SpamAssassin does use blocklists by default (as described in the FAQ). It is the existence of such blocklists that has forced certain major ISPs to stop writing "pink contracts" to known spammers and they are the only anti-spam measure that reduces the cost that ISPs have to bear in terms of mail-server storage and excess bandwidth that spam causes. Rest assured that the spam epidemic would be far worse without DNSBLs and the cost of Int
Re:They're annoying (Score:3, Insightful)
Thats really grown up of you.... People like you should be forced to use carrier pigeons.
Re:They're annoying (Score:3, Insightful)
No. If IP lists really were an effective solution to spam, then you wouldn't hear a peep out of me.
However, IP listing is an extremely poor solution to the problem. It takes an approach that is simply not tenable in the security world -- attempting to secure *everyone else's system* rather than your own (you have a list of evil servers,
Re:They're annoying (Score:4, Informative)
While it is true that some DNSBLs block entire netblocks, those lists are used by the fewest people. There are a great many DNSBLs one can use to block mail, some are maintained better than others and most have different criteria for inclusion and removal. Use the ones that match your philosophical opinion of spam, don't use the ones that you feel are too extreme.
It's all about freedom of choice!
Re:They're annoying (Score:3, Interesting)
Not all block lists are the same. The only one I can think of off hand that displays the above behavior is SPEWS. And they don't
Re:They're annoying (Score:3, Informative)
In a sane world, your response would be correct. Everyone could choose their own degree of filtering.
Unfortunately, that just isn't the case. I can't control the degree of filtering that happens that the compay where I work, as I'm not a member of IT. Furthermore, I cannot control the degree of filtering that happens to other people that I need to send mail to from *their* IT departments.
ISPs aren't so bad on
Re:and SBC DSL services... (Score:3, Informative)
Then relay your mail through your ISPs SMTP server and move on with life. Suddenly, everything works, and you still have control over your own mail server. This also offloads SMTP re-sends, etc, onto the ISP mail server, rather than your own, which is rather nice.
Re:They're annoying (Score:3, Interesting)
Just out of curiosity, what about whitelisting do you think is non-functional? I've been using a program that, among other things, is an automated whitelist management program. It's called TMDA [tmda.net] and it works fantastically. There are other similar programs.
I'm just curious as to why you think whitelisting is non-functional.
Re:How spammers will get around C-R (Score:3, Interesting)
So, exactly the contrary to what you're saying. The wider spread the use of C/R like TMDA,
Re:They're annoying (Score:5, Interesting)
For personal filtering, nothing beats a good bayesian filter. I use POPFile myself and it's approaching 99% accuracy and I _LOVE_ it.
Spam very, very rarely makes it past, and if it does, it's the generic "check out this site" type message with no other information. Even spammers trying this technique aren't having much success as I'm seeing less and less of it (maybe 1 or 2 message a month make it past the filters).
The next step in anti-spam evolution will be spam-scanning software that automatically follows links back to webpages and looks for "spammy" content and tags the message as spam in the email system.
For those out there that havn't tried a bayesian form of filtering yet, give POPFile a try: (http://popfile.sourceforge.net/). Just be sure to read the instructions.
FWIW, Spamassassin can do Baysian (Score:3, Informative)
It can also optionally "autolearn", where decisions about what is spam based on existing knowledge can be used to provide automatic learning input for the Baysian system for future emails.
Re:They're annoying (Score:3, Interesting)
Re:They're annoying (Score:3, Interesting)
I'm seeing a different tactic to get around the bayesian filtering. I've noticed large sections of text, totally unrelated to the product being sold in the body of the spam message, i.e. parts of books (I recongnized Dracula in one), space shuttle reports, etc. Th
Re:Spam is dying (Score:5, Insightful)
Getting less spam lately or seeing less spam?
The distinction is critical.
KFG
Re:Spam is dying (Score:5, Interesting)
No, I cannot concur here. In the last two weeks, I've noticed that the reject rate on my filters has gone up by a surprising amount. I use a custom access table, backed up by several RBL lookups done by postfix, with SpamAssassin on the backend to catch anything that does make it through the initial gauntlet.
Looking back through my logs, I've only got three weeks saved, but here's the breakdown of rejects for each week:
Week ending Oct 18 - 122
Week ending Oct 25 - 250
Week ending Nov 1 - 214
0400 Yesterday through now - 37
Note that I'm seeing hits on addresses that have never existed here, i.e. webaster@$mydomain (yes, the spelling mistake in webaster is theirs, not mine), spammers_lie@$mydomain (non-deliverable, harvested from my usenet posts), mers_lie@$mydomain (trying to remove the obfuscation I might have put in), and now I'm seeing the idiots try to get their crap through by using a non-existent address, john@$mydomain, as the "mail from:" value to attempt to get their crap through.
Yes, they've become so desperate that criminal methods aren't below them. All the filtering that's being done has lowered their response rates to where it's no longer as profitable as it used to be. Of course, the mindset of these idiots is that they'll just crank out the spam all that much harder, in all that much more quantity, in order to get the rates back up to something manageable. Of course, it's beyond them to think that if people are no longer interested in their pitches, they might check employment opportunities at the local McDonald's, as that might be more a more lucrative situation for them.
End of the line: (Score:5, Insightful)
Re:End of the line: (Score:5, Insightful)
DDoS (Score:5, Funny)
Chris, taffie down under..
This is nothing new (Score:2, Insightful)
I like this one better... (Score:5, Interesting)
Re:I like this one better... (Score:3, Funny)
This oughtta help (Score:5, Funny)
And in phase two of the attacks spammers craftily create stories containing links to the target spam lists and post them on slashdot. LFTL
Computer Crime (Score:5, Insightful)
Get to work on eliminating spammers and much of our current crop of computer-related woes will just GO AWAY. The only people who would hate for this to happen are the spammers, the hired guns, and companies like Symantec...
Re:Computer Crime (Score:2)
*sniff* *sniff* Do I smell a conspiracy?
I highly doubt a consparicy (Score:3, Insightful)
Also it isn't really clear what is and is not important on the Internet, crime wise or even what should be a crime. I mean some things are pretty clear, like pedophiles luring litt
Re:I highly doubt a consparicy (Score:5, Interesting)
What I think we'll end up with is one of two things:
(1) The internet largely hobbled by draconian rules, regulations and laws and left unusable except for EDI among large corporations. Think of "national security", "public morality" and "piracy" as the reasons here.
(2) The "internet" still exists, but most people connect through "super ISPs" that filter, process and protect their users. Unlike AOL, they actually will be responsible for protecting PCs connected to their networks.
Great News! (Score:5, Funny)
Now we're once step closer to linking spam to al Qaeda. These viruses are terrorist actions, and are more demonstrably more dangerous even than Iraq's nukes!
Once we somehow link spammers to September 11, we can invade them (or maybe just throw them in jail where the other inmates can do the "invading").
Re:Great News! (Score:5, Interesting)
By section 56 [hmso.gov.uk], someone directing an organisation carrying out such a DoS attack is liable to life imprisonment.
How to make the services more spamproof (Score:4, Interesting)
Re:How to make the services more spamproof (Score:4, Insightful)
Re:How to make the services more spamproof (Score:5, Insightful)
Re:How to make the services more spamproof (Score:3, Informative)
Quoting from the MAPS RBL website [mail-abuse.org], with some emphasis added:
A good thing really (Score:5, Insightful)
And fortunately for the rest of us (or unfortunately depending on your point of view), this type of behaviour just makes spammers more of a target for legislation and law enforcement.
Spammers and the future of E-Mail (Score:5, Interesting)
I don't really get it, while spam is increasingly annoying (altough i use a highly customized spam assassin filter i still get about 10 unwanted mails) writing viruses is plainly illegal. But what's the reason for DDoS'ing these sites? The only way to fight the spam is to use mail filters. if people want one they have to customize it themselves to make it actually work.
If the spam keeps increasing as fast as it has in the past few years, the future of mail will be dark... here is my vision: (behold!) you will have a "buddy" list of friendy or coworkers similar to instant messaging services such as ICQ and MSN Messenger and only mails from "thrustworthy" origin gets actually forwarded to you mailbox. not so cool, isn't it? but imho its the only way not to have to delete several dozens of spam a day. (and what annoys me most -> i sometimes accidentially delete mails from friends because they are hidden underneath masses of spam.)
yours
johannes
Re:Spammers and the future of E-Mail (Score:3, Insightful)
If your spam assasin were configured to use one of the black hole lists that they provide, to either mark messages as potential spam, in addition to the filters you have customized, you may get a better
Re:Spammers and the future of E-Mail (Score:4, Interesting)
- Current Virii spread most effectively via MS email products.
- Said products COULD have been "fixed" a long time ago.
- Features that SHOULD have been incorporated into Oulook (prevent external IMG in HTML email, selective Scripting disable, etc) are implemented by other vendors = profit for said vedors.
- MSN hotmail = spam magnet. Solution = MSN 8 = profit.
- more Virii & Spam = more attraction towards centralised email & buddy listing; Largest of which = MSN.
- moving towards a Microsoft "internet"??????
hmmmmmmmm
Re:Spammers and the future of E-Mail (Score:2)
I already use whitelisting... and it works wonderfully, with a couple of tweaks:
What I've found is that I don't mind spam when I'm expecting it... what's annoying about spam is when you think 'hey, I've got mail!' and it
unfortunately untouchable (Score:3, Interesting)
time to continue using spamassasin. it works pretty much 100% for me. it's not really the most ideal solution (the ideal solution being saving the bandwith used by spam by not allowing delivery), but it does same the man-time in trashing spam.
Re:unfortunately untouchable (Score:5, Informative)
These cyber-crimes should be addressed in the same way as any other (international crime). Your national law enforcement officers should track down the country of residence of the culprit and/or send out an international search warrant. Contrary to popular belief, 'overseas' isn't some backwards region whose citizens have barely discovered the abacus. In many countries, writing or distributing virii is a crime, as is executing DDOS attacks. Which is good, because it means law enforcement in those countries will generally assist in bringing these criminals to justice.
If you want to complain about nothing happening, complain to your local cybercops.
Re:unfortunately untouchable (Score:3, Funny)
This may actually be good (Score:4, Insightful)
Re:This may actually be good (Score:2)
Re:This may actually be good (Score:4, Insightful)
Y'all need to have a talk with Ron Guilmette, owner/operator of monkeys.com. Ron was running a very extensive network of proxy honeypots and using it to collate and publish data about various ISP's harboring proxy-abusing spammers. His data proved essential in identifying the outfits responsible for the virus-related abuse that we're seeing now. Ron also ran the proxies.monkeys.com blocklist, which was terribly good at filitering spam for me and many others.
Back at tail end of August, beginning of September, he was knocked off the net when monkeys.com came under dDoS attacks, most notably from machines known to be infected by viruses, all harboring open proxy software installed by the virus. He called the local police, who had to be coerced, he says, to come out and take a report. The FBI wasn't even interested enough to come out and take a look at his data. If you cannot prove a minimum of $5k worth of damages, you're shit out of luck.
Why it won't happen (Score:5, Insightful)
The basic problem is that the DOJ is a political institution. It's not a neutral enforcement institution seeking to punish lawbreakers. Who and how it decides to punish people are political decisions, deeply influenced by the political needs and goals of the administration. Spam and spammers have too many growing ties to people important to the Republican administration and its pro-corporate, pro-business financial backers. A real crackdown on spam would have shockwaves that would hurt them financially and politically, and with the election only a 366 days away, you can bet that pissing these guys off is something they don't want.
Fighting the Spam (Score:2)
No direct links, Look it up for yourself.
Re:Fighting the Spam (Score:2, Informative)
Here's the article (Score:5, Interesting)
Spammers getting framed? (Score:2, Interesting)
Poor grandpa (Score:5, Interesting)
I only wish that I could keep my WiFi up without WEP for my neihgbors or anyone walking by without exposing myself to risk of internet connection termination.
Have any other slashdotters had similar experiences, or suggestions. Thanks.
Intrusion detection software (Score:2)
I found from techtv.com a program for network intrusion detection called Intrusec Expose from www.intrusec.com [intrusec.com]. Its pretty cool software for monitoring your network and can do a lot more than just tell you what computers are connected and altert you when net computers enter the network. It can also scan for services and such.
No I'm not affiliated with this company and I'm not endorsing this software, I'm actually asking if anyone knows of a free
Re:Intrusion detection software (Score:2)
I'm actually asking if anyone knows of a free, OSS or not alternative.
snort [snort.org] is quite useful on *NIX machines. Quoth FreeBSD's security/snort ports description:
Re:Poor grandpa (Score:5, Interesting)
Print up some business cards with the WEP key. Hand them out to people you trust.
Control outbound port 25 connections via your firewall. Allow only port 80 from untrusted clients. etc. Its not *that* hard. There are linux distros set to do this using an old 286 if need be. If you want to give it away you will need a robust firewall. Think of it as a digital condom.
They are winning (Score:5, Insightful)
The spamers are not desperate. They have simply figured out nice openings and are bulldozing a near infinity lane highway.
Comment removed (Score:5, Insightful)
evil spammers getting it slashdotted... (Score:5, Funny)
Two part plan (Score:5, Interesting)
Step A - release virus to DDoS on blacklist maintainers
Step B - while blacklists are down, send out massive spam campaign or more virus-type spam
I'm glad that the spammers did that... (Score:5, Interesting)
Haven't the authorities shown a propensity for going after malicious software writers, particularly viruses and worms, whilst completely ignoring spam? By writing malicious software, haven't they just attracted a whole lot more attention from law enforcement than they would otherwise have got?
Good on them I say - I think we could do with more law enforcement attention on these sort of people!
Of course it doesn't deny the impacts on those being attacked, nor covers the international aspects of spam. But with more countries creating explicit laws to deal with hacking and misuse of computers, the more dodgy spammers might start getting what they deserve - a good ass-pounding in prison!
Re:I'm glad that the spammers did that... (Score:3, Interesting)
Nonsense. No two people agree about the precise boundary between marketing and fraud, and yet the latter is illegal. No two people agree about the maximum safe speed on a given stretch of road, and yet there are speed limits.
The law often boils down to picking some arbitrary boundary in the middle of the gray area and then treating it as the black-and-white frontier.
My evil plan for spam. (Score:5, Funny)
Get a bulk mailer and email harvester and sell "Placebon the Herbal Viagra." Get a credit card processing account (or maybe just paypal) from a bank.
Email a million people.
Get ~5,000 orders.
Charge $19.99
Send them a
You profit. They get burned. Everyone wins. For the moral people, think of it as your personal war against scurvy.
No good news here (Score:5, Interesting)
A symptom of all evolving systems, natural or artificial, is that parasites will take advantage of easy opportunities. In nature, this battle has been a fundamental force for evolution and change. I don't see why it should be different in the Internet, which largely behaves like a natural system.
Here is an analysis of the subject [slashdot.org] by an expert on the matter (oh, it's ME?!). Bottom line: as long as the Internet is built on predictable defined structures (protocols and gateways), it will be heavily parasitized. What we see today is only a warmup. The solution is to find ways of evolving the structures of the Internet faster than the parasites can evolve.
This problem won't go away through wishful thinking - we need to understand what is actually going on. Heck, this discussion is moot: if my theory is correct, self-modifying defensive systems will happen exactly as the parasites have evolved: because this is what happens in natural systems.
I just trolled myself. Damn.
Re:No good news here (Score:3, Interesting)
Okay, since parasites also get parasites... how about a parasite that attaches itself to and debilitates spam?
Seriously, might that be doable/practical?? Obviously there are "vaccination" issues (you can't go invading every user's PC "for their own good") but how would one make such a parasite species-specific, so it would only feed off spammers?
No defense against idiots (Score:3, Funny)
I would love a way to identify IP address of all idiots who contract this virus, just to be sure my AOL/RoadRunner/Verizon netblock blacklists are complete.
Quick to judge (Score:5, Insightful)
I say it could have been the work of some pissed-off admins who were frustrated.
Re:Quick to judge (Score:3, Insightful)
Re:Quick to judge (Score:5, Interesting)
I don't like spam, but I have to admit that the thought of someone seriously inconveniencing SPEWS doesn't upset me too much.
Our server ended up on their blacklist despite never having sent a spam, because someone else in the 16-bit IP range had. 16 bits, that's up to 65K machines with maybe half a million users...
Our machine is in a server park. Of course spammers operate from such places. The SPEWS argument that you block thousands of innocent users to get at one guilty one is just plain immoral, and, at least in my case, has the effect of making me opposed to any centralised anti-spam measures, whereas previously I would have been favourable.
If it ever happens again, I'll buy myself a clean SMTP server, or find another solution, but the one thing I'm never going to do is contact my ISP (who, incidentally, enforces a strict anti-spam policy), because I object on principle to being dictated to by people who treat my company's reputation as 'collateral damage' as part of their quixotic campaign.
As for the 'change ISP every three weeks' advice, that just isn't a viable option when you have a few dozen domains, many of them interacting with third party mail filtering, Exchange servers etc.
If SPEWS dropped that one policy of punishing the innocent in an attempt to get at the guilty, it would have my support. Until then, I expect SPEWS to continue to alienate the people who should be on the anti-spam campaign's side.
Re:Quick to judge (Score:5, Interesting)
Changing isps every 3 weeks isnt viable, but when you pick isps in the first place, do you homework.
Pick a good one once, and your very unlikely to ever have to worry about Spews. The reason why Spews is a problem for you is because a LOT of mail admins including me use it. Spews itself IS NOT your problem, its your isp thats the problem for refusing to deal with spammers on their network. We collectively have decided that when a major isp refuses to deal with their spam problem, that we'll refuse to deal with them. And your caught in the middle.
Hypothetically, if Spews ever died, you'd have far worse problems. Why? For example, I HEAVILY firewall off large isps that have major spam problems, you should see my ruleset for blocking. Not counting the geographic bans, its at 944 entries, and each entry drops a
Now imagine your isp starts harboring a spam gang (ala Verio or C&W) and blatantly lies and refuses to get rid of the spammers despite all complaints. This quickly gets noticed in NANAE, and mail admins will start dropping that entire hosting service into their deny lists and firewalls. Good luck EVER getting out of 1000's of firewalls and deny lists. At least you can get off Spews if your isp cleans up.
Re:Quick to judge (Score:5, Insightful)
Unless you're running the firewall for AOL, Earthlink, MSN, or Yahoo I really doubt Verio or C&W gives a shit if you just fell off the face of the earth completely, much less blocked a couple of their networks. If you did work for such a large company you wouldn't be blacklisting like that for long as you'd lose your job.
SPEWS is *slow* to judge (Score:5, Interesting)
[...]
my ISP (who, incidentally, enforces a strict anti-spam policy)
These two statements are mutually contradictory. But first, a reminder that SPEWS is not Not NOT representative of mainstream anti-spam blocklist providers. Both SpamCop and SpamHaus use narrow targeted blocklists. Furthermore, the real responsibility for your blocked email lies with the recipient postmaster who chose to use the SPEWS list. Their server, their rules. You could call them and ask to be whitelisted.
According to best evidence, SPEWS always starts with an abuse complaint email and a /32 blocklisting. If further spam arrives at their address(es?) the listing expands to /28, /24, etc, until either the spammers are removed or the entire ISP is listed. In order to reach /16, your ISP must have ignored SPEWS and retained its spammers for a long Long LONG time.
But they CAN do these viruses ... (Score:5, Insightful)
Of course.. if they ever mended LookOut the AV guys would go out of business overnight but that's a whole new consipracy theory involving large cash backhanders and deliberately broken coding there...
Re:But they CAN do these viruses ... (Score:3, Insightful)
The newest versions of Outlook have been fixed. They no longer auto-run scripts, etc. But it is pretty hard to protect against stupid users who will open
Actually, This Could Be Good (Score:4, Insightful)
Whereas before their only offense was spam (which is gradually being outlawed), now they have done something for which people have been indicted and sent to jail for.
Spammers are evil -- we all know that -- and this just means the gov. (if they're awake) will finally have a tool to put the worst of them in jail once they can prove who's spacking and creating anti-anti-spam virii.
Re:Actually, This Could Be Good (Score:3, Interesting)
You would think so wouldn't you?
The problem is spammers have been breaking federal laws since the beginning of the Internet. Hijacking a mail relay has never been legal -- it's a felony. Ever heard of anyone getting jail time for a flood ping even though it is illegal?
It's interesting. You
Bayesian filtering (Score:5, Interesting)
I've been using SpamAssassin's Bayesian filtering features to get rid of my spam for good. I've turned off SpamAssassin's use of any of the antispam sites like spamhaus, spews, and spamcop, mainly because some of them have been foolish enough to sweep such a wide net that turning on use of these sites causes SpamAssassin to filter legitimate mail that comes from my own domain! (that's what I get for living in a country whose ccTLD is run by a brain-damaged registrar...) I've been running almost totally on Bayesian filters after having trained them carefully for a month, and have thus far had zero false positives and false negatives. I mainly keep the spam around to further strengthen the training of my filters and for occasional entertainment value. Those Nigerian scams can be really funny sometimes, you know. :)
These blacklists could go away tomorrow and my Bayesian filters will only keep getting better and better at weeding out the spam. In my experience, these antispam sites are actually more part of the problem than the solution, because they filter more mail than they should.
Re:Bayesian filtering (Score:5, Insightful)
a inperfect solution at best, and one that does NOTHING to discourage the spammers. Only heavy blocking of spam friendly countries and isps seems to do much to discourage more spam.
If the Virus doent kill them... (Score:3, Funny)
There are few things I can think of more Homer-Simpson-ish than post a slashdot link to certains sites to tell the world they are being DoSed.
Spam Prevention (Score:3, Informative)
you are required to pay a small escrow fee as part of your ISP service fee, AND
if someone receives and e-mail from you and deems it as spam, then he clicks the appropriate button, AND
your escrow fee is charged *once per e-mail* and his is increased by the same amount.
The balance of the escrow fee would be refundable at any time, but accounts with a balance of 0 would be unable to send e-mails.
As I think through this, I can see several virtues:
1. The senders of spam would have to pay per offensive e-mail and would thus have strong incentive to stop.
2. Senders of legit e-mail would continue to have free or mostly free e-mail.
3. Those affected by spam would have immediate recourse and receive compensation for their time.
4. The spirit of the plan seems right: if you are going to waste my time with your spam, then you pay me for it. But if you are a friend, you get my time for free.
Does anyone see drawbacks to this plan? Perhaps increase in net traffic per e-mail sent, but that would presumably be offset by a substantial decrease in spam.
Re:Spam Prevention (Score:3, Insightful)
Basically its the same theory as warning someone in AOL-IM. Their warn level gets high enough they can't send messages until it drops some. The problem is people get into "warning wars". How high can I make a friends warn level to piss him off.
For spam who is going to be the judge to determine if its spam or not? I consider all the stupid jokes I get from people spam so I should hit them and make them pay for it. What if I piss someone off so they decide to re
Whitelisting may be the only sollution (Score:3, Interesting)
But not whitelisting as we know it.
Think about it: most spam comes from cable and adsl connected machines. dynablock.easynet.nl is trying to block each and every dynamic IP on earth, effectively making it a whitelist of static and therefore blockable IP's.
One could even take this one step further: blacklist the entire internet and whitelist known mailservers. Getting out of that should be easy, but no so easy that a spammer could do it automatically. And when you're spamming from a whitelisted IP, the IP is blacklisted again for, say, 1 week. Then it can be whitelisted again, but when you're spamming again, then it's blacklisted for a month.
The hard part of such a whitelist is: where do you start? I think it would be sensible to start out by simply tagging mail originating from blacklisted IP's. Early adopters can then whitelist each and every IP they expect mail from. After a while a sufficiently small amount of mail will be tagged by the blacklist, so it can be used to start blocking with it.
If we only could convince each and every postmater on earth to use such a system, it could be very, very useful.
Meanwhile, please use Dynablocker [easynet.nl]. It can really help making h4x0red boxes useless as a spam source.
SPAM good for (Inter)National (Cyber)Security (Score:3, Interesting)
If security through obscurity is an intellectually bankrupt concept, then the spam industry innovates security knowledge like no other.
The fact is that spammers not only save work for the script kiddies, they help the NSA, CIA, FBI, KGB... as well as IBM, MSFT, SYMC...
Think of them as parasites that feed off our collective ignorance, and you'll see what a useful cleansing function they serve in the greater ecosystem.
Bluebottle was DDosed off the net.. (Score:3, Interesting)
I see quite a few posts suggesting that spammers are getting desperate, but brazen seems more appropriate. They are shutting down some of our most effective anti-spam tools and there seems nothing we can do about it. To me that looks more like their winning.
Re: Desperate like a fox (Score:2)
> > They must really be getting desperate.
> This reminds me of the President claiming the increased rate of attacks in Iraq was a sign of progress.
Whew, I'm so glad to hear we're winning the War on Spam!
Somebody needs to tell my mail service, though.
> Since when does increasing sophistication demonstrate desperation?
When the facts are inconvenient and spin is deemed an acceptable substitute.
Re:Desperate like a fox (Score:5, Insightful)
Re:Could someone please make the argument... (Score:4, Funny)
Re:Could someone please make the argument... (Score:2, Insightful)
I can understand that some people think in the line of an eye for an eye (I don't agree with them, but atleast they have some argument).
Spam leads to irritation, or eaven to lost bandwidth or time and thus to a financial damage. To say that that justifies killing is so stupid it isn't even funny.
Jeroen
An eye for an eye, a minute for a minute (Score:5, Interesting)
Well, say spammers send their messages to 2 million recipients, and each spend, on average, 10 seconds reading and deleting said spam. That comes out at 231 days of _completely wasted_ life. Life that can never be given back to whoever lost it.
Even worse, since that's time spent awake, it's more like a year of real time. Say the spammer sends 100 such spams, he would then have _wasted_ an entire lifetime. We can thus, by the "An eye for an eye, a minute for a minute" rule, confiscate the rest of his life!
There's the argument you requested!
cheers,
m
Re:Could someone please make the argument... (Score:3, Insightful)
Re:Not really... (Score:5, Informative)
Read the virus analysis [nai.com] before making untrue claims:
The worm sends a large amount of data to remote servers (port 80 and ICMP). The worm verifies that a connection is active by contacting www.google.com. If successful, an attack is initiated on the following domains:
* spews.org
* spamhaus.org
* spamcop.net
* www.spews.org
* www.spamhaus.org
* www.spamcop.net
Re:I don't see what the problem with spam is (Score:5, Insightful)
Re:Legislation and TLD's (Score:5, Insightful)
And for porn sites: If they are all on *.xxx they will be filtered, but much of that filtering would happen by people apart from their clients themselves. Yes, it would remove children (which I'm sure the porn sites would be very happy about - if you're in a business that require credit card signups and where your primary cost is bandwidth, would you like to have an underage person with no credit card but all the time in the world to download your preview content over and over again and wasting your bandwidth accessing your site?), but it would also remove people surfing from work (you'd be surprised - I've run several networks where all traffic went through a Squid proxy, and the traffic stats were "interesting" considering it came from people working in glass cubicles), from any country that decides to stop the "immoral" porn sites, from any municipality or state with powers to order ISP's to filter, and a wide variety of other situations.
The porn industry would likely hate *.xxx for those reasons: It makes it easy to censor them.
And we should be vary of any attempt to force controversial content to be labelled for exactly that reason.
Another problem is who sets the standards. In some countries kissing publicly is considered obscene. Some countries consider bare womens limbs obscene. Some countries are pretty liberal about underage nudity as long as it's not in a sexual setting (some places parents taking pictures of their children playing naked on the beach would be ok on a page with their holiday pics, but would be considered child porn if they were put on a porn site, for instance)
This is why the .kids proposal was altered to .kids.us - it restricts the above problem to standards within a single country. But in the .kids.us case it's about positive labelling: Label what you explicitly want to allow rather than that which some people will want to restrict, so the problem was smaller to start with.
A .spm would have some of the same problems. As long as the criteria would be made purely based on delivery method and volume I wouldn't be too concerned, but again the question would be in what cases mass distribution could be made outside of .spm, and how to verify that it taken place.
Also, a .spm would need more than just that - a major problem of spam is the cost of handling it for ISPs. Making it harder to reach users, but giving spammers a specifically legal way of delivery, would likely exacerbate that by forcing spammers to massively increase their volume to make up for reduced reach.
Here's how more laws and regulation will stop spam (Score:4, Funny)
2. Get some competent network admins (who are obviously nowhere near any government cyber-crime unit) and can easily track down the source of the spam and worms.
3. Go to the perpetrators home or residence.
4. Beat the perpetrator over the head with the book of laws.
The more laws we pass, the heavier the book becomes and the more brain damage it will do. Considering the trend our leaders have in thinking more laws will stop this when the existing laws aren't being enforced, the only reasonable solution is to use the actual laws themselves as some form of blunt instrument.
Re:Mimail-E also DDoS'ing financial sites (Score:3, Informative)
The
Proletariat of the world, unite to kill spammers.
The more painfully and slowly, t