Unplugging Email To Combat Spam 332
monkeyserver.com writes "from Reuters (via CNN) we hear that 'Consumers who allow their infected computers to send out millions of 'spam' messages could be unplugged from the Internet under a proposal released Tuesday by six large e-mail providers.' They are looking at 100 per hour or 500 per day; this doesn't really sound like a bad idea, though it could cause problems for a few people trying to run companies from their basement..." On the other side of the coin, rastakid writes "It appears that Microsoft is taking its actions against spamming a little bit too far: Hotmail accounts which are suspected of sending spam are closed without a single investigation. This article states that Maariv International registered a new Hotmail account and sent an abuse message about spamming activities from that account, while not a single message was sent from it. Microsoft closed the account immediately, without investigating."
Open relays (Score:5, Interesting)
I agree. Open relays, apparently not as common as they used to be, are still a huge source of the spam we intercept. I'd be in favor penalties for open relays (in theory), but how would that be effective, being that a lot of it originates from outside the US?
Re:Open relays (Score:4, Insightful)
Once this has been done we can then clamp down on the dodgey email servers.
Re:Open relays (Score:3)
This is a fairly nice way of doing things, I think. It involves the provider of the internet connection with the mail delivery process. SPF seems like a good idea, but remember: i
Re:Open relays - SPF (Score:4, Interesting)
One of my customers has their website hosted by one company, and their internet access provided by another company. Their email clients were set up to use their ISP's mail servers, rather than their webhost's, but still use their domain name for the outgoing address.
The webhoster implemented SPF, and all of a sudden, they couldn't send emails within the company, because they were coming in from mail.isp.com, as opposed to mail.webhoster.com.
The webhost company's solution was: "Use our mail server."
This would be fine, other than the ISP blocks outgoing port 25 to prevent spam, thereby prohibiting the use of any mail server other than mail.isp.com.
If everybody used the same anti-spam solutions, it would be fine, but they don't, and the mish-mash makes legitimate email very difficult to send sometimes.
Re:Open relays - SPF (Score:3, Informative)
Which brings up another point, the owner of the domain should have 'control' of the DNS (and thus make the decision on whether or not to publish SPF ecords) for their domain.
Re:Open relays (Score:5, Interesting)
Maybe some sort of "reconnection fee" from the ISP in the $35-50 range would be a good enough speedbump to make consumers aware that this kind of threat exists and it will be their problem if they don't protect themselves from it. Afterall, there isn't much real cost for a bank to bounce a check, but they're allowed to charge so much because a bounced check is a preventable situation that is very annoying... the fee is there mostly to discurage people from trying to write a bad check.
Re:Open relays (Score:4, Insightful)
Probably a baddddd idea.
The issue is that, in practice, a vast number of boxes on the internet are all vulnerable to attack- there's bound to be some hidden flaw in the incredible number of packages out there.
So the system can be up-to-date with all known patches, and still be attacked. Fining people for things that flat-out aren't their fault is likely to be, at best, contrary to the ISPs customers idea about what makes a good ISP.
Re:Open relays (Score:5, Informative)
I work at an ISP where we do virus removals on customers computers. If someone comes in with a virus, we determine whether it slipped through the email virus scanning. If so, we don't charge them. Otherwise it's usually about half an hour labour to clean the system up. Sooo...basically, if it isn't their fault, there's no charge. Mind you, that's if our system doesn't keep the customer's email clean. Whether their Norton or AVG is up to date or not, and the virus didn't come through email, or they're not on email virus scanning, then we charge them for labour regardless where the virus came from.
Hope be with ye,
Cyan
Re:Open relays (Score:2, Insightful)
The problem with this is that if I cash a check and the other person didn't have the funds, I have to pay for the bounced check as well as you. I have been charged $5 for attempting to cash a check that bounced. I wouldn't say preventable
Re:Open relays (Score:5, Insightful)
While $35-$50 isn't much of a reconnect fee, disconnecting probably shouldn't be the first step. Ideally the process would go something like this:
ISP notices a lot of email generated from your node.
Emails registered address inquiring if the volume of email (send statistics) is known to the user.
User responds to confirm they are legitimately sending the volume of email or they respond that they are unaware of the volume.
NOTE: If user does not respond, follow with registered letter or a phone call to the registered user.
If user resolves the problem (patch/removal) system remains intact. If user is unable to resolve the problem, provide options for resolving it. This may include free support, charged support, or recommendation to other support services (The DC metro area has a company called "Geeks on Call").
If user doesn't resolve the problem within an alloted time period, disconnect them.
Charge a reconnect fee.
Re:Open relays (Score:3, Interesting)
Huh?
I recently had the opportunity to clean-up one of those "infected PCs".
My job would have been made a whole lot easier if the stupid ISP who sold my elderly friend the cable modem service had thrown in a free cheap router and a firewall to go on the operating system.
Instead, they came into her house, connected a very vulnerable windows xp install directly to the cable modem, got her signature o
Re:Am I my keeper's brother? (Score:3, Interesting)
There are the open relays and there are the ones who abuse them. The ones who abuse them are the spammers, are the criminals. Doncha think maybe a teeny bit of attention might be paid to the criminals? Securing the open relays hasn't ended spam, not since 1999. It's not a means for ending spam. Whacking spammers, on the other hand, has stren
hate to point out the obvious... (Score:4, Informative)
They own the account! Not to mention, it's a free account...you get what you pay for. Caveat Emptor, Greg...
Re:hate to point out the obvious... (Score:5, Insightful)
is it realyl that bad (Score:2)
Re:is it realyl that bad (Score:2)
Re:is it realyl that bad (Score:2)
I would agree with what you say. For his email, big deal. Just make another. But, I somehow doubt that they treated him differently than others; after all, if they did enough checking to determine that he hadn't used the account, they also probably did enough checking to determine that he hadn't sent any email at all, which probably should have set off an alert
Re:hate to point out the obvious... (Score:3, Interesting)
If Hotmail breaks that trust too often, then they won't have anybody in their right mind using the service. Oh, wait, anybody who cares about their e-mail has already left...
Re:hate to point out the obvious... (Score:2)
Re:hate to point out the obvious... (Score:2)
Re:hate to point out the obvious... (Score:4, Funny)
Whoo! Easy way to shut-down friends on hotmail...
Dude, we deleted your email!
Re:hate to point out the obvious... (Score:4, Insightful)
Many people use their email accounts for very critical information or personal correspondence. Getting them shutdown because somebody said it was used for spam is wrong.
Another thing. What if spammers took to spamming the support mail with huge amounts of this account used for spamming messages while using some accounts for spamming. Backlogging the folks while raising heck on the side. The more you think about any solution to spam the more you think of ways around it, if you were a spammer.
Re:hate to point out the obvious... (Score:3, Insightful)
If your email is so important to you (I know mine is to me) than dont bitch about free services.
Re:hate to point out the obvious... (Score:2, Funny)
Wow, a person in a large company not looking into something. Imagine that...
Its not a MS problem, its a human problem.
spoofing (Score:2)
The General of Hotmail (Score:3, Funny)
Re:The General of Hotmail (Score:2, Funny)
Rumsfeld, I believe.
OT: Quote source (Score:3, Informative)
"Caedite eos! Novit enim Dominus qui sunt eius"
"Slay them all! God will known his own!"
-Abbe Arnaud-Amaury, before the slaughter of Beziers during the Albigensian Crusade [wikipedia.org]
Re:The General of Hotmail (Score:3, Interesting)
Interesting question. Apprently neither. The origins of the phrase are much older [wordwizard.com] than I would have previously thought.
actually (Score:3, Informative)
Pope Innocent III ordered the Albigensian Crusade, to purge southern France of the Cathari heretics. It began in the summer of 1209, with their first target - the town of Beziers. The Catholic faithful in Beziers refused to give up the Catharis among themselves. The crusaders invaded. When Arnaud-Amaury was asked whom to kill he replied "Kill them all. God will know his own." They did. The crusader
Re:The General of Hotmail (Score:2)
I can vouch for cancellations on hotmail (Score:5, Interesting)
I'm just curious if you have any rights and how the ever popular Gmail and growing yahoo mail will treat complaints as in my case it was someone upset with something i did claiming spam and not abuse by anymeans worth of terminating a long standing account and prohibiting me from accessing years of archived mail that was lost because of the cancellation.
They did email me i got a free passport account though. Funny i'm terminated but then they try and push something with real potential for abuse and sensitivity
It's the direction of the industry... (Score:3, Interesting)
I have evidence that spam was sent with my email account name forged in the header, but no evidence it actually went through my computers or hosting service. I can't get
Get another hosting provider right away? (Score:3, Informative)
You do own your own domain, right?
I'm signed up with one-hosting [slashdot.org]. They dissallow "anything that might get them blacklisted" basicaly, so sending spam or using your page to host a spam-promoted site. But no black-lists will list you for being jo-jobed (the anti-spammer term for whats happen
Re:Get another hosting provider right away? (Score:4, Interesting)
Hotmail DOS? (Score:5, Insightful)
Re:Hotmail DOS? (Score:2, Funny)
Re:Hotmail DOS? (Score:3, Informative)
Private mailing lists.. (Score:5, Interesting)
Re:Private mailing lists.. (Score:2)
Karma-Whoring-Free Article Posting (Score:4, Informative)
Exclusive: Hotmail shuts down "spammers" who don't spam
Complain you got spam from a Hotmail user, and Hotmail's abuse team will shut down their account, no questions asked.
Hotmail.com shuts down Hotmail accounts shortly after receiving complaints about spam being sent from them, without checking if the user has actually sent spam, NRG Maariv has learned. Thus, malicious users can cause the shutting down of accounts, as an act of revenge or just for kicks.
In its haste to fight spam, Hotmail has foregone looking into abuse reports it gets from email users. In three instances documented by NRG Maariv, Hotmail's abuse team shut down Hotmail accounts less than 24 hours after receiving complaints about spam being sent from them, even though the spam mail clearly did not originate from those accounts.
In two of the instances, the spammers spoofed the sender's address so it looked like it was sent from a Hotmail account, while they were actually sent through an Israeli ISP. In both instances, the spoofed accounts were shut down.
The third instance was a test: NRG Maariv opened a new account with Hotmail and sent no email whatsoever from it. Using a different email, we filed a spam complaint, saying it came from the new Hotmail account. Attached were Internet headers from an old spam, where the sender's address was replaced with that of the new account.
Within less than 24 hours, we received a message saying the new account was shut down.
"My name is Claire, and from what I have read in your message, you are complaining about the unsolicited email you received from a Hotmail account", said the message written by Claire C. with MSN Hotmail Technical Support. "I have closed the account you reported in accordance with the Hotmail Terms of Use (TOU). It is a strict violation of the TOU for our members to send objectionable material of any kind or nature using our service".
Trying to log on to the Hotmail account, we found it closed. No explanation was provided, just a laconic message saying "Account Closed. Access Denied". No appeal procedure was mentioned. The account was shut down for good.
Hotmail's public relations representative, Waggener Edstrom, has yet to respond to the story.
Re:Karma-Whoring-Free Article Posting (Score:3, Informative)
DOS by False Accusation? (Score:5, Interesting)
The risk of having an account stripped from you because somebody who knows your address falsely accuses you of being a spamer is a bit high to take. Then again, anybody who takes their e-mail seriously shouldn't be on Hotmail anyway...
Re:DOS by False Accusation? (Score:2)
The idea of MS shutting down spammer's accounts, or the idea of them logging your e-mail (sending patterns?, actual content?, destination addresses?) so that they can refute false accusations of spamming on your behalf?
Even the dumbest safety check would involve MS monitoring and recording your online hotmail related activities.
Sorry, either they are the big evil empire who would track and log your activities online, or they are proactively trying to reduce Hotmail as a spa
Re:DOS by False Accusation? (Score:2)
IANA programmer, but I have always wondered, just how easy it is to "Just look at the logs" ? I imagine the "log" from Hotmail servers must be huge. What would it take to look for one email, from one account ? Could they even do it ?
Re:DOS by False Accusation? (Score:2, Informative)
What would it take to look for one email, from one account ? Could they even do it ?
They could, but only if the emails were sent using their SMTP server. If someone uses a hotmail account as the return address but then uses an open relay to send the spam, they would have no way of knowing. Although I suspect that they would see an unusually high number of bounce messages (unless the spammer used an extremely up to date and accurate bulk address list).
Re:DOS by False Accusation? (Score:3, Informative)
Re:DOS by False Accusation? (Score:2)
Spammers almost never send spam from their Hotmail accounts. The Hotmail accounts are used to receive replies to the spam, such as orders.
Easily Avoided (Score:2, Insightful)
Targeting the wrong people (Score:2)
Voluntary means the end user is signing up for this, reading about it, being AWARE of it. If they were any of these 3 to begin with, they'd have already plugged their computer up!!
Thank god for big ToS's. (Score:2)
Looks like even evil can be used to fight spam. >:)
--LordPixie
It's kind of ironic, isn't it? (Score:5, Insightful)
Re:It's kind of ironic, isn't it? (Score:2, Interesting)
Well, until the bad bots read this page, anyway...
hotmail closing accounts (Score:3, Insightful)
On one hand I applaud the proactive stance of shutting down spammers, but on the other hand I feel that an account should maybe be sent one warning which, if not answered within 1 day or so would then result in account suspension.
Or, you are prevented from sending out any more e-mails until you respond to a "human test" e-mail.
Just my thoughts...
-nB
A solution (Score:4, Insightful)
ISPs should send a letter or e-mail to all their customers (i.e.
make sure they get it) stating that they are about to introduce
rate-limiting both from their smtp servers for that IP address/subnet
and from port 25 from the IP(s).
Customers who don't know what this means or who aren't bothered will
ignore it, and will be rate-limited (so they basically won't be
affected since they either a) aren't bothered, or b) aren't heavy
e-mail users).
Customers who know they will be affected or otherwise want to be
rate-unlimited can e-mail the ISP and request the rate be removed.
Perhaps they could be asked to prove they are worthy by describing
what they've done ("I've patched and secured my Windows box, and
my other boxen run BSD and run no mail daemons").
This way, no one has their service unfairly cut back, and unknowledgable
users (those responsible for zombie-Windows systems) will be protected
(or everyone else protected from them..).
excellent idea (Score:3, Interesting)
LOL (Score:5, Funny)
Re:LOL (Score:2)
You would look up and see...
one by one...
the stars going out.
Dupe! (Score:4, Funny)
I am Impressed (Score:5, Informative)
I mean come off it. And you *wonder* why entire asian hosts are blocked. It's because of crap like that, secure your machines or boot the bloody idijits off of them.
I don't care if you are too stupid to figure out *how* to do it, pay someone, call that smart 12 year old who knows how but do it. But bloody well do it.
Well, you get what you pay for (Score:2)
I have a hotmail account, but it only exists for those times when I have to give an email address to a company I don't trust. If that account gets shut down, I don't re
Whack-a-spam (Score:2)
Blocking computers that have become spam zombies is certainly one approach that, IMO, has some merit, as does simply imposing limits on an individual computer's number of allowed free e-mails per unit time. That would stop some folks from forwarding as many ur
Companies from Basements? (Score:5, Insightful)
The real fact of the matter is that this will do nothing to stem the tide of spam when one considers that most spam is now generated by zombies. Also, don't think they won't just find a way around it. This is like the DMCA, it only stops the honest people.
Fortunately, there has been some movement on SPF.
I suppose I can be happy about that.
Re:Companies from Basements? (Score:2)
I use Hotmail (Score:2, Funny)
And I can say that all this about MS closing accounts without proper investigation is absolute BS. I send hundreds of messages a day and . . . #$_ACK . . . [carrier lost]
Is the cure worse than the disease? (Score:2)
(Thats Patent #6505583342 owned by MS by the way)
The only thing worse than getting spam, is not getting a legitimate message because of a spam filter. The only thing worse than allowing a spammer to operate on your server is denying access to a legitimate individual.
More details needed... (Score:3, Interesting)
As far as businesses go, just allow businesses who expect to have legitimate needs for more than the baseline to tell you. A slight additional fee would cover the cost to modify the filter parameters for that business.
Free email accounts? Anyone using such an account for a business is just begging for touble.
--
To whomever modded my last post "troll", it was a JOKE, YOU INSENSITIVE CLOD!
Running a company from their basement? (Score:2, Insightful)
People trying to run companies from their basement should really have a business account, which generally has a substantially different AUP than an ordinary personal account.
If they don't, then they're in violation of the AUP, and are at risk of having their account terminated, not just being temporarily disconnecte
Already happens in the UK (Score:5, Interesting)
As a techy, I ended up cleaning up several machines so their internet-porn deprived owners could feed their fixations. That said, I can't blame NTL for doing this, it was the responsible action and was done at the right time.
I believe that the duty of ISPs to prevent their customers destroying the internet by inadvertent DDOS should be at least as important as the contractual duty to the consumer.
Re:Already happens in the UK (Score:2)
It is very nice to see the big 10 grow up to the 1997 technical standard of the 5th world and make a big deal about it.
All I can do is have a belly laugh. WAHAHAHAHAHA...
Re:Already happens in the UK (Score:3, Interesting)
I don't know the name of the ISP, but because of this, they automatically
Spam Complaint (Score:2, Funny)
Idea Proposal (Score:2, Interesting)
I have a solution for this that I think could really work. I think that by default, people should be limited to a certain number of emails per day, and in order to send more than that ammount, they have to register with their ISP or some central organization. Once the information is verified, the person can send as many emails as they want. Then it would be easier to keep track of possible spammers.
Sur
Membership impact (Score:5, Insightful)
Re:Membership impact (Score:3, Interesting)
This approach beats the "spamming out the newsletter to a list" approach, hands down. Especially when your list grows past manageable sizes.
If you want to operate a mailing list for your interest group, there are good ways to go about that. If you want to dissemenate information periodically, there are muc
Collusion? (Score:5, Interesting)
Isn't conspiring to restrain trade illegal? Comcast, AOL and others might be opening themselves up to suits from legitimate businesses.
From businesslaw.gov:
"Antitrust laws make it illegal to conspire to restrain trade or commerce in any marketplace, regardless of size."
strange (Score:4, Interesting)
They replied with an explanation of what spoofing was.
Then again, maybe the spoofed hotmail address didnt exist in the first place, so they couldnt shut it down sight unseen as they seem to be doing now.
Distributing patches on sign-up disks (Score:5, Insightful)
I've been saying for a while now, if an ISPs sign-up disk had all current Windows service packs and critical patches loaded into it and installed them as part of the setup procedure -"You consent to Windows update patches being applied to your system during install"- then I'm sure a lot of network and support load could be lifted off the ISP and the net as a whole. If they could broker a deal to install Zonealarm or Sygate Personal firewall at the same time even better.
It isn't an unreasonable expectation that a machine connecting to a public network shouldn't have gaping security gaps. In fact, IMO, it is a public duty that it should not.
Re:Distributing patches on sign-up disks (Score:2)
Which then opens the ISP to liability of the patch doesn't take, or if something screws up, or the user then mistakenly thinks they're patched against every future problem, or the ISP is then required to make the patches available, or provide tech support for them....
Considering how easy MS makes it, in XP at least, to have patches autodownloaded in the background, then presented to you for installation....
Re:Distributing patches on sign-up disks (Score:3, Informative)
In the tradition of the subject matter... its obviously necessary to mak
I love catching companies in bad behavior! (Score:2)
You'd think they'd have some system in place to investigate, if only to avoid the bad press. But then again... when does Microsoft deserve GOOD press?
Dear Microsoft, (Score:5, Funny)
[*@hotmail.com] has been sending out large quantities of spam.
Please correct the situation as you see fit.
Unplugging Email To Combat Spam (Score:2)
Which I may still do.
Except of course that I want to try gmail first. hehe.
Hotmail spam (Score:2)
The fact that Microsoft shuts down hotmail accounts after one complaint is pretty problematic, given the prevalance of forged headers out there...
Anti-spam (Score:2)
But hey, provider
One problem (Score:3, Insightful)
This pretty much forces users to take one of 4 paths
1) reinstall
2) buy software at the store
3) switch to linux (same as 1 really)
4) find another net connected computer
4 is easy for people like
I think what has to be done is this. Don't cut them off entirely. Just force them to a page hosted by your ISP that helps them fix their problem. Provide some cleaning software. Maybe some harsh informative words. You know, that sort of thing. Until they fix up just route all the mail they spew out to
I've been getting 400 MB of viruses a day (Score:2)
Sometimes it stops, and I thought at first the assault was over, but I think what actually happened is that whoever was sending me the virus just had their PC turned off. After a while, the onslaught starts up again.
I think it would be great if their ISP were to cut them off.
My hosting service is supposed to have ClamAV [sourceforge.net] installed, as well as spamassassin, but for some reason they're not working, an
toilet tank (Score:2)
Who's doing the counting? (Score:2)
I send mail from home without using an ISP, who's going to be counting my outgoing connections to remote port 25s ?
If I'm testing my remote server by sending it mail will I have port 25 blocked if my test emails go over the limit counter ?
What if I were tunnelling data with email as the transport; SOAP is not the only remote protocol.
Optimum Online has a 500/day filter already. (Score:3, Informative)
There was that one guy with the legitimate 3000 user mailing list though, he was really annoyed that we weren't going to let him run that.
Don't disconnect, redirect. (Score:5, Interesting)
Allow them to reach microsoft update and redhat.com and they're more likely to be able to fix the problem.
-- not a
Lose/Lose Situation (Score:4, Interesting)
I can understand that spamming has got really out of hand, and that something needs to be done about it. But I think the countermeasures might screw other people (like my mom) who are running non-profit orginazations and are sending information on their member's request. It's unfortunate that a handful of people who want to make a few dollars by abusing a system screw over the people who use that system ethically.
A problem with deactivating accounts on sight.. (Score:4, Insightful)
If you just take the 'shown' send-from, and complain, you just had an innocent bystander's account wiped...
You are not allowed to send email anymore... (Score:5, Informative)
Umm, no. The days when you could send emails from your own SMTP server are long gone now.
First, the cheapest ISPs blocked port 25 entirely, except to their own SMTP server. The idea caught on, and most are blocking port 25.
Now, even with the very good ISPs, you can send mail over port 25, but even major ISPs are using different spam lists like the SORBs DUL, that blocks ALL EMAIL from dynamic IP addresses, bar none.
In the near future, having a static IP and one of the better ISPs won't help still. You'll also need to be running your own DNS server, and provide SPF records.
Frankly, limiting people to 500 emails per day is rather benign compared to all the other measures that have already been taken up to this point. All signs point to the future being even worse for anyone who doesn't want their e-mail service provided by one of the big ISPs.
Re:what about forgeries? (Score:2, Insightful)
Anyone care to open a hotmail account and then forge an email to appear to come from that account....just to see what happens?
You mean, like the article says?
Maariv opened a new account with Hotmail and sent no email whatsoever from it. Using a different email, we filed a spam complaint, saying it came from the new Hotmail account. Attached were Internet headers from an old spam, where the sender's address was replaced with that of the new account. Within less than 24 hours, we received a message sayin
Re:what about forgeries? (Score:2, Funny)
Along a similar train of thought, how about creating a new Hotmail account, then from this new account, file a complaint against it regarding spam abuse. Should be interesting to see if they'd shut it down right away, or just what they'd do...
Hope be with ye,
Cyan
Re:Blame the victim? (Score:4, Interesting)
Re:Blame the victim? (Score:3, Interesting)
Virtually no mail server will accept an email that is sent from an unknown system, anymore. I had to reconfigure all of my computers on my network to use my ISP's SMTP server, instead of using the one built into my email server, because virtually every site i sent legitimate email to bounced it back saying "we don't accept email from this host" or some such. When I changed to using Comcasts SMTP server, even though i was still using the s
Re:Blame the victim? (Score:2)
What in the world are you talking about? Email has nothing to do with operating systems, and Hotmail is a Web-based service. This "exploit" is made possible by Microsoft's policy, not their products.
Re:Hotmail is the most adversarial... (Score:2)
MSN views Hotmail as a conduit to annoy users into paying money, rather than as an opportunity to increase page views and advertising revenue. They shill MSN, Calendars, increased storage, etc. I've used my hotmail account for quite a few years now to manage mailing list subscriptions and to use as a sign-up account for new websites... Approximately 3 hours of using Gmail convinced me that it's well worthwhile to switch over to Gmail. Does MSN have any idea how man