Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Spam The Internet Your Rights Online

Unplugging Email To Combat Spam 332

monkeyserver.com writes "from Reuters (via CNN) we hear that 'Consumers who allow their infected computers to send out millions of 'spam' messages could be unplugged from the Internet under a proposal released Tuesday by six large e-mail providers.' They are looking at 100 per hour or 500 per day; this doesn't really sound like a bad idea, though it could cause problems for a few people trying to run companies from their basement..." On the other side of the coin, rastakid writes "It appears that Microsoft is taking its actions against spamming a little bit too far: Hotmail accounts which are suspected of sending spam are closed without a single investigation. This article states that Maariv International registered a new Hotmail account and sent an abuse message about spamming activities from that account, while not a single message was sent from it. Microsoft closed the account immediately, without investigating."
This discussion has been archived. No new comments can be posted.

Unplugging Email To Combat Spam

Comments Filter:
  • Open relays (Score:5, Interesting)

    by SIGALRM ( 784769 ) * on Wednesday June 23, 2004 @03:18PM (#9511368) Journal
    Internet companies should make sure that their equipment has been properly secured so spammers can't route their messages through them

    I agree. Open relays, apparently not as common as they used to be, are still a huge source of the spam we intercept. I'd be in favor penalties for open relays (in theory), but how would that be effective, being that a lot of it originates from outside the US?
    • Re:Open relays (Score:4, Insightful)

      by Bob Zer Fish ( 568540 ) on Wednesday June 23, 2004 @03:22PM (#9511414) Homepage
      perhaps something like SPF could be used? That would ensure that spam was sent from the correct mail servers, and hence not spoofed. This would reduce a large amount of spam appearing to come from other users.
      Once this has been done we can then clamp down on the dodgey email servers.
      • Ah, but the problem there is that so many people have turned off remote access to their SMTP servers to prevent open relays that you can't assert that the SMTP server delivering the message has ANYTHING to do with it. SMTP servers have become like corner mailboxes; I use smtp.nycap.rr.com at home and smtp.work.com at work, etc.

        This is a fairly nice way of doing things, I think. It involves the provider of the internet connection with the mail delivery process. SPF seems like a good idea, but remember: i
      • Re:Open relays - SPF (Score:4, Interesting)

        by cbiltcliffe ( 186293 ) on Wednesday June 23, 2004 @08:47PM (#9514190) Homepage Journal
        SPF is a good idea in theory, but it can cause nightmarish problems in some situations.

        One of my customers has their website hosted by one company, and their internet access provided by another company. Their email clients were set up to use their ISP's mail servers, rather than their webhost's, but still use their domain name for the outgoing address.
        The webhoster implemented SPF, and all of a sudden, they couldn't send emails within the company, because they were coming in from mail.isp.com, as opposed to mail.webhoster.com.
        The webhost company's solution was: "Use our mail server."
        This would be fine, other than the ISP blocks outgoing port 25 to prevent spam, thereby prohibiting the use of any mail server other than mail.isp.com.
        If everybody used the same anti-spam solutions, it would be fine, but they don't, and the mish-mash makes legitimate email very difficult to send sometimes.
        • Re:Open relays - SPF (Score:3, Informative)

          by grahamm ( 8844 )
          So get the webhoster (or whoever is hosting the DNS) to set up the SPF record correctly so that the ISP's mail servers are allowed to send email for the customer's domain.

          Which brings up another point, the owner of the domain should have 'control' of the DNS (and thus make the decision on whether or not to publish SPF ecords) for their domain.
    • Re:Open relays (Score:5, Interesting)

      by LostCluster ( 625375 ) * on Wednesday June 23, 2004 @03:32PM (#9511547)
      The newest threat for spamming are now machines that aren't meant to be mail servers being turned into relays by viruses and worms. They aren't open per se because they work for only one master, but they end up putting the full resources of the computer to sending spam and that's not good.

      Maybe some sort of "reconnection fee" from the ISP in the $35-50 range would be a good enough speedbump to make consumers aware that this kind of threat exists and it will be their problem if they don't protect themselves from it. Afterall, there isn't much real cost for a bank to bounce a check, but they're allowed to charge so much because a bounced check is a preventable situation that is very annoying... the fee is there mostly to discurage people from trying to write a bad check.
      • Re:Open relays (Score:4, Insightful)

        by WolfWithoutAClause ( 162946 ) on Wednesday June 23, 2004 @03:42PM (#9511656) Homepage
        Maybe some sort of "reconnection fee" from the ISP in the $35-50 range would be a good enough speedbump to make consumers aware that this kind of threat exists and it will be their problem if they don't protect themselves from it.

        Probably a baddddd idea.

        The issue is that, in practice, a vast number of boxes on the internet are all vulnerable to attack- there's bound to be some hidden flaw in the incredible number of packages out there.

        So the system can be up-to-date with all known patches, and still be attacked. Fining people for things that flat-out aren't their fault is likely to be, at best, contrary to the ISPs customers idea about what makes a good ISP.

        • Re:Open relays (Score:5, Informative)

          by CyanDisaster ( 530718 ) on Wednesday June 23, 2004 @03:58PM (#9511788)
          ...So the system can be up-to-date with all known patches, and still be attacked. Fining people for things that flat-out aren't their fault is likely to be, at best, contrary to the ISPs customers idea about what makes a good ISP...

          I work at an ISP where we do virus removals on customers computers. If someone comes in with a virus, we determine whether it slipped through the email virus scanning. If so, we don't charge them. Otherwise it's usually about half an hour labour to clean the system up. Sooo...basically, if it isn't their fault, there's no charge. Mind you, that's if our system doesn't keep the customer's email clean. Whether their Norton or AVG is up to date or not, and the virus didn't come through email, or they're not on email virus scanning, then we charge them for labour regardless where the virus came from.

          Hope be with ye,
          Cyan
      • Re:Open relays (Score:2, Insightful)

        by Brobock ( 226116 )
        Afterall, there isn't much real cost for a bank to bounce a check, but they're allowed to charge so much because a bounced check is a preventable situation that is very annoying... the fee is there mostly to discurage people from trying to write a bad check.

        The problem with this is that if I cash a check and the other person didn't have the funds, I have to pay for the bounced check as well as you. I have been charged $5 for attempting to cash a check that bounced. I wouldn't say preventable
      • Re:Open relays (Score:5, Insightful)

        by Jim_Maryland ( 718224 ) on Wednesday June 23, 2004 @04:07PM (#9511889)
        I don't know about charging the reconnect fee to the customer in all cases. If a security flaw in your system allows your system to be compromised, is it really the end users fault? If the user chooses not to impliment patches, then maybe your proposal would work, but maybe a user doesn't impliment a patches because an application they use hasn't been certified to work with a particular patch.

        While $35-$50 isn't much of a reconnect fee, disconnecting probably shouldn't be the first step. Ideally the process would go something like this:

        ISP notices a lot of email generated from your node.

        Emails registered address inquiring if the volume of email (send statistics) is known to the user.

        User responds to confirm they are legitimately sending the volume of email or they respond that they are unaware of the volume.

        NOTE: If user does not respond, follow with registered letter or a phone call to the registered user.

        If user resolves the problem (patch/removal) system remains intact. If user is unable to resolve the problem, provide options for resolving it. This may include free support, charged support, or recommendation to other support services (The DC metro area has a company called "Geeks on Call").

        If user doesn't resolve the problem within an alloted time period, disconnect them.

        Charge a reconnect fee.

      • Re:Open relays (Score:3, Interesting)

        by OYAHHH ( 322809 )
        > Maybe some sort of "reconnection fee" from the ISP in the $35-50 range would be a good enough speedbump

        Huh?

        I recently had the opportunity to clean-up one of those "infected PCs".

        My job would have been made a whole lot easier if the stupid ISP who sold my elderly friend the cable modem service had thrown in a free cheap router and a firewall to go on the operating system.

        Instead, they came into her house, connected a very vulnerable windows xp install directly to the cable modem, got her signature o
    • Go back to February, 1999 and read RFC 2505. See what it says about how securing open relays will work to end spam (it's the RFC that says to secure open relays.)

      There are the open relays and there are the ones who abuse them. The ones who abuse them are the spammers, are the criminals. Doncha think maybe a teeny bit of attention might be paid to the criminals? Securing the open relays hasn't ended spam, not since 1999. It's not a means for ending spam. Whacking spammers, on the other hand, has stren
  • by darth_MALL ( 657218 ) on Wednesday June 23, 2004 @03:20PM (#9511396)
    Microsoft closed the account immediately, without investigating.
    They own the account! Not to mention, it's a free account...you get what you pay for. Caveat Emptor, Greg...
    • by EvanED ( 569694 ) <evaned@g[ ]l.com ['mai' in gap]> on Wednesday June 23, 2004 @03:23PM (#9511444)
      That doesn't mean that it isn't a stupid or asinine thing to do. It just means that they wouldn't be held culpable.
      • well normally not a microsoft supporter by any means (g-mail replaced teh very last microsoft thing i had, a hotmail account) i wonder if microsofts actions where all that bad. They closed down an account that had neither received nor sent an e-mail. Granted, there are times that this could be a nuisance, but i doubt one could as easily have an active hotmail account disbarred. Of course, if someone wants to try and report an existing and used hotmail account as spam and gets banned as easily, well then th
        • It's a free email account for starters. Realy do people realy expect them to investigate??? I work with ISP's the the procedure at all of them has been shut down instantly anybody thats accused of spamming and let them complain and then look at the account there are so few false positives this makes sence from an efficiency standpoint. I more wonder if they bothered to send an email to the account stating this and how to fix it, it would also be nice if incomming mail still works. The fact is if you don
        • Of course, if someone wants to try and report an existing and used hotmail account as spam and gets banned as easily, well then there is a problem.

          I would agree with what you say. For his email, big deal. Just make another. But, I somehow doubt that they treated him differently than others; after all, if they did enough checking to determine that he hadn't used the account, they also probably did enough checking to determine that he hadn't sent any email at all, which probably should have set off an alert
    • There may be no monitary value trading hands, but by using a Hotmail account, you're depending on Hotmail to reliably deliver to you messages that have been sent to them marked for final delivery to your account.

      If Hotmail breaks that trust too often, then they won't have anybody in their right mind using the service. Oh, wait, anybody who cares about their e-mail has already left...
    • agreed. it's crappy customer service, but you know, if people don't associate hotmail with microsoft (and i'd bet a good deal don't, especially if the ms customer service when you call is usually better), ms doesn't lose any customers. i mean, i didn't know ms owned hotmail until today (already have plenty of other reasons to hate them). perhaps it's simply not worth it to them to investigate every claim and easier to close down accounts and let people open new ones.
    • by gnu-generation-one ( 717590 ) on Wednesday June 23, 2004 @03:52PM (#9511739) Homepage
      "Microsoft closed the account immediately, without investigating. Reply: They own the account! Not to mention, it's a free account...you get what you pay for. Caveat Emptor, Greg..."

      Whoo! Easy way to shut-down friends on hotmail...

      Dude, we deleted your email!
    • by Tatarize ( 682683 ) on Wednesday June 23, 2004 @03:53PM (#9511746) Homepage
      You overlook some of the more obvious effects of this policy. Basicly if I disliked you, and you had a fairly important hotmail account... It would become trivial to mess with you out of spite.

      Many people use their email accounts for very critical information or personal correspondence. Getting them shutdown because somebody said it was used for spam is wrong.

      Another thing. What if spammers took to spamming the support mail with huge amounts of this account used for spamming messages while using some accounts for spamming. Backlogging the folks while raising heck on the side. The more you think about any solution to spam the more you think of ways around it, if you were a spammer.
    • by Anonymous Coward
      Microsoft closed the account immediately, without investigating.

      Wow, a person in a large company not looking into something. Imagine that...

      Its not a MS problem, its a human problem.

    • What about email spoofing? Everyone knows it is very easy to do. Microsoft would cancel an account that was spoofed by a spammer without asking any questions?
  • by Roadkills-R-Us ( 122219 ) on Wednesday June 23, 2004 @03:21PM (#9511409) Homepage
    Was it Patton or Macarthur who said, "Shoot 'em all, and let God sort them out"? Apparently Microsoft has cloned him and he's now running Hotmail!
    • Was it Patton or Macarthur who said, "Shoot 'em all, and let God sort them out"?

      Rumsfeld, I believe.
    • Neither.

      "Caedite eos! Novit enim Dominus qui sunt eius"
      "Slay them all! God will known his own!"
      -Abbe Arnaud-Amaury, before the slaughter of Beziers during the Albigensian Crusade [wikipedia.org]
    • Was it Patton or Macarthur who said

      Interesting question. Apprently neither. The origins of the phrase are much older [wordwizard.com] than I would have previously thought.
    • actually (Score:3, Informative)

      by sckeener ( 137243 )
      It is attributed to Arnaud-Armaury, the Abbot of Citeaux, and "spiritual advisor" to the Albigensian Crusade.

      Pope Innocent III ordered the Albigensian Crusade, to purge southern France of the Cathari heretics. It began in the summer of 1209, with their first target - the town of Beziers. The Catholic faithful in Beziers refused to give up the Catharis among themselves. The crusaders invaded. When Arnaud-Amaury was asked whom to kill he replied "Kill them all. God will know his own." They did. The crusader
    • Apparently it was Marge Simpson [jahozafat.com]
  • by cybrthng ( 22291 ) on Wednesday June 23, 2004 @03:22PM (#9511418) Homepage Journal
    I had a hotmail account from before microsoft owned it and i got killed because someone reported me as spamming the newsgroups - simply because i used my hotmail account to post to the old Deja news web news interface selling sun hardware on the comp.sun.hardware.forsale :) I had linked to an ebay auction so i guess it was considered "spam" to link to an ebay auction at that time.


    I'm just curious if you have any rights and how the ever popular Gmail and growing yahoo mail will treat complaints as in my case it was someone upset with something i did claiming spam and not abuse by anymeans worth of terminating a long standing account and prohibiting me from accessing years of archived mail that was lost because of the cancellation.


    They did email me i got a free passport account though. Funny i'm terminated but then they try and push something with real potential for abuse and sensitivity :)

    • My hosting service just emailed me to threaten to pull my account because someone complained about spam from my domain. The service threatens that they'll pull my account if they get another complaint. Basically, their policy is that they don't decide if my email is spam or not, if people complain that I sent spam they just pull the acount.

      I have evidence that spam was sent with my email account name forged in the header, but no evidence it actually went through my computers or hosting service. I can't get
      • Their attitude is just assinie, and quite frankly shows that they don't know anything abuot how the internet works (hint: anyone can send email claming to be from anyone else. And almost all spam is faked this way)

        You do own your own domain, right?

        I'm signed up with one-hosting [slashdot.org]. They dissallow "anything that might get them blacklisted" basicaly, so sending spam or using your page to host a spam-promoted site. But no black-lists will list you for being jo-jobed (the anti-spammer term for whats happen
        • by TheMCP ( 121589 ) on Wednesday June 23, 2004 @05:25PM (#9512681) Homepage
          Their attitude is just assinie, and quite frankly shows that they don't know anything abuot how the internet works (hint: anyone can send email claming to be from anyone else. And almost all spam is faked this way)
          I got through to talk to someone. Basically, they do understand what's going on, but they say that it doesn't matter if I sent it or not, if AOL complains enough and they don't terminate my account, AOL will blacklist them and that will cost them too much business. They were able to tell me the subject line of the message being complained about, and it very definitely is spam that I didn't send. (and I'm the only user on my domain.) And, they did tell me that the complaint came from AOL.
          You do own your own domain, right?
          Yup, I do, but I'm really poor because I'm unemployed, and I prepaid my hosting service for a year. So, if they cut me off, I'll have to scrape together money to get a new hosting service (my web site hosts my resume and portfolio) and that would be a hardship to me at the moment. I did my homework on hosting services before signing up, and the one I selected had the best customer ratings in its price class. It upsets me that I'm still having these problems.
          The worst part of being jo-jobbed is that there's really nothing you can do about it, since you can't track down the offender. And the hundreds of bounce messages you get every day...
          Fortunately, Mailblocks filtered out the hundreds of bounce messages, but they didn't include the original message so I can't report it to the FTC. I really want a copy of that original so I can have the spammer prosecuted, which is why I'm trying to get a copy from the hosting service.
  • Hotmail DOS? (Score:5, Insightful)

    by kpansky ( 577361 ) on Wednesday June 23, 2004 @03:22PM (#9511421)
    Doesn't this pose a risk for effectively DOS'ing all hotmail users? Just create a script to aggregate Hotmail accounts through google and send complaints? Thats mildly annoying.
    • What a horrible thought! ... ... starts coding it.
    • Re:Hotmail DOS? (Score:3, Informative)

      by jdunlevy ( 187745 )
      If they do in fact routinely close down accounts after a single complaint without investigating, I find it hard to imagine that hotmail users aren't already being effectively DOS'd. I get so much e-mail spoofing hotmail "From" headers (839 of these messages so far this month at one account), that I'd imagine a significant number of complaints about these spams must be going to hotmail and not to the actual originating ISPs.
  • by drdreff ( 715277 ) on Wednesday June 23, 2004 @03:23PM (#9511426) Homepage Journal
    ... will be affected too. I guess that would probably mean the death of MailMan [gnu.org]
  • by Anonymous Coward on Wednesday June 23, 2004 @03:23PM (#9511428)
    Before this gets slashdotted:

    Exclusive: Hotmail shuts down "spammers" who don't spam

    Complain you got spam from a Hotmail user, and Hotmail's abuse team will shut down their account, no questions asked.

    Hotmail.com shuts down Hotmail accounts shortly after receiving complaints about spam being sent from them, without checking if the user has actually sent spam, NRG Maariv has learned. Thus, malicious users can cause the shutting down of accounts, as an act of revenge or just for kicks.

    In its haste to fight spam, Hotmail has foregone looking into abuse reports it gets from email users. In three instances documented by NRG Maariv, Hotmail's abuse team shut down Hotmail accounts less than 24 hours after receiving complaints about spam being sent from them, even though the spam mail clearly did not originate from those accounts.

    In two of the instances, the spammers spoofed the sender's address so it looked like it was sent from a Hotmail account, while they were actually sent through an Israeli ISP. In both instances, the spoofed accounts were shut down.

    The third instance was a test: NRG Maariv opened a new account with Hotmail and sent no email whatsoever from it. Using a different email, we filed a spam complaint, saying it came from the new Hotmail account. Attached were Internet headers from an old spam, where the sender's address was replaced with that of the new account.

    Within less than 24 hours, we received a message saying the new account was shut down.

    "My name is Claire, and from what I have read in your message, you are complaining about the unsolicited email you received from a Hotmail account", said the message written by Claire C. with MSN Hotmail Technical Support. "I have closed the account you reported in accordance with the Hotmail Terms of Use (TOU). It is a strict violation of the TOU for our members to send objectionable material of any kind or nature using our service".

    Trying to log on to the Hotmail account, we found it closed. No explanation was provided, just a laconic message saying "Account Closed. Access Denied". No appeal procedure was mentioned. The account was shut down for good.

    Hotmail's public relations representative, Waggener Edstrom, has yet to respond to the story.
  • by LostCluster ( 625375 ) * on Wednesday June 23, 2004 @03:23PM (#9511435)
    It's a bit creepy that somebody was able to register a new Hotmail account, send nothing, and then get it closed by sending a spam complaint. Even the dumbest safety check would have proven the alligation to be false because Microsoft should be able to tell from logs that zero messages were ever sent from the account, so even if that was 100% spam that's still zero spam messages!

    The risk of having an account stripped from you because somebody who knows your address falsely accuses you of being a spamer is a bit high to take. Then again, anybody who takes their e-mail seriously shouldn't be on Hotmail anyway...
    • Which do you prefer mate?

      The idea of MS shutting down spammer's accounts, or the idea of them logging your e-mail (sending patterns?, actual content?, destination addresses?) so that they can refute false accusations of spamming on your behalf?

      Even the dumbest safety check would involve MS monitoring and recording your online hotmail related activities.

      Sorry, either they are the big evil empire who would track and log your activities online, or they are proactively trying to reduce Hotmail as a spa
    • Even the dumbest safety check would have proven the alligation to be false because Microsoft should be able to tell from logs that zero messages were ever sent from the account, so even if that was 100% spam that's still zero spam messages!"

      IANA programmer, but I have always wondered, just how easy it is to "Just look at the logs" ? I imagine the "log" from Hotmail servers must be huge. What would it take to look for one email, from one account ? Could they even do it ?

      • What would it take to look for one email, from one account ? Could they even do it ?

        They could, but only if the emails were sent using their SMTP server. If someone uses a hotmail account as the return address but then uses an open relay to send the spam, they would have no way of knowing. Although I suspect that they would see an unusually high number of bounce messages (unless the spammer used an extremely up to date and accurate bulk address list).

      • by XO ( 250276 )
        grep username logfile(s)

    • Even the dumbest safety check would have proven the alligation to be false because Microsoft should be able to tell from logs that zero messages were ever sent from the account, so even if that was 100% spam that's still zero spam messages!

      Spammers almost never send spam from their Hotmail accounts. The Hotmail accounts are used to receive replies to the spam, such as orders.

  • Easily Avoided (Score:2, Insightful)

    by Ag3nt ( 790820 )
    Even though this is a step in the right direction, all the actions proposed are easily manuvered around. They close a hotmail account, another one is opened. I like the ISP e-mail ban though. Another issue that will most likely develop is anyone who buys webspace has an option to set up a POP3 mailbox. I just finished buying 3 gigs worth of space, and as a bonus I was awarded unlimited POP3 accounts. The price per month of that space wasn't even that expensive (www.hostony.com). I admire these ISPs efforts
  • "Internet users also could be limited on the amount of e-mail they send out each day to ensure they haven't become unwitting spammers, under voluntary guidelines proposed to curb unwanted junk e-mail."

    Voluntary means the end user is signing up for this, reading about it, being AWARE of it. If they were any of these 3 to begin with, they'd have already plugged their computer up!!

    • Users do not need to be aware of something to voluntarily agree to it. Think: Adware. If RandomISP includes "We will kill your connection if you spam" in their terms of service, people will still blindly sign it. Heck, they can probably jut 'update' the current ToS, and still consider it voluntary.

      Looks like even evil can be used to fight spam. >:)


      --LordPixie
  • by bennomatic ( 691188 ) on Wednesday June 23, 2004 @03:24PM (#9511451) Homepage
    I gave up on Hotmail a long time ago, not because of spam sent from those accounts, but because any time I opened up a hotmail account, it was immediately deluged by SPAM
  • by networkBoy ( 774728 ) on Wednesday June 23, 2004 @03:25PM (#9511456) Journal
    Not too sure how I feel about this....
    On one hand I applaud the proactive stance of shutting down spammers, but on the other hand I feel that an account should maybe be sent one warning which, if not answered within 1 day or so would then result in account suspension.
    Or, you are prevented from sending out any more e-mails until you respond to a "human test" e-mail.

    Just my thoughts...
    -nB
  • A solution (Score:4, Insightful)

    by Anonymous Coward on Wednesday June 23, 2004 @03:25PM (#9511461)
    I think something like this could work, but not on it's own.

    ISPs should send a letter or e-mail to all their customers (i.e.
    make sure they get it) stating that they are about to introduce
    rate-limiting both from their smtp servers for that IP address/subnet
    and from port 25 from the IP(s).

    Customers who don't know what this means or who aren't bothered will
    ignore it, and will be rate-limited (so they basically won't be
    affected since they either a) aren't bothered, or b) aren't heavy
    e-mail users).

    Customers who know they will be affected or otherwise want to be
    rate-unlimited can e-mail the ISP and request the rate be removed.
    Perhaps they could be asked to prove they are worthy by describing
    what they've done ("I've patched and secured my Windows box, and
    my other boxen run BSD and run no mail daemons").

    This way, no one has their service unfairly cut back, and unknowledgable
    users (those responsible for zombie-Windows systems) will be protected
    (or everyone else protected from them..).
  • excellent idea (Score:3, Interesting)

    by bcrowell ( 177657 ) on Wednesday June 23, 2004 @03:25PM (#9511462) Homepage
    This sounds like an excellent idea, although it depends somewhat on how it's implemented. We don't want to make it impossible for people to run mailing lists. ISPs should allow users who need to send larger amounts of mail to request an increase in their quota. It also sounds from the article like they want the ISPs to simply disconnect users who send mail at more than a certain rate, which sounds like an over-reaction; it would make more sense just to bounce mails that go over the quota.
  • LOL (Score:5, Funny)

    by RealityMogul ( 663835 ) on Wednesday June 23, 2004 @03:25PM (#9511467)
    Ok, so what'll happen if you send a message about spam from "abuse@hotmail.com" to "abuse@hotmail.com"???
    • Ok, so what'll happen if you send a message about spam from "abuse@hotmail.com" to "abuse@hotmail.com"???


      You would look up and see...
      one by one...
      the stars going out.
  • Dupe! (Score:4, Funny)

    by mattjb0010 ( 724744 ) on Wednesday June 23, 2004 @03:27PM (#9511486) Homepage
    Slashdot, more repetitive than spam [slashdot.org]
  • I am Impressed (Score:5, Informative)

    by Mashiki ( 184564 ) <mashiki@gmail.cBALDWINom minus author> on Wednesday June 23, 2004 @03:27PM (#9511491) Homepage
    Really. Those types of machines really are the bane, since Comcast actually started 'doing' something I've seen *nothing* from them. My inbox was empty for the better part of 2-3 weeks, no spam just e-mail. Then yesterday, I start getting a barage of spam from asian open relays. 35 e-mails to 70 spams a day and now it's climbing through the roof, really now. Pop online and I see 207 spams. Gah.

    I mean come off it. And you *wonder* why entire asian hosts are blocked. It's because of crap like that, secure your machines or boot the bloody idijits off of them.

    I don't care if you are too stupid to figure out *how* to do it, pay someone, call that smart 12 year old who knows how but do it. But bloody well do it.
  • As I'm sure many are aware, Microsoft firmly believes in the "you get what you pay for" theory. Hotmail sucks, and I'm sure the people who handle termination of accounts accused of sending spam are not very well-paid or well-qualified to understand most concepts of email (as is the case with most tech support, especially free tech support).

    I have a hotmail account, but it only exists for those times when I have to give an email address to a company I don't trust. If that account gets shut down, I don't re
  • There appear to be ways to make e-mail technology much less prone to spam, but I certainly would be uncomfortable with Microsoft running the show. It needs to be a method that does not tie the server or the client to a proprietary piece of software.

    Blocking computers that have become spam zombies is certainly one approach that, IMO, has some merit, as does simply imposing limits on an individual computer's number of allowed free e-mails per unit time. That would stop some folks from forwarding as many ur
  • by pridkett ( 2666 ) on Wednesday June 23, 2004 @03:29PM (#9511506) Homepage Journal
    The poster makes the claim that 100 per hour or 500 per day would only cause problems for people running companies from their basements. I heartily disagree. Think of people who run mailing lists from their home servers, these can easily send out more than 500 messages a day. Another example, when I recently got engaged, I sent out an email to a LOT of people. Probably over the course of that first hour after I sent out the original notice I sent out well more than 100 emails. I wasn't doing anything wrong.

    The real fact of the matter is that this will do nothing to stem the tide of spam when one considers that most spam is now generated by zombies. Also, don't think they won't just find a way around it. This is like the DMCA, it only stops the honest people.

    Fortunately, there has been some movement on SPF.
    I suppose I can be happy about that.
    • True -- my question is this: why couldn't they pipe email traffic outbound from their customers through one of our fave bayesian filters (spamprobe/assassin/etc.), and for people who had high traffic and a spam-hit of over say 50%, auto-disconnect them. This would dramatically reduce false-positives because of (legit) companies and mailing list types.
  • And I can say that all this about MS closing accounts without proper investigation is absolute BS. I send hundreds of messages a day and . . . #$_ACK . . . [carrier lost]

  • Hmm, Why not just take it one step further, disable email world wide, no more spam. Done.

    (Thats Patent #6505583342 owned by MS by the way)

    The only thing worse than getting spam, is not getting a legitimate message because of a spam filter. The only thing worse than allowing a spammer to operate on your server is denying access to a legitimate individual.
  • by Roadkills-R-Us ( 122219 ) on Wednesday June 23, 2004 @03:31PM (#9511530) Homepage
    I think the idea of shutting down accounts that send spam, even accidentally, has some merit. What would be ideal would be if you could easily set things up so when a violating account authenticated, they could only read email. That way they would have a good chance of seeing the email message you sent them explaining what had happened, why, and how it could be resolved. But that's probably too complex.

    As far as businesses go, just allow businesses who expect to have legitimate needs for more than the baseline to tell you. A slight additional fee would cover the cost to modify the filter parameters for that business.

    Free email accounts? Anyone using such an account for a business is just begging for touble.

    --
    To whomever modded my last post "troll", it was a JOKE, YOU INSENSITIVE CLOD!
  • They are looking at 100 per hour or 500 per day; this doesn't really sound like a bad idea, though it could cause problems for a few people trying to run companies from their basement...

    People trying to run companies from their basement should really have a business account, which generally has a substantially different AUP than an ordinary personal account.

    If they don't, then they're in violation of the AUP, and are at risk of having their account terminated, not just being temporarily disconnecte

  • by CdBee ( 742846 ) on Wednesday June 23, 2004 @03:31PM (#9511538)
    At least one UK ISP (NTL Cable) started doing this at the time of the Blaster worm to reduce the rate of infection among their subscribers. Machines which were infected and transmitting infected packets were booted off the network and not allowed to reconnect until they were clean. Owners had to contact NTL to get theirconnections unblocked.

    As a techy, I ended up cleaning up several machines so their internet-porn deprived owners could feed their fixations. That said, I can't blame NTL for doing this, it was the responsible action and was done at the right time.

    I believe that the duty of ISPs to prevent their customers destroying the internet by inadvertent DDOS should be at least as important as the contractual duty to the consumer.
    • This has been the standard practice in the 5th world (for example Bulgaria) for more then 7 years now. In 1997 we used to block 135-137 and block 25 to anywhere else, but the official relays. We were not the only one. It was the industry practice. AFAIK it still is.

      It is very nice to see the big 10 grow up to the 1997 technical standard of the 5th world and make a big deal about it.

      All I can do is have a belly laugh. WAHAHAHAHAHA...
      • Alas, your ISPs are only offering USB cable modems to people, at least in the Varna area. My boss is there on his summer vacation, signed up for DSL, and all he could get was a modem that used USB to connect. The problem? He's using OS X and the drivers he was given didn't work. So he can't get on. Why, I say, can't they just give out standard Ethernet modems and, if you want a USB connection, one of those Ethernet-to-USB converters?

        I don't know the name of the ISP, but because of this, they automatically
  • Dear sir, It pleases me to inform you that in the last one month I have recieved several spam e-mails for the slashdot.org domain, particularly one from a certain CmDrtaco. Please take appropriate action in your spam filters. cc: yahoo.com, hotmail.com, gmail.com Oh, and by the way, I also recieved some from my_competitors_acct@hotmail.com!
  • Idea Proposal (Score:2, Interesting)

    by Wiser87 ( 742455 )
    "...though it could cause problems for a few people trying to run companies from their basement..."

    I have a solution for this that I think could really work. I think that by default, people should be limited to a certain number of emails per day, and in order to send more than that ammount, they have to register with their ISP or some central organization. Once the information is verified, the person can send as many emails as they want. Then it would be easier to keep track of possible spammers.

    Sur
  • Membership impact (Score:5, Insightful)

    by BoomThing ( 779635 ) on Wednesday June 23, 2004 @03:33PM (#9511558) Homepage Journal
    So if I email an event notice to my club membership list of 208 addresses, (given freely for this purpose) I'll be labelled a spammer unless I split the mailing up over 3 hours? There are other ways to find spammers besides shear output.
    • Re:Membership impact (Score:3, Interesting)

      by fishbowl ( 7759 )
      You might find it much more effective to put your club calendar on a web page, doesn't have to be any fancier than whatever you email out. All 208 members of your club know to look there for updates.

      This approach beats the "spamming out the newsletter to a list" approach, hands down. Especially when your list grows past manageable sizes.

      If you want to operate a mailing list for your interest group, there are good ways to go about that. If you want to dissemenate information periodically, there are muc
  • Collusion? (Score:5, Interesting)

    by sfjoe ( 470510 ) on Wednesday June 23, 2004 @03:35PM (#9511580)
    Consumers who allow their infected computers to send out millions of "spam" messages could be unplugged from the Internet under a proposal released Tuesday by six large e-mail providers.

    Isn't conspiring to restrain trade illegal? Comcast, AOL and others might be opening themselves up to suits from legitimate businesses.
    From businesslaw.gov:
    "Antitrust laws make it illegal to conspire to restrain trade or commerce in any marketplace, regardless of size."

  • strange (Score:4, Interesting)

    by WormholeFiend ( 674934 ) on Wednesday June 23, 2004 @03:36PM (#9511588)
    Back when I was still clueless about spoofing, I sent an abuse complaint to Hotmail about some spam I had received that looked like it came from a hotmail account...

    They replied with an explanation of what spoofing was.

    Then again, maybe the spoofed hotmail address didnt exist in the first place, so they couldnt shut it down sight unseen as they seem to be doing now.
  • by CdBee ( 742846 ) on Wednesday June 23, 2004 @03:36PM (#9511597)
    A lot of people's hijacked systems could have been kept clean were they fully patched:

    I've been saying for a while now, if an ISPs sign-up disk had all current Windows service packs and critical patches loaded into it and installed them as part of the setup procedure -"You consent to Windows update patches being applied to your system during install"- then I'm sure a lot of network and support load could be lifted off the ISP and the net as a whole. If they could broker a deal to install Zonealarm or Sygate Personal firewall at the same time even better.

    It isn't an unreasonable expectation that a machine connecting to a public network shouldn't have gaping security gaps. In fact, IMO, it is a public duty that it should not.
    • Which then opens the ISP to liability of the patch doesn't take, or if something screws up, or the user then mistakenly thinks they're patched against every future problem, or the ISP is then required to make the patches available, or provide tech support for them....

      Considering how easy MS makes it, in XP at least, to have patches autodownloaded in the background, then presented to you for installation....

      • You assume bandwidth and willingness to install. XP needs about 25mb of patches on top of SP1A. And the patches need to be accepted by the user, they won't autoinstall by default. I have seen SO many computers where the little icon for "patches are ready for download/install" is a permanent feature on the systray as the user never clicks it. And by the way thats a great many hours downloading at 56k. Broadband makes us lazy perhaps.

        In the tradition of the subject matter... its obviously necessary to mak
  • I don't know why, but I always get a kick out of it when someone catches a company doing something stupid. This thing about Microsoft terminating an account without investigating is a prime example.

    You'd think they'd have some system in place to investigate, if only to avoid the bad press. But then again... when does Microsoft deserve GOOD press?
  • by Joe the Lesser ( 533425 ) on Wednesday June 23, 2004 @03:44PM (#9511669) Homepage Journal
    It has come to my attention that the email address
    [*@hotmail.com] has been sending out large quantities of spam.

    Please correct the situation as you see fit.

  • When I read "Unplugging Email To Combat Spam", I immediately thought of just forgetting about email altogether and closing all my accounts... This would effectively put an end to all spam as far as I am concerned.

    Which I may still do.

    Except of course that I want to try gmail first. hehe.

  • I wasn't aware that hotmail could be used to send spam, I would have assumed they'd used message-volume limits.

    The fact that Microsoft shuts down hotmail accounts after one complaint is pretty problematic, given the prevalance of forged headers out there...
  • I see this as almost being a good idea, but it's going to upset a lot of customers. When Grandma goes to browse to the bingo site to see if they're having a game tonight, and can't get online, she's not going to have any idea what it means that she's offline for spamming. Ok, so she clicked that nice attachement a couple days ago, but Grandma is effectively computer illiterate.. How do they tell her, "You have to remove the virus from your computer before you can get back online."?

    But hey, provider
  • One problem (Score:3, Insightful)

    by Apreche ( 239272 ) on Wednesday June 23, 2004 @03:58PM (#9511789) Homepage Journal
    The one problem I see is this. You get virussed and your pc starts spamming. You get cut off. Good, that's what you deserve. Your ISP will reconnect you , but if you send spam again you get cut off again. How can you clean out your pc without downloading some cleaning software from the net?

    This pretty much forces users to take one of 4 paths
    1) reinstall
    2) buy software at the store
    3) switch to linux (same as 1 really)
    4) find another net connected computer

    4 is easy for people like /.ers, but almost impossible for average folk, like my parents. 2 really shouldn't be encouraged, ever. 1 and 3 are daunting tasks for the average person also. So what your really doing by cutting them off is permanently cutting them off.

    I think what has to be done is this. Don't cut them off entirely. Just force them to a page hosted by your ISP that helps them fix their problem. Provide some cleaning software. Maybe some harsh informative words. You know, that sort of thing. Until they fix up just route all the mail they spew out to /dev/null.
  • For about a week now, I've been receiving about 400 MB of spam a day, nearly all of it the Zafi.B virus.

    Sometimes it stops, and I thought at first the assault was over, but I think what actually happened is that whoever was sending me the virus just had their PC turned off. After a while, the onslaught starts up again.

    I think it would be great if their ISP were to cut them off.

    My hosting service is supposed to have ClamAV [sourceforge.net] installed, as well as spamassassin, but for some reason they're not working, an

  • Instead of a hard limit of 100 per hour, or 500 per day then no more until the next period, why not use the toilet tank method to control the volume of email sent? Each user is allowed X emails in their tank, and their tank refills at a rate of Y emails/hour or whatever. Force users to use the ISP's mail host as the outbound relay for counting purposes. Run out of emails in your tank? Too bad, wait another hour. It doesn't stop the problem of home computers getting infected and sending spam, but at lea

  • I send mail from home without using an ISP, who's going to be counting my outgoing connections to remote port 25s ?

    If I'm testing my remote server by sending it mail will I have port 25 blocked if my test emails go over the limit counter ?

    What if I were tunnelling data with email as the transport; SOAP is not the only remote protocol.

  • by Gldm ( 600518 ) on Wednesday June 23, 2004 @04:13PM (#9511966)
    Or at least they did when I worked there. I could see 100/hour being an issue for mail lists, but usually 500/day is reasonable and I think that's the only filter they have. One it detects higher than that it blocks port 25. It stays blocked until the user calls in to complain, at which time they get interrogated about mailing lists, viruses, etc. Usually it doesn't get unblocked until they demonstrate that they've gotten updated antivirus etc.

    There was that one guy with the legitimate 3000 user mailing list though, he was really annoyed that we weren't going to let him run that.
  • by AnotherBlackHat ( 265897 ) on Wednesday June 23, 2004 @04:21PM (#9512066) Homepage
    Instead of a complete disconnect, why not redirect all traffic to a proxy that permits connections only to specific anti-virus and update sites, and directs all other web traffic to a page that says "your machine has been quarantined for {spamming|DDoSing|Whatever}, here's what you need to do to fix it..."

    Allow them to reach microsoft update and redhat.com and they're more likely to be able to fix the problem.

    -- not a .sig
  • Lose/Lose Situation (Score:4, Interesting)

    by Cornflake917 ( 515940 ) on Wednesday June 23, 2004 @04:21PM (#9512069) Homepage
    My mom basically runs a country dance club in my hometown. It has well over 500 members in it. Every month she sends out a newsletter by email to all the members that request it. She's already have had problems with spam. Her ISP's spam protection labeled her address as a spammer so she couln't get these newsletters to anyone for a while. Her dialup ISP seemed be pretty cool about it when she called them, and were able to resolve the problem immediately. But if her ISP would follow the ways of these email providers, it would probably force her to email the newsletter over the course of a few days, which would be really annoying and cause problems. Assuming she doesn't get "unplugged."

    I can understand that spamming has got really out of hand, and that something needs to be done about it. But I think the countermeasures might screw other people (like my mom) who are running non-profit orginazations and are sending information on their member's request. It's unfortunate that a handful of people who want to make a few dollars by abusing a system screw over the people who use that system ethically.
  • by nurb432 ( 527695 ) on Wednesday June 23, 2004 @05:55PM (#9512966) Homepage Journal
    The problem with an ISP ( or email service ) canceling an account due to JUST a complaint is that most e-mail's are spoofed..

    If you just take the 'shown' send-from, and complain, you just had an innocent bystander's account wiped...
  • by evilviper ( 135110 ) on Wednesday June 23, 2004 @06:34PM (#9513285) Journal
    They are looking at 100 per hour or 500 per day; this doesn't really sound like a bad idea, though it could cause problems for a few people trying to run companies from their basement...

    Umm, no. The days when you could send emails from your own SMTP server are long gone now.

    First, the cheapest ISPs blocked port 25 entirely, except to their own SMTP server. The idea caught on, and most are blocking port 25.

    Now, even with the very good ISPs, you can send mail over port 25, but even major ISPs are using different spam lists like the SORBs DUL, that blocks ALL EMAIL from dynamic IP addresses, bar none.

    In the near future, having a static IP and one of the better ISPs won't help still. You'll also need to be running your own DNS server, and provide SPF records.

    Frankly, limiting people to 500 emails per day is rather benign compared to all the other measures that have already been taken up to this point. All signs point to the future being even worse for anyone who doesn't want their e-mail service provided by one of the big ISPs.

"I'm a mean green mother from outer space" -- Audrey II, The Little Shop of Horrors

Working...