Another Worm Targets Anti-Spam Sites 538
kevinvee writes "Yahoo! is reporting about the next battle of Spam Houses versus Spamhauses. This time, its W32/Mimail-L receiving the attention. "It's the third Mimail variation to come after us, except this one is trying to do more," said Steve Linford, founder of The Spamhaus Project. Apparently this reincarnation comes as an attachment offering naked photographs. Once infected, a follow-up e-mail is sent to the user stating that a CD containing child pornography will be delivered to their postal address. "These guys write trojan (viruses), they carry out DDOS attacks and they get their money through selling stolen credit cards and spamming," Linford said."
A new low (Score:4, Funny)
Turns out I was wrong.
Re:A new low (Score:5, Interesting)
It's absolutely insane. They won't stop 'til they've destroyed email.
It's melodramatic, but: spammers really have declared war on email, and the Internet and its users as a whole. They're fucking with email, they're fucking with DNS, they're sending out viruses to infect users and spread more filth, and they're trapped in this huge positive feedback loop that I'm desperately afraid won't end. They pump out millions of emails which get ignored so they pump out more which gets them blocked so they pump out more to get around that and they start attacking their opponents and now the volume of spam is so high they need to pump out even more just to get any sort of return...
Rationally, I think the only way around it is to attack the economics of spam, as has been suggested by many much smarter than me.
But really, what I want is revenge.
Revenge? (Score:5, Interesting)
As promised, there's a new tool in town. Project Web Form Flooder [sourceforge.net] is still in beta, but it's functional in flooding spammer's websites with plausible data. Java source code only right now, but I'd imagine the ./ crowd can deal with that.
If we flood spammer's websites with garbage data, maybe, just maybe we'll do a little to remove the profit motive in spamming, and once there's no money in it it'll end.
Isn't it time we stopped crying and started doing something?
Re:Revenge? (Score:3, Insightful)
the ISP doesn't know what it will be used for. The site only has to stay live for a few days for the spammers to make money. By the time the ISP
has twigged and shut it down the spammers haved moved onto the next ISP to sucker.
Re:Revenge? (Score:4, Insightful)
The problem with that is that most spammers websites are hosted on innocent ISPs machines.
The objective isn't a DOS, it's to salt their data. If 99 out of 100 'orders' are fakes with invalid cc numbers, their transaction costs will go up and their profitability will plummit.
The other alternative is to track them down and burn them alive.
Neither of the above is desirable since mistakes will be made and innocents will be put out of business or killed. The desirable solution is to throw them in jail and fine the hell out of them after they are found guilty in a fair trial. However, vigilante action is the natural consequence when the law fails to take action.
Re:Revenge? (Score:3, Insightful)
I think you've missed the profit model of spam. You need to recognize the difference between the spammer and the merchant. Two different businesses, with two different objectives.
The spammer makes money by selling bulk-email services to merchants. $100 dollars for 1 million emails, that sort of thing.
The merchant spe
Re:Revenge? (Score:3, Insightful)
If hiring a spammer means 0.1% valid responses and 1% invalid responses, then the merchants will eventually catch on and stop hiring the spammers. At some point, this ratio gets so small that it's not worth advertising.
Sure, this may take a some time and some merchants, but eventually it will work its magic.
Re:Small tangent... (Score:3, Insightful)
Never. .biz is a good token for my bayesian filter. I guess the sleazy sound must attract spammers like moths to a flame.
I tell you, this is the most compelling argument I've ever heard for a redundant TLD.
Re:Revenge? (Score:5, Interesting)
Yes but unfortunatly most spammers have enormous clusters of servers for what they do and more bandwidth than you can shake a stick at (thats the only way the upstream providers will let them spam, they need 20mbit, they buy an OC-3). it would really be no big deal for spammers to survive a DDoS attack, it would take him down for maybe MAYBE 2 hours. how do I know this? I used to work for one. he was more legitimate than "make your penis bigger", all his lists were 2x optin but being in the biz I met all the other spammers down here in Boca Raton FL (the american capital of spam).
To put it in perspective, one spammer had somewhere around 500 servers taking up an entire row of racks in the datacenter we were at. another one had 350. the guy I worked for was comparably small, less than 50 servers. and all these guys have enormous burstable bandwidth behind them (spam eats up somewhere around 100-300mbit/sec when doing the initial dns caching)
Another thing is spammers usually hire VERY good technicians and pay them very well (which is why I stayed working for a spammer). it would be no big deal during a ddos attack, to swap out ip pools on the network (most spammers own tons of ip networks and multiple AS #'s), reprogram the router and setup LVS on 6-8 boxes and it would be able to take most any DDoS you could throw at them.
Oh and finally spam makes money. TONS AND TONS of money. hundreds of thousands of dollars profit a month usually run by 3-4 guys, so there's always room for ways around whatever we can dish at them. they simply have more resources than the userbase they spam.
Re:Revenge? (Score:4, Insightful)
It's their DATA that's valuable. The data that unsuspecting knuckleheads willingly provide is what they make their money from. Flood their data with garbage so they can't tell the real from the bogus and their entire database becomes effectively useless.
Re:Revenge? (Score:3, Funny)
Why doesn't it shock me that the capital of spam in the US translates to "Rat's Mouth"?
Re:Revenge? (Score:4, Interesting)
It's mostly from people who come out of a regular job with an idea to sell widgets online. They see an ad in one of those "business opportunities" magazines for a spammer. They sign up, pay, say $10,000 for a list of 10 million email addresses ("A tenth of a cent per email? With a 1 percent response rate (and my widgets and pitch are so good, 1 percent is the minimum!) that means 10 cents per response. I make $10 on every widget. I'm going to be RIIIIIIIIIIIICH!"). The response rate is pitiful, they lose money on the promotion, and they either learn the lesson or move to another spammer. Eventually the business fails.
However, there's enough entrepreneurs (and pseudo-entrepreneurs thanks to tax code insanity like the fully-deductible Escalade...) to make spamming a gold mine.
The media isn't really publicizing how ineffective spamming is. All they say is how much money the spammers are making. In the mind of the mental midgets who start these companies, if they see that their SSP (Spam Service Provider) is a millionaire, they think, "this has gotta be working." Of course, it's that type of thinking that proves irrefutably that most people are idiots. Call me crazy, but I want those providing services to me to be as poor as possible....
Re:A new low (Score:5, Insightful)
When you talk about changing the economy of spam, you are talking about creating scarcity with regard to communication by taxing it. I couldn't disagree more with the suggestion that we must restrict communications in order to solve the spam problem. We demand that outfits such as the RIAA learn to adapt in a world where communication is profligate and free. How can we, in good conscience, recommend that communication be restricted in an area where our personal convenience and comfort is concerned, and not in another, where someone's multimillion dollar industry is concerned? If we think freedom of information is a good thing, we must be consistent in that belief.
Re:A new low (Score:3, Insightful)
Re:A new low (Score:4, Interesting)
Even better: pretend to buy. Some spammer's site are so easy to crack (hint: SQL-injection) that it's a joke.
Harvest credit card numbers (with matching delivery and billing addresses, and often with matching CVV's) on one spammer's site, and use them on another's.
If enough people do this on a routinely basis, several things will happen:
- The word will spread about among buyers of spamvertised products that buying these is a surefire way to get trouble with their credit card
- Excessive rate of chargebacks make many spam operations unprofitable
- Credit card companies will realize that spammers are troublesome business partners, and become very reluctant to give them merchant accounts.
Hit them in the pocketbook (but use an open proxy, unless you want to get into trouble yourself...)Re:A new low (Score:4, Insightful)
WHY YOUR ANTISPAM IDEA WON'T WORK (Score:5, Funny)
Your post advocates a
( ) technical ( ) legislative (x) market-based (x) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which vary from state to state.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
(x) The police will not put up with it
( ) Requires too much cooperation from spammers
(x) Requires cooperation from too many of your friends and is counterintuitive
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
( ) Ideas similar to yours are easy to come up with, yet none have ever worked
( ) Other:
Specifically, your plan fails to account for
(x) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(x) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
( ) Other:
and the following philosophical objections may also apply:
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
(x) Countermeasures cannot involve wire fraud or credit card fraud
( ) Countermeasures cannot involve sabotage of public networks
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
( ) Other:
Furthermore, this is what I think about you:
(x) Nice try, dude, but I don't think it will work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
Re:A new low (Score:3, Interesting)
Okay, my fault for feeding the trolls, but:
When I talk about "attacking the economics of spam," what I mean is making it unprofitable to be a spammer. I think there are lots of ways to do this; taxing, while one way, is a particularly stupid and noxious method.
Here are things I think will work to varying degrees:
I think the best idea is spidering websites.
Re:A new low (Score:5, Insightful)
The problem of spam is not caused by the freedom of email, any more than murder is caused by the availability of knives and other weapons. It is too easy for technically-minded people to see spam as a technical problem, which is to be solved by replacing the existing mail system with something more restrictive. However, the spam problem is not spontaneously generated by the mail system, just as knives do not go around murdering people. Spamming, like murder, is a human action that certain humans choose to engage in.
It is, of course, useful to use technology to make harmful actions more difficult. Locking up valuables makes theft more difficult; hiring bodyguards makes assassinations more difficult. However, we do not pretend that technology should make theft or murder impossible, or that the world should be transformed into a padded cell so that everyone is technologically prevented from doing anything wrong. Instead we deter and punish crime through education and law enforcement. Technology can reduce the likelihood and impact of harmful human actions, but we cannot use it as a replacement for social responses.
Regardless of whether particular legislatures have passed laws which specifically address spam, we recognize spamming as a lawless and criminal endeavor. Spammers co-opt the property of others against the will of the property owners. (Note that this is worse than simply using that property without permission.) Just as gangs protect their core unlawful enterprises with further crimes such as murdering rivals and bribing police, spammers have come to use cracking, viruses, and DDoS to protect their core activity. Structurally, spam is just like other sorts of lawless action which we see as the proper jurisdiction of law enforcement rather than technological kludgery.
There is no shortage of evidence, gathered from public sources and fully admissible in court, that particular spammers are engaged in criminal actions such as the above. Contrary to common belief, these spammers are not in "third-world nations"; they are in Western nations such as the USA, Canada, and the UK -- nations which have broadly functional legal systems, and nations whose Internet users are the chief recipients of spam as well. Volunteers have already carefully collected this information in the Registry of Known Spam Operations [spamhaus.org]. What is needed is twofold: (1) Funding for law enforcement to go after the known criminal enterprises; (2) Further litigation by major victims of spam, such as large ISPs, against those who are victimizing them.
Re:A new low (Score:3, Insightful)
Nice idea, but. The new federal "anti-spam" legislation specifically removes private "right of action" against spammers. That is, victims can't sue. All they can do is complain to the federal government, which can act - or not - in its own way and time. It also pre-empts states from passing anti-spam laws stricter than the Fed's
Re:A new low (Score:2)
Re:A new low (Score:3, Interesting)
s/email/every public commons/
These people can, have, and will spam by email, fax, autodialers, IM, SMS, spyware, and every single method of communication they can get their hands on that makes it cheap to publish.
The feedback loop will certainly end
Re:A new low (Score:3, Funny)
Re:They destroyed Usenet a long time ago... (Score:3, Informative)
Methods to get spammed when you know better:
If none of these things had happened to me since 1998, my current address would p
Re:A new low (Score:5, Insightful)
The spammers are exactly the same as the mafia.
Re:A new low (Score:5, Funny)
Re:A new low (Score:4, Insightful)
I'd actually go one step further. A Racketeering-Influenced Corrupt Organization.
> The spammers are exactly the same as the mafia.
But on that, I must dissent. The Mafia has a long and storied history of providing everything from illicit booze, prostitution, sports gambling, lotteries with better payouts than the government-run lotteries, duty-free liquor and cigarettes, financial assistance to those with whom banks will not deal, as well as a full range of soft and hard drugs.
Unlike spammers, the mafia provides things that people actually want.
Re:A new low (Score:2, Funny)
Certainly. All you had to do was ask.
hmm.... (Score:5, Funny)
In case you don't know what I am talking about, Go see the movie before you mode me down.
Re:hmm.... (Score:2)
Simon.
Re:hmm.... (Score:2)
Re:hmm.... (Score:2)
baseball bat (Score:5, Insightful)
Re:baseball bat (Score:2)
no, socks with soap in them, and bags fill of doorknobs do a much better job.
This is your first time as a part of an angry mob?
Re:baseball bat (Score:5, Interesting)
Just use a decent mailer, some antispam filter and update it.
Why would you just physically hurt somebody ?
I can think of plenty of reasons. Like, say, promoting child and bestiality porn. To anyone, including children. Because they refuse to take no for an answer and mutate their mail around my spam filters. Because they hammer mailservers with dictionary attacks, wasting resources that aren't theirs. Because they pull the kind of crap referenced in this story. Because they file frivolous lawsuits against anti-spam organizations who are just trying to help people avoid their crap, so that they can try and drain their resources. Because the email address I've used as a public point of contact on my websites is so flooded with bestiality porn that I'm afraid to open it in public.
In short, I don't think it's the right response, but theres certainly plenty of motivation to do so. I'm not going to cry over it if someone takes a baseball bat to Alan Ralsky's head.
Re:baseball bat (Score:3, Interesting)
Agreed. I don't advocate extralegal violence against spammers, but were such a thing to happen, and were I asked to sit on the jury of the person charged with the offence, I would return a verdict of not guilty. Assault and/or homicide are crimes against human beings. In my system of values, spammers ceased
Re:baseball bat (Score:3)
No, but it's costing me thousands of dollars [deathbyspam.com].
I estimate each piece of spam to take roughly 1 second of my time. The second is either spent scanning and deleting the spam that got through, or the time spent setting up the filters for the spam that was caught. I multiply that by my average hourly rate, and find out that, based on my current spam average, I will loose around $2,500.00 annually due to spam.
That is not acceptible, I would obviously rather the time
Yeah... (Score:4, Insightful)
Yeah... apparently, people are still STUPID enough to open these things. Does ANYONE out there still beleive you can get "100% free porn, just click here!" from some sleezy, unsolicited email that just redirects you to a credit card entry, despite the "free"?
I guess so...
Re:Yeah... (Score:4)
If you send out a million e-mails, and only
It sucks. I hate it. People are so dispicable.
Re:Yeah... (Score:5, Insightful)
Because, for some people, curiousity is just too strong to resist. They know it can't be true, but they'll click it anyways "just in case". Then they'll call me to ask why their computer is all of a sudden slow, at which point I clean their system and buy a new pair of boots because my old left boot is embedded in their ass...
Yes, us victims deserve all the blame. (Score:5, Interesting)
Personally, my middle-aged brain only functions at about a four-nines reliability level, meaning that if I deal with thirty pieces of email a day, about once a year I'll accidentally do something STUPID.
Like pressing "reply" before I've finished composing my mail. Or replying to all when I only meant to reply to one. Or replying to a list when I only meant to reply to one person on a list. Or thinking that PayPal might really have sent me an email. Or opening a foreign attachment. Typically I realize that I've goofed approximately five hundred milliseconds after performing the mouse click that commits me to the imprudent action.
(It doesn't help that I actually have real human friends who do send me email message with subject lines that are blank, or consist of the single word "Hi!" or "Meeting.")
I am sure that you never ever do anything STUPID, and I fully agree with you that someone as STUPID as I deserves to have my computer infected with viruses.
Re:Yes, us victims deserve all the blame. (Score:3, Insightful)
Never give money to someone who initiates contact with you.
I've had the ACLU call me on the phone. I am 99% sure that they are legitimately from the ACLU, but I won't give them a single digit of my credit card, because THEY CALLED ME.
I kindly informed them that I would go to their (secure) website and make a donation. Of course the person calling me doesn't get their commission or whatever, but I'm following the rule.
Re:Yeah... (Score:2)
Good (Score:5, Interesting)
Re:Good (Score:5, Interesting)
Re:Good (Score:2)
The bad side of these developments is that the spammers have created a job market for virus writers.
Some of them are probably being paid enough to make a living off of their destructive skills, which means they have more time to dedicate to making parti
What proof do they have? (Score:3, Interesting)
Anti-DDOS (Score:5, Interesting)
Re:Anti-DDOS (Score:2)
Re:Anti-DDOS (Score:2)
Perhaps the central server (if necessary) could use authentication measures to block DDOS attacks.
Re:Anti-DDOS (Score:2)
Re:Anti-DDOS (Score:2)
My original post said "neural net-style" - I'm not asking for an true neural net, just suggesting that a construct based on one would be ideal for the situation.
Enough is enough (Score:4, Funny)
Ok. This is bad idea. But what else we can do?
Re:Enough is enough (Score:2, Funny)
it's the double edged sword. if you go after them you get sued (see SPAM-rage from a couple of days ago) and they get nothing against them.
do what i do. when someone blindly asks you to "fix" their computer install AV, Ad/spy removal SW, and net nanny. you could even go a bit further and install anti-SPAM SW and a firewall. or if your overly zealous remove the administrator right from that user. Or just add a reg key entry to stop outlook, outlook express, and IE from running and repl
Focus (Score:3, Interesting)
Yes, but when those virii are targetting one machine instead of the internet as a whole, it makes something of a difference, Graham...
Simon
It gets worse - (Score:5, Interesting)
A honeypot credit card for spammers.... (Score:5, Interesting)
Mastercard, wait, even better AmEx issues a card with the same idea. The card is used once in response to a single spam. The card is then cut up but not cancelled. Hand the card numbers and the billing address over on a platter.
When the card is used again, set your phasers to sue. The beneficiary of the card's usage can either be charged with fraud, etc. or roll on their superior. Pass the buck up the ladder until you can jail a spammer not on the basis of spam but of felony(ies).
Of course, this assumes that you can find a "member magnifier" offer that isn't even looking to send you Sucrosa. Still, it might be worth a shot as a low-cost investment with a good potential for a high yield.
The same idea could be used for eBay and PayPal scams. It's not as if none of us have gotten those "Please enter your password in this email and click submit button" spams. I wonder if this is already done. I'm a smart guy, but I'm still just another geek on /.. It seems some well-compensated theft prevention exec would have started doing this a long time ago if it would work. Though honestly, I don't see any problems with it myself.
Re:A honeypot credit card for spammers.... (Score:5, Insightful)
Now try to find a team of lawyers that can successfully prosecute such a case in Romania, China or Russia!
These sorts of scams generally do not originate in places like the US or UK.
Re:A honeypot credit card for spammers.... (Score:5, Informative)
Mastercard, wait, even better AmEx issues a card with the same idea. The card is used once in response to a single spam. The card is then cut up but not cancelled. Hand the card numbers and the billing address over on a platter.
Something similar to what you describe is already available via Sneakemail [sneakemail.com]. The concept is that they create a sneakemail.com email aliases to your real email account. So you create a label for each company who requests your email. So you would create a label called "Amazon.com" would be a good example. Sneakemail generates a unique @sneakemail.com email address for you to give Amazon.com. Sneakmail will then forward all mail to your real email address unless you tell it not to. You can easily see who is sending you spam by looking at who an email is addressed to (the foo@sneakemail.com address). You can also block an email alias so the sender gets a bounce notice when they try to spam you. There are other more complex rules you can use but that's the basic idea.
-Pato
Eeks! (Score:2)
Is now a good time to upgrade to OS X? I would like this, since it would allow for better remote administration for when her system goes "loopy". Or should I just make her use Mozilla for mail?
Funny (Score:3, Interesting)
Maybe this is vigilante spam, using the scared straight theory. Next time Joe Sixpack tries to look at the free pr0n, a little voice will pop up and remind him of what happened LAST time.
Re:Funny (Score:2)
Or maybe this isn't. What better way to make sure people don't get any sort of police agency or even their ISP involved in investigating spam then to send them kiddie pr0n and make it look like they asked for it? No one is going to incriminate themselves like that. If they did, they'd probably be locked up during the investigation of their involvement. And whether you did it on purpose or not doesn't matter. Once you're in jail, a whole
Naive users are part of the problem (Score:4, Insightful)
This would scare the living daylights out of my mother if she were infected by this trojan/worm.
I think part of the problem with computer security nowadays is that home users believe that anything is possible. Computers are still far too mysterious to the average user; I'll bet you dimes to dollars many users will think this CD mailing scare is real. Unless email and antivirus vendors do something to educate homes users, what's to stop the next virus from saying "open this attachment or we'll send illegal merchandise to your door?"
Spammers, even benign ones, thrive on the naivety of home users. I still haven't received my cheque from Bill Gates and Walt Disney Jr...
Why is it so hard to track these guys? (Score:4, Interesting)
What they're doing amounts to terrorism (at least, under today's NewSpeak definition of "Terrorism"). Why are the authorities not trying to track these guys down? How hard can it be? It is extremely difficult to completely cover your tracks on the net. You find out where an email came from. Track it back to the ISP. Find out where it came from. Track it back to the next ISP. Check their logs. Continue until you get to a modem pool/DSL connection. There's your guy.
Are they all outside the country? Will those foreign ISPs not cooperate? Why is this so common?
Re:Why is it so hard to track these guys? (Score:2)
ISP's need to block egress port 25!! (Score:4, Interesting)
This is getting ridiculous. All of these worms/viruses of late have their own SMTP engine built in, and connect directly to external SMTP servers to spread their payload. ISP's (and businesses that provide access to internal workstations) need to block access to external SMTP servers! In particular, block egress port 25 from the network.
So you will ask, "But then how will I use my company's or other SMTP servers from home?" Easy, the port used for initial mail submission (IMS) should be set to a different port altogether. IMS and mail transport are different activities and should be treated as such. Use SMTP+AUTH+SSL, run it on port 465, and everybody is happy (except spammers and virus authors).
"But I want to run my own server on my dial-up or other consumer level account!" Contact your ISP and see if you can get a static IP address. SMTP servers should be on static IPs, that way bounces and other system messages can be routed properly. Check the AUP of your ISP, you might be prohibited from running a server on your account (find another ISP, or use the tip above to use a different SMTP server).
To do otherwise is to continue to be part of the problem, not part of the solution.
Re:ISP's need to block egress port 25!! (Score:3, Insightful)
Re:ISP's need to block egress port 25!! (Score:4, Interesting)
That's exactly the problem. Mail is not supposed to be transmitted from any IP host to any IP host. The way it is supposed to work is:
- End user submits mail to their SMTP server
- SMTP server queues the mail, looks up the MX hosts of the recipient, and attempts delivery (this step may take time, due to internet congestion, etc.)
- Recipient's SMTP server receives the message (possibly from a backup MX host)
- SMTP server delivers the message to recipient's POP/IMAP/etc. server (maybe Exchange)
- Recipient accesses message using their e-mail client (Pine, Outlook, Eudora, Mozilla, etc.)
In particular, the message is not sent directly from the sender to the recipient! That won't work-- what if the recipient's workstation is off? What if the recipient uses several different computers (devices) to access their mail? SMTP was reasonably well thought out, the only problems realy are that IMS and mail transport were originaly designated to use the same port, and there was no encryption or authentication built in. Now with SMTP+SSL+AUTH, and IMS on an alternate port, it is pretty robust.Re:ISP's need to block egress port 25!! (Score:2)
Static IP accounts can still make outbound port 25 connections, as it should be. All in all it makes sense.
Why not just go with their model, at least..partly (Score:2, Interesting)
Enter the number once, and watch the traceable info for spammers / people that buy this information just ROLL in.
It may be time-consuming, but so is this battle
For once we can't blame software companies. (Score:5, Insightful)
The problem is no matter what we do, we can't prevent our users from shooting themselves in the foot. We rename attachments (.exe becomes _exe). We deny
Then again these users are the same people that would call up the phone company complaining of $600+ phone bills to the Caribbean, etc... When you ask them if they have downloaded any programs that offer free "porn" they get all defensive, etc... A quick look at their computer shows tons of those dialer type apps that are making the equiv of 900 (in the US) type calls over seas, and they don't realize it.
For the record, my users would be the users of the ISP that I admin for...
Good! (Score:2)
I've been trying to get my company to do something about spam (we're an ISP). The more serious, offensive, and aggressive spammers become, the higher my chances that someone up in management will get off his lazy ass and decide that it just might be worth it to do something.
Easy to filter out (Score:2)
banned_files = wendy.zip/k
Get them Spammer Clients (Score:4, Insightful)
The interesting thing is that for Spam to make any sense, it has to get people to pay real money. Thus any profit making Spam will give away a payment trail. So, if I may ask why in the world no authority goes after whoever sells through SPAM ?
Standard answers:
1) They will move offshore
(my reply, yes, but how will they get a payment if not through Visa/Amex/MC or other major intl institution)
2) There will be "false positives"
(I am not so sure about this one. One line of thought is that punishment may be directed to the profit coming from an Spam event, so if innocent sites make money w/out Spam they won't be very hurt. For instance, say spammers send Spam in the name of Amazon.com -- amazon might need to forfeit extra sales attributed to unusual traffic/sales in that period, attributable to the action of Spammers, if they bighugeenlargement.com doesn't have any traffic normally, they should be blown out of the water )
3) Costs of enforcement will be too high
Perhaps. But what are governments for ? If OKOKRIM can worry about persecuting 15 year old computer wizards [slashdot.org], and the DoD can worry about persecuting a 66 year old dictator [iraqi-mission.org], why can't someone go after Mr. Joe Spammer and his clients ?
Too evil? (Score:3, Insightful)
Just something to think about: This article talks about spammers along with references to not only spam, but destruction of anti-spam, virii, pornography, theft, identity theft, and child pornography. The only way they could really make spammers look any worse is if they labeled them as baby rapists.
While it could be true, it's beginning to sound like propaganda, intending to make these guys look more Evil than life. Think about the article's motivation, author, and target audience. Be careful, there may be something more going on than what we see on the surface.
~D http://www.dracosoftware.com [dracosoftware.com]
Re:Too evil? (Score:5, Interesting)
While it could be true, it's beginning to sound like propaganda, intending to make these guys look more Evil than life. Think about the article's motivation, author, and target audience. Be careful, there may be something more going on than what we see on the surface.
You DON'T HAVE TO make this kind of stuff up--the spammers are more than happy to provide the real thing!
The virus in question (mimail.L) offers porn, claims to be sending you child porn, attacks anti-spam sites, and tries to associate those anti-spam domains AS CRIMINALS in the minds of the target.
What do you WANT the article to say? That these spammers/virus writers are misunderstood, because they had poor childhoods and their mothers didn't like them?
Take off the tinfoil and open your damn eyes.
DIE SPAMMER DIE! (Score:5, Interesting)
OK kids, sit down and let uncle bubba explain this one for you. One, if you see something once, it might be a coincidence. Twice means that maybe lighting is hitting the outhouse twice. This is the third one of these, and with each successive version, the methods and operations of the virus are getting more effective and efficient. That means at least two developers were able to reverse engineer and increase the efficiency of the payload of the virus, OR someone is monitoring what is going on and making improvements. Tell you what, I will let you think about that one for a sec...
We also have the comments from the spammers themselves. Many have come out into the open and said that anti-spam orgs declared war on them, and that they would fight back. Do you honestly think that this is just a chance happening?
I guess it could be, I mean, you could have some slashdotter waging a disinformation campaign targeting anti-spammers to piss everyone off...
Oh, and too the nuts want to sue Microsoft under the same pretenses as suing gun manufactures...dude, spammers are equal opportunity abusers...they are abusing open protocols as much as they are using OS holes to propagate this crap. So unless you want to sue Berkley or something like that...
Spammers evil...viruses evil...censorship evil...censoring spam ev...WAIT!...good...
"We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns -- the ones we don't know we don't know."
why blame spam? (Score:4, Interesting)
if spam wasn't a money-maker, spammers wouldn't exist, it's as simple as that. just like if diets weren't such a huge industry, you wouldn't be seeing posters on how you could lose 30lbs in 30 days plastered all over your city (the birth of spam, might i add).
if all these men just stopped caring about the size of their weenies, spam would take a huge hit. if we'd all be a bit smarter and not even consider clicking on insurance / any financial links in spam, that market would also take a huge hit. and if we were all more passionate with our partners then that takes care of goat / bestiality porn. the 'barely legal' crap, you have to deal with on your own. that's just wrong.
honeypots, bayesian filters, spam blockers, LAWS... so much time, effort and money is being put into something that will only be solved once we start dealing with our own insecurities / needs.
I hate spam just as much as the rest of you... (Score:4, Informative)
<rant>
MAPS is one of them, and unfortunately I've been dealing with this problem first hand. I just installed a new server and out of the box Apache2 was setup to be an open proxy. It didn't take more then an hour or two before the IP was listed on MAPS-OPS. This is fine. However I promptly closed the proxy and notified them. What did they tell me, they sent me some canned email that told me to close the proxy.
Alright, so I double check again, I search google for open proxy testers, run them, they all return negative, I look at the MAPS "test report", all it says is:
IP: closed
IP: test finished.
Looks to me like the proxy is closed. I email them again, to say the proxy is closed, unless you can give me other details, your own test results seem to confirm this, whats going on?! They reply back saying their open proxy test is robust, advanced, and proprietary, therefore they can not give me any information regarding the test. Not only that, they want me to show what I did to close the proxy, and prove to them that I am the server administrator! Oh, and the best part, they want the email to come from abuse@<blocked_IP> or postmaster@<blocked_IP>.
Well, for one I can't email them from those addresses because THEY BLOCKED ME! For two, how can I prove I'm the server administrator? The email address I'am using to contact them is listed in the whois record for the domain as the "admin contact". Thats not good enough though apparently. What do they want, a digital photo of me standing beside the server with a big "anti-spam" sticker on it?
Thats the last I heard from them, they blocked me from filling out there "remove me from the list" form. Nice.
If every open relay and proxy in the world was closed at this minute, MAPS would go out of business, therefore they have absolutely no interest in removing people from their list.
</rant>
spammers' weak point - credit card companies (Score:3, Interesting)
I once tried to set up an online business that would accept payment via credit card. To set up a trading account, you have to jump through all sorts of hoops and rules. It's not cheap or easy. The credit card comapnies cheak who you are quite rigourously before they will give you a business trading account.
Part of their rules is that the trader must clearly identify theirself/the business when making a sale.
There are only a very few credit card companies - amex, visa, mastercard, mbna, that covers about 80% of the market.
I'm not quite sure how to go about informing the credit card comanies that you have received an illegal credit card payment request. Perhaps you could send the spam to them, or the url of the actual webpage where it asks to fill in your credit card numbers.
For the desperate, you could actually pay something, maybe using a spare card that you never use, then at once inform the credit card company of the situation, requesting a refund, and giving them relevant details, e.g. the website with the unlawful request on it, so that they will place a black mark against the trading account of the spammer.
Too many of them and they will close his trading account. With the resources that credit card companies have for checking on background, its gonna be bloody hard for the spammer to reopen new acocunt, especially as lying for the purposes of getting a trading account is something that the police take REALLY seriously...
(close your card or keep an eye out for any further withdrawals from your account and instantly notify the credit card company - they will then know the spammer's been passing around your details and have his address on file - more charges for the police to use)
What do you think of this method?
-tomato
Re:Sue the software companies (Score:2)
Re:Sue the software companies (Score:3, Insightful)
The fact that when opened this software is allowed to execute code, crawl through the address book, copy itself and send itself out to others is a fault with the system.
I've never had a problem when opening an attachment with Mutt.
Re:Sue the software companies (Score:2)
The fact that MS software makes it so easy to run an attachment and to hide its executable nature is the problem.
Re:Sue the software companies (Score:2)
Re:Sue the software companies (Score:2)
So, users need to do something like click on the attachment, wait for Winzip to appear, and then double-click on the executable file (the type will be displayed) in the Winzip interface to run it (and if they're using a version of Winzip that's not ancient, they'll get a Winzip pop-up pointing out that the file is exec
Re:Sue the software companies (Score:2)
Linux prevents it from doing that, eh? Really? Which distro might that be?
Every single one. Serious. (Score:2)
Re:Sue the software companies (Score:2)
Re:Sue the software companies (Score:2)
Exactly my point! It's not the system, it's the users.
Re:Sue the software companies (Score:2, Flamebait)
The Internet Worm [std.com]
Please at least have some rudimentary knowledge of computer history - this was 1988 so unless you're less than 15 years old you have NO excuse for this idiocy. This slashdot article is about vicious attacks by VIRUS WRITERS. You are using it as a platform to espouse your obviously ridiculous opinion about security holes in an e-mail program.
In case you don't get my point, let me hammer it home for you - the link I p
Re:Sue the software companies (Score:2)
These viruses prey on the ignorant. It's easy to make comments like yours when computers are a key part of your life. Perhaps we should have a minimum competence level before letting people on the internet, a so-called computer driving licence. That way we can hold the users responsible.
Or perhaps you're
Re:Sue the software companies (Score:2)
Re:Sue the software companies (Score:2)
Re:Sue the software companies (Score:2)
Re:They should've known better (Score:3, Insightful)
NO! (Score:2)
Re:They should've known better (Score:2, Informative)
Re:They should've known better (Score:3, Insightful)
Somebody else's bad for modding your original post "+1 Insightful" :-)
Re:How does he know ??? (Score:2)
These guys are directly opposed the "They" in "They say ...",
who are not to be confused with "The man",
which is a common misconception
Re:How does he know ??? (Score:2)