Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Fighting the Hydra -- A Spam Warrior's Tale

timothy posted more than 11 years ago | from the damned-either-way dept.

Spam 333

Selanit writes "Salon has an interesting article about the battle against spam from the viewpoint of Suresh Ramasubramanian, a sysadmin working in Hong Kong. His most interesting complaint concerns the fragmentation of anti-spam forces: not only does he have to deal with spammers, but also with anti-spammers who assume because his company is Chinese that he isn't doing anything about spam. Hmm ... decentralized opponents striking from the shadows against quarreling allies. Does this sound familiar to anyone else?"

cancel ×

333 comments

Sorry! There are no comments related to the filter you selected.

vive la France ! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5613910)

Ce premier poste est dédié à Napoléon 1er !

Re:vive la France ! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5613914)

Wow, that was a fast fp. Almost faster than you French can surrender.

Re:vive la France ! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5613959)

Remember correctly... You lose Pearl Harbor because you didn't want to enter that war that you should have. You used a nuclear bomb just to take revenge a few days before you knew (or should have known) the Japan would surrender. Later, you engage yourself in a war in vietnam, that you shouldn't have.
It seems US administrations have never known when war is worthless or not...
Don't you find weird that most terrorists from 9/11 were from saudi arabia and that you are attacking Iraq ?

Re:vive la France ! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5614012)

..and you Frenchies don't care if Iraqi citizens are raped and killed in the streets as long as you're allowed to rape Iraq for cheap oil and put money in Saddam's hands.

You even gave Saddam atomic bombs for cheap oil rights.

You don't have to worry about atomic bombs when your country rolls over and surrenders at the first sign of war.

Lesser of two evils (0)

Anonymous Coward | more than 11 years ago | (#5614065)

and you Frenchies don't care if Iraqi citizens are raped and killed in the streets

That is an emotional argument that has absolutely no place in international realpolitik.

Given a choice between causing a total breakdown of the international collaboration and diplomacy by embarking on unilateral war of agression and letting a tin-pot dictator oppress his people, I would always choose the latter. It is simply the lesser of two evils.

As heartless as it sounds, an unstable world where nation states are allowed to take unilateral, pre-emptive military action to pursue their own narrow minded nationalistic interests will cause more evil and suffering than a piss-ant dictator in a third world country could ever achieve.

Re:Lesser of two evils (0)

Anonymous Coward | more than 11 years ago | (#5614078)

"As heartless as it sounds, an unstable world where nation states are allowed to take unilateral, pre-emptive military action to pursue their own narrow minded nationalistic interests will cause more evil and suffering than a piss-ant dictator in a third world country could ever achieve."

Such as?

Re:vive la France ! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5613941)

Okay, I think it's time for you to surrender.

Re:vive la France ! (0)

Anonymous Coward | more than 11 years ago | (#5613971)

Translated with google: "This first station is dedicated to Napoleon 1st!"

post-translated with brain: "This first post is dedicated to Napoleon the 1:st"

Goony Goo Goo!! (0)

Anonymous Coward | more than 11 years ago | (#5613978)

wee! wee! ala runny ass eggs (I want em in me)

Re:vive les États-Unis d'Amérique! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5613986)

Le président américain George W. Buisson a des ambitions militaires comparable à Napoléon 1er, justement.

FUCK THE USA (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5613987)

Iraq will screw you. The UN things you are a bunch of arrogant morons over you invasion.

The war won't go too well. Remember Grozny?

USA will decide YOUR fate!! (-1)

Anonymous Coward | more than 11 years ago | (#5614005)

You know they will..That's right.You KNOW they will!
DO NOT CROSS THE ONLY REAL WORLD POWER!!

World Power? That's a laugh (-1)

Anonymous Coward | more than 11 years ago | (#5614011)

America is fucked. It is lead by someone with an IQ of 70.

Do you really think you would stand a chance if russia china , germant, france and the middle east turned against you?

Correct Answer: No. You wouldn't last 2 months.

Re:World Power? That's a laugh (0)

Anonymous Coward | more than 11 years ago | (#5614025)

Maybe so,but you/they would be left in the cultural dark-ages!!Face it you love the USA while hating the USA!

USA? Culture? (0)

Anonymous Coward | more than 11 years ago | (#5614080)

USA has no culture. What have you given the world...

*McDonalds... (gross)
*Crappy TV shows (Dumb comedy - Adam Sandler springs to mind)

That's it, culture wise.

Keep in mind I *don't* hate american people - just america's unprovoked invasion of Iraq.

Re:USA? Culture? afraid so (-1)

Anonymous Coward | more than 11 years ago | (#5614118)

Do not forget David Hasselholf!! Even rejects of the USA are revered!!!

Re:World Power? That's a laugh (0)

Anonymous Coward | more than 11 years ago | (#5614144)

Well, if at least it were Forrest Gump, this'd be cool as he's supposed to be a nice pacific fellow.

Send back the Statue of Liberty! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5614100)

Send back the Statue of Liberty. We don't need it anymore.

Sign the petition [petitiononline.com] and Visit the website [sendbackliberty.us]

Vaguely obsene (-1, Flamebait)

Tailhook (98486) | more than 11 years ago | (#5613912)

"Ramasubramanian"

Yeah, I know. I suck.

Re:Vaguely obsene (0)

Anonymous Coward | more than 11 years ago | (#5613962)

Ya, I can't even pronounce it very well. Hell, why couldn't have been "supercalifragilisticexpialidocious" instead? >:-P

Re:Vaguely obscene (0)

Anonymous Coward | more than 11 years ago | (#5613993)

Because he probably isn't gay,like yourself.Will you request that he skips whilst saying it? I fear the answer.

The spammer. (1)

termos (634980) | more than 11 years ago | (#5613917)

A Spam Warrior's Tale..
When is the sequel out? A Spammers Tale? I can't wait!

Another world group? (1)

Blaine Hilton (626259) | more than 11 years ago | (#5613927)

Could this be the start of a grass roots organization similar to the WTO, UN, EU and other multi-national groups that are surposed to help with global issues? Can't you see it now the "United Spam Busters" USB!

Re:Another world group? (2, Insightful)

Anonymous Coward | more than 11 years ago | (#5613970)

I don't see how anyone is going to trust the USA in an international treaty any time soon. The USA will simply opt out of any regulation as soon as it hampers their economic well-being. Since most of the spam originates in the USA, how likely is "USB"?

Re:Another world group? (0, Funny)

Anonymous Coward | more than 11 years ago | (#5614302)

How about Allies for Silencing Spam?

Interesting idea (1, Interesting)

Anonymous Coward | more than 11 years ago | (#5613930)

Just one question... what if the spammer doesn't connect to your SMTP server to send billions of messages from it? What if the spammer (with half a brain, and some scripting ability), only sends a few emails through your SMTP server? Most SMTP servers are wide open still, and simply sending 10 emails on one server and moving on to another open server would be so low that statistical usage wouldn't show anything on the radar screen... or did I not understand what you are trying to do?

Spammers (0)

Anonymous Coward | more than 11 years ago | (#5613945)

I don't get any feeling of "moral superiority" from seeing anyone hurt. I just want all spammers shot on sight or in a nice big line-up with a chaingun. Anyone asinine enough to send spam does not need to be contributing to the gene pool.
Burning Karma makes me feel all prickly inside though...

I cried when Slashdot told me that I was alone in the world...

Re:Spammers (-1)

bluxus (657798) | more than 11 years ago | (#5614050)

You're soooooo into it you can't even see the other side! Just give in and post like the man-child you are. Really, it will set you free.

Fight the good fight (4, Insightful)

rf0 (159958) | more than 11 years ago | (#5613946)

I think this article does bring up a good point that people do tar Asia with the same brush in that you can just block them and have no problems. Its nice to see someone doing a decent job. For more fun on fighting spam see NANA [google.com]

rus

Re:Fight the good fight (2, Interesting)

arvindn (542080) | more than 11 years ago | (#5613988)

For more fun on fighting spam see NANA

Fun? The article repeatedly made the point that fighting spam is no fun at all.

Re:Fight the good fight (3, Funny)

BrokenHalo (565198) | more than 11 years ago | (#5614033)

fighting spam is no fun at all.

Tell me about it. I got so fed up with my spam that when I changed my ISP I made damn sure nobody I didn't want to hear from had my address. One travel firm (an Asian outfit) managed to get my address anyway, but I haven't heard from them since I put up a little web-page at Tripod saying "I am willing to opt-in to all bulk or commercial mail at..." and listed all of their contact addresses I could find.

Childish, I know, but it did the trick.

Re:Fight the good fight (0)

Anonymous Coward | more than 11 years ago | (#5614003)

65535.net [65535.net] - IRC + Shell Accounts

Damn those prices are high. I pay a fraction of that for web hosting with much better specs, and my webhost will allow background processes on a case-by-case basis.

Welcome to the life of a helpdesk worker. (5, Insightful)

millwall (622730) | more than 11 years ago | (#5613951)

No matter what he does, he can't please everyone. According to Tiffiany Mork, senior abuse engineer at Allegiance Internet, a very thick skin is a requirement for an abuse-desk worker. Her typical day includes verbal harassment, screaming, threats, and "all manner of nasty things."

Like that is different from working in any other kind of helpdesk!

Re:Welcome to the life of a helpdesk worker. (2, Insightful)

WegianWarrior (649800) | more than 11 years ago | (#5614295)

Like that is different from working in any other kind of helpdesk!


It's not different from not not working in any helpdesk either, but being the one most your colleguas call because the helpdesk "refuse" to help them... like if I can help them recover they didn't save before shutting down the day before by pulling out the powercord.

That aside, I think there would be a lot less stress overall for the people working for any sort of helpdesk if we users remembered to be polite, and that in turn would mean better service in return (less stressed out helpdesk-staffers would be more willing to give us good service).

Sounds like Slashdot (3, Funny)

product byproduct (628318) | more than 11 years ago | (#5613952)

... decentralized opponents striking from the shadows against quarreling allies. Does this sound familiar to anyone else?

Yes, it's like the horde of trolls striking while other people are trying to discuss the subject at hand.

ATTN: So-called peace activists (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5613953)

Eat shit, you greasy pacifist hippies.

I am sick to death of the ludicrous anti-American ravings of you pissed-off geeks. Do you really believe the rest of us don't see right through your mental pathology? Your entire political philosophy boils down to this: "The cool kids picked on me in high school, and I can't get over it. I hate America"

You may not be worse than Hitler, but if anyone worse than Hitler ever comes along, he'll be depending on Useful Idiots like yourselves to make this earth a safe place for him.

If there were any justice in this world (and there isn't, thanks in large part to you dictator-appeasing ubermorons), YOU would be considered legitimate "Targets of Opportunity" for every God-fearing American choosing to exercise his second amendment rights.

Please wash the sacred blood of Iraqi dissidents and freedom fighters off your filthy hands, then fuck off, die, and fuck off again.

Re:ATTN: So-called peace activists (0)

bluxus (657798) | more than 11 years ago | (#5614068)

Sure thing. Whatever you want. Just get off the box, please, you are crushing it with almighty force! The soap! Unggggghhhhhhh...

FUCK YOU (-1, Flamebait)

I Hate America (662232) | more than 11 years ago | (#5614174)

FUCK YOU

BAWAHAHAHAAHAHHAHAHAHA... SO TRUE. (-1)

Anonymous Coward | more than 11 years ago | (#5614246)

Fuck Him, Fuck Dubya, FUCK DA USA. Everyone hates us but Americans can't see it. Yay lets change the name to freedom fries cause you know when you change the name of potatoes you are really sending them a message!!! Is that the best you fags can come up with while killing innocent people? HAHAHAHAHA Fucking idiots. Or send back the statue of liberty and replace it with Reagan--the horse-shit eater that funded Saddam in the first place. MORONS.

Fighting the Hydra (0)

dupper (470576) | more than 11 years ago | (#5613954)

A Psionic Storm works pretty well.

I'll RTFA when pigs land on the moon.

Translation please... (1)

yellowcord (607995) | more than 11 years ago | (#5613955)

Sturmbahnfuehrer... if its offensive I appologize. The fish says "Storm course leader" and that just doesn't seem right

Re:Translation please... (1)

stefanvt (75684) | more than 11 years ago | (#5614064)

Rank in the German Army during WWII, equivalent of Major.

Re:Translation please... (2, Informative)

stefanvt (75684) | more than 11 years ago | (#5614084)

More precisely a rank only used by the SS (Schutzstaffel) the regular army used Major

Re:Translation please... (2, Informative)

Anonymous Coward | more than 11 years ago | (#5614074)

This is a funny mistake as the new word has a new meaning, although it doesn't make sense

It should be Sturmbannfuehrer.
Sturm -> storm
bann is a shortened form of banner, which is the same in english
fuehrer -> leader

--> storm banner leader

bahn is either course or a train running on the course/rail. I'd translate Sturmbahnfuehrer as storm train leader

Re:Translation please... (Sturmbahnfuehrer) (0)

Anonymous Coward | more than 11 years ago | (#5614090)

Sturmbahnfuehrer is pretty meaningless (which shows us that spammer don't even get their insults right). The correct word would have been "Sturmbannfuehrer" which was a title used by the german SS in the bad times of the so called "Third Reich". It's just a title for a leader of a small group (i'm not a military man nor a fan of NS history so i don't know the size of the group, so "small" could be plain wrong). More information is probably available at Google.

HTH

Re:Translation please... (Sturmbahnfuehrer) (1)

Maggot75 (163103) | more than 11 years ago | (#5614256)

Thanks for not providing the link to Google, jackass. Now I have to look "Google" up in a search engine.

Whitelisting is the answer (5, Insightful)

heretic108 (454817) | more than 11 years ago | (#5613960)

This whole spammers versus spamblockers has proven to be a destructive arms race.

Many legitimate machines and users - even whole ISPs - unfairly end up on blacklists, while the spammers just find another way through.

The spamblocker tools and their heuristics get smarter, but don't forget that spammers keep up with these tools and constantly find new ways around them.

I was using Razor and SpamAssassin for months. Formidable combination - networked blocklists plus pattern matching. Gave me a bit of peace. Very few false negatives. But in the last month, I've seen a whole new generation of spam coming through that the filters don't even touch.

Peace has finally come from a package called Active Spam Killer [paganini.net] , a package which works from a white list, and provides a convenient way for new correspondents to get themselves onto the whitelist.

There are other whitelist-based packages, such as TMDA, but ASK is simple and painless to set up.

Result?
Spams to my mailbox have gone from 40 a day to zero.

Re:Whitelisting is the answer (3, Interesting)

Tailhook (98486) | more than 11 years ago | (#5614034)

Peace has finally come from a package called Active Spam Killer [paganini.net], a package which works from a white list, and provides a convenient way for new correspondents to get themselves onto the whitelist.

You're adding an authentication layer to your specific mail account. Now, all we need to do is implement 4.1234E13 different mail account authentication systems. Each with it's own bugs, weirdo assumptions (HTML only, perhaps? Imagine how Mickysoft might do this...) and other deficiencies. Everyone you correspond with will have a different one. What fun!

Authentication is the only feasible solution to spam. If we could collectively decide on a method of implementing it in a standard fashion we could avoid the mess.

Don't hold your breath.

Re:Whitelisting is the answer (1)

Lukey Boy (16717) | more than 11 years ago | (#5614089)

Um, if the authentication is standardized wouldn't it be easier for a spammer to get authorized? I'd prefer a different authentication method for every e-mail account, kinda like a spam Turing test.

Yeah, but (2, Interesting)

autopr0n (534291) | more than 11 years ago | (#5614120)

1) you would have their real email address and
2) you could use a 'what number is this a picture of' type questions. The problem is figuring out how to make it multilingual.

But really it dosn't need to be standardized at all, since these things are going to have to be handled by real people, rather then computers.

Re:Yeah, but (2, Insightful)

Tailhook (98486) | more than 11 years ago | (#5614280)

But really it dosn't need to be standardized at all, since these things are going to have to be handled by real people, rather then computers.

You are correct. It doesn't have to be standardized.

Now prepare yourself. Microsoft will implement a system whereby you get the challenge mail that contains a link to a page with a Palladium enabled ActiveX control that you must cope with to get authenticated. It will stop spam and be highly successful, popular and integrated with Outlook version 32.010155a and beyond. Defacto, Windows only, "standard."

Wouldn't it be better to have a standard, non-proprietary system?

Re:Whitelisting is the answer (0)

Anonymous Coward | more than 11 years ago | (#5614135)

Automated whitelists use challenge-response systems because they are built on the assumption that spam is sent without a valid reply address.

Whitelisting is unethical (4, Informative)

PigleT (28894) | more than 11 years ago | (#5614102)

"There are other whitelist-based packages, such as TMDA, but ASK is simple and painless to set up."

And how do you feel about making all innocent senders of mail do extra work, while spammers simply ignore it and move on?

I simply cannot justify that, based on the redistribution of workload and increased aggravation - you send me a bounce message, I consider your email address invalid whether that bounce is "500 address unrouteable" (a valid, understandable error) *or* "500 I Don't Like You" - which I consider frankly offensive.

Go back to SpamAssassin, get 2.50 or better, which includes Bayesian analysis as well as all the above. Or just shove a Bayesian filter in the way after SA; here, I have outright regexp-based rejection and SA in exiscan, followed by bogofilter in procmail - very few spams get past the first hurdle (From: headers snarfed from Usenet) and those that do are caught either by SA and/or bogofilter.
This way happiness lies.

Re:Whitelisting is unethical (1)

autopr0n (534291) | more than 11 years ago | (#5614134)

And how do you feel about making all innocent senders of mail do extra work, while spammers simply ignore it and move on?

Well, If someone took the time and extra work to send me an email in the first place, then I think they can take a few seconds to verify their humanity.

If you think spending a few seconds for each person (not each message) you want to communicate with is to much work you're obviously trying to mail to many people (and thus, are a spammer). If I had to verify myself to everyone I mailed before I mailed them, and I never, ever got a spam again it would be a huge net benifit, timewise.

Re:Whitelisting is unethical (1)

PigleT (28894) | more than 11 years ago | (#5614180)

"then I think they can take a few seconds to verify their humanity"

And this is what I disagree with. A lot. The work required to send an email should be exactly that; you type it and push Send, that's quite enough. Having to go through extra hoops because someone defaults to assuming you're a bad-guy is totally uncalled-for.

"(and thus, are a spammer)."

You really do have an offensive view of the world, don't you know? Without thought for people's modes of operation or needs, you tar everyone a baddie until they take the trouble to prove otherwise.
You *are* going to get some false-positives this way.

Think about it (1)

autopr0n (534291) | more than 11 years ago | (#5614220)

How many spams do you get per day?

How many times per day do you email someone you've never emailed before?

If the second number is higher, then you're probably a spammer and even if you're not an email from you wouldn't be very special. If the first number is higher, you would have far less annoyance in your life if everyone adopted this system.

I'd rather have a few people's computers think I was guilty of spamming until proven otherwise then have to deal with deleting Spam, and for me, its a choice I'll make for everyone who wants to communicate with me.

Re:Whitelisting is unethical (1)

Tailhook (98486) | more than 11 years ago | (#5614304)

You really do have an offensive view of the world, don't you know? Without thought for people's modes of operation or needs, you tar everyone a baddie until they take the trouble to prove otherwise.

Does your home have locks and keys? Not everyone wishes to break in. How offensive of you to secure your property against me. How dare you force me to knock and wait outside for you to answer! What do you think I am, some sort of thief?

If you take offense at being asked to verify yourself with me exactly one time, I don't want to hear from you anyway. You have issues.

GO, IRAQ, GO! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5613965)

The world wupports you; we support you.

Kick those yankee asses to hell!

One way to slow a specific flood (4, Interesting)

fanatic (86657) | more than 11 years ago | (#5613966)

From the article: expert spammers can also switch IP addresses as quickly as the blocks are applied.

A honeypot for spam - mentioned here previously, I think - would be one answer. It would recognize a spammer and, instead of disconnecting, it would accept all the spam - very sllloooowwwly, then discard it. It's not a trivial programming task, since the spam would have to be recognized, then treated differently from that point on from regular email. But it's feasible, I think and would help fight the large scale attack noted at the beginning of the linked article.

Re:One way to slow a specific flood (2, Interesting)

Anonymous Coward | more than 11 years ago | (#5613991)

You're reinventing the "teergrube" [iks-jena.de] .

Re:One way to slow a specific flood (1)

Tailhook (98486) | more than 11 years ago | (#5614001)

A honeypot for spam - mentioned here previously, I think - would be one answer. It would recognize a spammer and, instead of disconnecting, it would accept all the spam - very sllloooowwwly

You know this is trivial to defeat right? A simple heuristic to detect the honeypots would have no trouble dealing with this. Spammers are highly motivated at defeating stuff. Excessively slow server detection will be a standard feature of all next generation spam software. Bet on it.

Flaws with the accepting mail slowly defense (2, Interesting)

dmeranda (120061) | more than 11 years ago | (#5614185)

"Excessively slow server detection will be a standard feature of all next generation spam software"

Let's hope so. Then I'd just accept all mail slowly and spam would go away!

Seriously there are flaws in this kind of defense. First, I'm already seeing several spammers who already send mail slowly, probably to avoid setting off statistical trappers and to make it harder to scan through log files. Also don't forget that the spammers usually have much more bandwidth than the recipient; you can never win by trying to fight the battle of resources!

BTW, this is NOT very tricky programming to do if you use the Milter [milter.org] programming interface to sendmail [sendmail.org] ...in fact it is quite easy to do. But like I mentioned, you're sort of self defeating, because you burn your own resources by being slow.

Re:One way to slow a specific flood (4, Interesting)

kasperd (592156) | more than 11 years ago | (#5614018)

A honeypot for spam - mentioned here previously, I think - would be one answer.

I have previously mentioned a honeypot here, but not the one you are talking about. I try to receive the spam as fast as possible in the hope that every spam ending up in my honeypot is one less spam to end up elsewhere. But I feel it is getting harder to attract spam. Though I have been working hard to make my honeypot attract lots of spam, and in the process managed to get my IP on OpenRelayCheck [openrelaycheck.com] , I only got 1.3 million yesterday. My record from october 2002 was 36 million in 4 days.

Re:One way to slow a specific flood (4, Interesting)

flonker (526111) | more than 11 years ago | (#5614267)

I run a program that just listen on port 25, pretending to be an open relay, and logs all relay tests to a file. I get scanned by testers using the following two email hosts constantly. The 21cn.com one has been using the same exact address for months now. Almost makes me want to mailbomb them.

Mar 27 08:07:18 [210.222.196.141:27910]
ehlo ll-nidaf2xx5kn9
Rset
Mail from:<china9988@21cn.com>
RCPT to:<china9988@21cn.com>
Data
From: china9988@21cn.com
Subject: 68.22.196.106
To: china9988@21cn.com
Date: Thu, 27 Mar 2003 23:20:51 +0900
X-Priority: 3
X-Library: Indy 8.0.25
t_Smtp.LocalIP
.
Quit

Mar 27 19:23:10 [210.222.196.133:58885]
HELO hanmail.net
MAIL FROM:<jkdsa@hanmail.net>
RCPT TO:<mg0108@hanmail.net>
DATA
Message-ID: <20820-2200335282014339@hanmail.net>
X-EM-Version : 6, 0, 0, 4
X-EM-Registration: #0010630410721500AB30
Reply-To: rolliey@hotmail.com
From: "good" <jkdsa@hanmail.net>
To: mg0108@hanmail.net
Subject: 68.22.196.106
Date: Fri, 28 Mar 2003 11:00:14 +0900
MIME-Version: 1.0
Content-Type: text/html; charset=KS_C_5601-1987
Content-Transfer-Encoding: quoted-printable
<HTML>
<HEAD>
<META NAME=3D"GENERATOR" Content=3D"Microsoft DHTML Editing Control">
<TITLE></TITLE>
</HEAD>
<BODY>
<P></ P>
</BODY>
</HTML>
.
QUIT

Another way to stop a flood (0)

Anonymous Coward | more than 11 years ago | (#5614088)

Disconnect the mail server.

Re:One way to slow a specific flood (0)

Anonymous Coward | more than 11 years ago | (#5614169)

Here's a SMTP honeypot [shat.net] that you can compile and run on windows machines. It pretends to be a mail server & accepts incoming messages. I ran it last year but my cablemodem provider wasn't too happy so I stopped using it. But the more honeypots out there the better.

Teergrube (3, Interesting)

KjetilK (186133) | more than 11 years ago | (#5614209)

I have a few honeypots (trollboxes or spamtraps, you may call them), and they do get a lot of spam. For example, I code things like

<link rel="DoNotEmail" href="mailto:aa0u@kjernsmo.net" />

(yeah, that's a real, living trollbox, spambots, do your worst! :-) ) Very few users will ever see this, but the spambots will harvest it. It is clear that many of them do.

The other thing you mention, I think that is what is meant by a Teergrube [iks-jena.de] . Marc Merlin has some good stuff [merlins.org] on using Exim and SpamAssassin to reject messages or making spammers stick in a teergrube. He has some debs too.

Unfortunately, I haven't had time and I haven't been feeling adventurous enough to try all this, but clearly, it works well.

What you say? (2, Funny)

sql*kitten (1359) | more than 11 years ago | (#5613972)

Hmm ... decentralized opponents striking from the shadows against quarreling allies. Does this sound familiar to anyone else?

I don't know if this is a "Lord of the Rings" reference or a "War on Saddam" reference.

75 million? (3, Insightful)

Lynn Benfield (649615) | more than 11 years ago | (#5613979)

Every day, 80 percent of all incoming mail to Outblaze is rejected as spam and filtered out before Ramasubramanian and his team have to deal with it. Out of the remaining 15 million messages per day that do pass through Outblaze servers

So if 15 million messages is 20% of what they get, they receive 75 million individual messages a day? That seems a little high...

Re:75 million? (2, Informative)

yellowcord (607995) | more than 11 years ago | (#5613990)

He did say that there were 30 million users.

Re:75 million? (1)

tincho_uy (566438) | more than 11 years ago | (#5614061)

Not necessarily. These guys serve 30 millon users, so 75 millon mails a day shouldn't be _that much_

Does this sound familiar to anyone else? (-1)

Anonymous Coward | more than 11 years ago | (#5614014)

No.

No way he gets spam! (2, Funny)

The_Rippa (181699) | more than 11 years ago | (#5614044)

Think about it...the dictionary spammers have not gotten as far as sramasubramanian@hotmail.com

Re:No way he gets spam! (1)

KjetilK (186133) | more than 11 years ago | (#5614222)

Hehe, BTW FWIW he is also a well-known Lumber Cartel Agent [tinlc] and a NANAE regular. Was anyway when I frequented NANAE.

Pinworms (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5614045)

Does anyone here collect pinworms?

They live in the intestine and swim in rivers of feces. I was curious as to whether or not anyone collected them? People collect and care for ants and other insects as well as maintaining their own earthworm farms.

So do you or anyone you know collect pinworms? If so, please post your experiences here.

I SURE DO! (-1)

Anonymous Coward | more than 11 years ago | (#5614092)

Yes, I do collect pinworms. Cute lil'fellas.

-Michael

Re:I SURE DO! (-1)

Anonymous Coward | more than 11 years ago | (#5614107)

Yes, I do collect pictures of naked men. Cute lil'fellas.

-timothy

Spam doesn't bother me (0)

Anonymous Coward | more than 11 years ago | (#5614051)

And you know why spam doesn't bother me? Cause I don't waste my time running a crappy homepage that features my email address on every page. I don't give out my email to every Tim, Dink, and Henry that come around. I don't subscribe to mailing lists or other pointless subsciption services that can't be trusted. And I certainly don't put it on a god damned site teaming with trolls even if it IS protected by the highest security methods..... writingit backwards.

Simple solution (3, Insightful)

azav (469988) | more than 11 years ago | (#5614054)

Time for all responsible ISPs to assign their own anti spam reps, reach out, get a list of ALL isps, contact their anti spam reps and take action.

Get organized and form a plan but first, get organized on a global level.

Then kick some ass and pool for legal action against the thieves. :]

Re:Simple solution (1)

doctor_oktagon (157579) | more than 11 years ago | (#5614244)

You've missed an important point - ISPs don't always have a clear business need to stop spam either being generated from, or entering, their networks.

This is the real world, not Noddyland. Abuse departments cost money.

disgusting (3, Interesting)

danbuhler (661233) | more than 11 years ago | (#5614055)

Just the thought of this makes me sick.. Almost as sick as those who make spamming profitable.

Now that I've thought about it. How is spamming still profitable? Are there that many people out there that are into having sex with farm animals? Or believe their are pills that increase life span? Who the hell are these people?

Who the hell are these people? (-1)

Anonymous Coward | more than 11 years ago | (#5614106)

Danbuhler of course.

Re:disgusting (0)

Anonymous Coward | more than 11 years ago | (#5614110)

How is spamming still profitable? Are there that many people out there that are into having sex with farm animals? Or believe their are pills that increase life span? Who the hell are these people?

Probably the same that now believe that the planes crashing in the Twin Towers at Sep. 11th were piloted mostly by iraqies (which is not the case). It's been on TV, so it must be true!
It's just another form of disinformation as it is used now in the war on iraq. Check out http://www.disinfopedia.org/ [disinfopedia.org] for more information.

Suresh Ramasubramanian (0, Funny)

Anonymous Coward | more than 11 years ago | (#5614059)

Guaranteed Results: Hot Indian Men with 12" names

B5 (1)

io333 (574963) | more than 11 years ago | (#5614075)

...decentralized opponents striking from the shadows against quarreling allies. Does this sound familiar to anyone else?

Oh so I get it, fighting spam is like saving the Galaxy!

I had no idea it was THAT important. I'm on the edge of my seat now!

Outblaze, huh? (4, Interesting)

Pathwalker (103) | more than 11 years ago | (#5614097)

Those guys have to run the most annoying relay tester I've seen. Every time it tests you, it sends a burst of 30 messages or so, all with return addresses on the box they are testing so they don't have to deal with bounces.

Now, some people may feel it's my own fault for taking advantage of the part of RFC 2821 [roxen.com] which states that if a mailserver defers checking to see if it can relay or deliver the mail then "These servers SHOULD treat a failure for one or more recipients as a "subsequent failure" and return a mail message as discussed in section 6.".

But, I guess they feel that everyone runs sendmail, so every time they test my mailserver, I end up with another batch of relay rejected messages intended for them sitting in my postmaster mailbox.

There are two parts of this that bug me:
  1. If a mail server does not relay mail, it is rude for a test to result in mail to the administrators of that server
  2. It is possible for the username they use in their test to actually deliver mail to a real user. I consider it as bad as spamming if their test drops dozens of messages in the account of an innocent user with no idea of what is happening, or control over the mail server.

Anti-chinese bias (2, Insightful)

autopr0n (534291) | more than 11 years ago | (#5614104)

Yeah, these people blocking all mail from Chinese and korean subdomains are idiots. How are they supposed to work with anti-spammers there if they can't even talk to them?

I mean, I guess it'll help cut down on the spams they get, but it won't help stop the problem.

Anyway, the true way to stop spam is challange-response for the first message from a new person. Easy to implement, and it dosn't require any software for the sender.

Re:Anti-chinese bias (2, Interesting)

DOsinga (134115) | more than 11 years ago | (#5614143)

> Yeah, these people blocking all mail from Chinese and korean
> subdomains are idiots. How are they supposed to work with anti-spammers
> there if they can't even talk to them?

While spam might come from Chinese or Korean subdomains, it usually is about American products to the degree that the stuff offered is completely useless for someone from the Netherlands. They might at least filter on the target email address you'd think.

Re:Anti-chinese bias (1)

Detritus (11846) | more than 11 years ago | (#5614192)

I get huge amounts of spam from South Korea, China and Russia. Almost all of it is in the language of the source country, advertising products or services that would only be of interest to people from those countries.

The bounce problem (5, Informative)

dmeranda (120061) | more than 11 years ago | (#5614123)

If 50% of all mail in the US is spam, then the other 50% must be the bounces for all that undeliverable mail!

I run a mail gateway for a medium sized company, and although not on the scale of a large ISP, I see many of the same problems. Dealing with spam on a gateway level is quite different from dealing with a single personal mailbox. And spam flooding has gotten much worse in the last few months. Getting over a 1000 messages in under a minute can really start to tax your infrastructure. Actually from my own observations, I'd say that at least 75% of all mail is spam, and 80% of that is undeliverable.

Of course one of the big problems as Ramasubramanian points out is that spammers are getting very sophisticated at impersonating other entities. This results in a large number of bounces being directed back to the wrong guy. So not only are you getting spammed, but you are also indirectly spamming the poor guy who is being impersonated with your flood of bounces. And the bounces also cause other problems because it tends to fill up your outbound mail spools, as well as making the required postmaster account near useless sometimes.

One thing I've learned is that a mail administrator must be very careful about constructing blacklists and filters. I use sendmail [sendmail.org] and make heavy use of it's milter [milter.org] programatic filter interface. It's amazing how being able to analyze the mail at the protocol level (such as the HELO command) helps identify impersonated mail that can't just be done by only looking at mail headers or the message body. It is also possible to help correlate large volumes of nearly identical inbound mail from a large number of different servers, as well as correlate them with large number of undeliverable outbounds. I'm also very careful to check whois an other registrar databases before adding blacklist entries, to help prevent blacklisting the wrong guy. But I do admit that for a few of the most audacious flood attacks, I actually have to resort to iptables [netfilter.org] firewall blocks to stop it even before sendmail sees it. I really dislike having to disobey the SMTP standards, but spam floods are IMHO just as destructive as worms and viruses!

The thing I fear most as a mail administrator is not the inbound spam, but that some spammer may start impersonating my company! We'd start getting placed on blacklists and blocked, plus we'd start getting flooded with all those bounce messages (probably an order of magnitude more than direct spam). How can one possibly protect against that?

Make money fast by altering behavior (1, Interesting)

Anonymous Coward | more than 11 years ago | (#5614132)

Taken from a larger context, spam is just another facet in life from which emerges attempts to control our behavior.

A glaring example brought forward by the war in Iraq is the ceaseless barrage of sloganeering one faces these days. Some of it in favor of the war, some against. Some more coordinated than others. [washingtonpost.com]

How much remains when the content added to bend our will is removed? How much from the war news, from life in general?

I'm sick of it. Life is complex enough without having to move about in a cloud of misleading information.
No wonder everyone is half nuts these days. GIGO.

Whitelist "black holes" (2, Insightful)

Boss, Pointy Haired (537010) | more than 11 years ago | (#5614175)

If this "whitelist" mechanism, with a challenge response requirement to get yourself onto the whitelist takes off, how is the situation where two people are using the same [or the same but different] systems handled?

Alice sends email to Bob.

Bob's mail server sends a challenge to Alice.

Alice's mail server challenges the challenge and sends a challenge to Bob.

Bob's mail server challenges the challenge of the challenge and sends a challenge to Alice.

Ad infinitum.

How is this resolved without allowing SPAM through the same mechanism?

Re:Whitelist "black holes" (0)

Anonymous Coward | more than 11 years ago | (#5614216)

When a user of a challenge-response whitelist sends mail, the recipient is added to the whitelist.

Re:Whitelist "black holes" (3, Informative)

MavEtJu (241979) | more than 11 years ago | (#5614247)

It's not that difficult. You only send one (1) reply per user/domain pair you receive. You don't do it for all the emails you receive from one user/domain pair.

*shudders when thinking at the vacation-wars*

Poor stupid people (0)

Anonymous Coward | more than 11 years ago | (#5614189)

How to distinguish spammer among good people - quite simple - spammer sends a lot of emails.

So, here is antispam algorithm for SMTP server:
- if some IP sends more than, say, 100 (200, 300) emails in 5 minutes, block that IP for one hour.

Regular people will hadly notice that. But spammers will be unhappy.

Re:Poor stupid people (1)

BigBadBri (595126) | more than 11 years ago | (#5614218)

block that IP for one hour

Maybe a better idea - redirect to /dev/null for an hour - that way the foolish spammer won't notice you're on to him.

You may lose some legit mails this way, but you'll also have wasted an hour of the spammer's life.

Image in article (2, Funny)

jepaton (662235) | more than 11 years ago | (#5614232)

The guy (Suresh Ramasubramanian) obviously has been polymorphed into a Dragon (think nethack).

China is old news for spam. (3, Informative)

t0qer (230538) | more than 11 years ago | (#5614261)

The spammer [slashdot.org]
I knew has moved to the Philippines. Supposedly it's the next big shelter for
these roadhogs. China has a lot of business interest in the US so they are doing what they can do eliminate the problem.


Not entirely successful (2, Interesting)

mdransfield (101993) | more than 11 years ago | (#5614286)

I use Outblaze's mail.com redirection service and almost all the spam that arrives in my work inbox is sent to that address.

At the same time, I've just had to stop using that address as the destination for several perfectly respectable mailing lists on which I lurk because Yahoo Groups keeps suspending delivery because of spurious bounce messages generated by Outblaze.

I'm tending to the opinion that if it was addressed to me, then it should be delivered to me and I'll choose what to do with it.

Spam Cartoon (1, Funny)

salesgeek (263995) | more than 11 years ago | (#5614291)

Spam was the topic of Gary Varvel's (a syndicated editorial cartoonist) cartoon yesterday:

http://www.indystar.com/opinion/varvel/2003-03-2 7. html

Pardon the karma whoring.

$G
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>