Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

De-spamming Your Inbox The Hard Way

CmdrTaco posted more than 9 years ago | from the going-to-far dept.

Spam 631

ajain writes "Even after using precautions like dummy email address in public forums, I have been plagued by the spam mails for long time now. Accidentally, I hit upon a not-so-elegant but effective solution recently: Ever thought of shutting down the mail server temporarily to stop spam to your inbox permanently? Well, it seems to work. In my case, a two-day shutdown resulted in 97.5% decrease in spam traffic! Here are the details and a step-by-step guide to this desperate-method of spam reduction. I think I'll model, simulate and then optimize the amount of shut-down time required for spam levels to drop to zero!"

Sorry! There are no comments related to the filter you selected.

Another approach... (3, Informative)

beh (4759) | more than 9 years ago | (#11045001)

You might entertain another method - if you have an internet domain of your own. Make use of mail-subdomains that you cycle through regularly.
And only trusted friends give permanent (or ermanent sub-domain) email addresses.

And as for mailing lists, if you use procmail to filter inbound messages on mailing lists, scan for specific things in it, e.g. don't just scan for the recipient, but also for specific mailing list headers. Anything that falls through this sieve you throw away (or, at least, quarantine it in a separate location).

Re:Another approach... (3, Insightful)

admp (778242) | more than 9 years ago | (#11045024)

This is the same as not using email at all. Personally I find this technique useless. Don't you?

Re:Another approach... (3, Interesting)

Steepe (114037) | more than 9 years ago | (#11045049)

I personally use alternate email aliases on my mail server that forward to my real account. then, once every couple of months, I delete those aliases and create new ones to post to websites, or use when I sign up for something. Only close personal friends get my real address, and if spam ever does show up directly at that address, I attack the spammer in every way possible. (spamcop, the spam fcc email address, etc)

Seems to work fine for me, and I can keep my mail server up 24/7.

Re:Another approach... (3, Interesting)

gcaseye6677 (694805) | more than 9 years ago | (#11045207)

Speaking of attacking in every way possible, I'm surprised some group of "white hat hackers" hasn't come up with a DDOS spammer attack bot, kind of like the Lycos screensaver. This is something that couldn't be done by a corporation for liability reasons, but I doubt the FBI or other law enforcement groups are going to care if people are DDOSing known spamming networks. Even better, the spammers can't sue anyone unless they want a class action countersuit on behalf of those spammed.

Re:Another approach... (2, Insightful)

Xeo2 (301694) | more than 9 years ago | (#11045141)

I don't think you understand. Your way is hard. His is easy.

Re:Another approach... (1, Interesting)

finnw (415539) | more than 9 years ago | (#11045166)

A method that works well for addresses posted to newsgroups: Require the subject line to start with "Don't buy this: "
Spammers aren't going to put that in their subject lines.

Re:Another [failed] approach... (5, Funny)

rjamestaylor (117847) | more than 9 years ago | (#11045227)

From: Sammy Spammy
To: undisclosed-receipient
Subject: Don't buy this: Get it free!

For a limited time you can get the Wally Whizbanger FREE!!!!
...

Sure, that's fine... (3, Insightful)

BaldGhoti (265981) | more than 9 years ago | (#11045009)

...if you don't mind missing potentially important emails. It's a bit overdrastic and if you're supporting multiple users, it's going to be a totally unacceptable solution.

Re:Sure, that's fine... (0)

cervisco (813734) | more than 9 years ago | (#11045066)

What kind of important emails will you be getting from someone you haven't corresponded with in 30 days?

Re:Sure, that's fine... (0)

Anonymous Coward | more than 9 years ago | (#11045105)

a reminder that your mortgage payment is due? sure hate to miss that.

Re:Sure, that's fine... (2, Informative)

Mr. Slippery (47854) | more than 9 years ago | (#11045145)

What kind of important emails will you be getting from someone you haven't corresponded with in 30 days?

Most of my friends are not heavy e-mailers, and often more than a month goes by between e-mail messages from them.

Re:Sure, that's fine... (2, Interesting)

jxyama (821091) | more than 9 years ago | (#11045076)

>...if you don't mind missing potentially important emails.

exactly. if this method is an option for you and you don't want to get pissed off at spam, simply don't check your email for a few days... you'll forget all about spam after a while.

of course, when you check the email after a few days, you'll have greater number of spam to go through and get even more pissed.

i'd like to call it the "serenity now!" method. :P

Re:Sure, that's fine... (1)

ReeprFlame (745959) | more than 9 years ago | (#11045077)

Most servers retain unsucesful messages and retry sedning them for 3-7 days. So you may get them later but remeber it is only going down once. You can tell people to send you the emails to another address for the meantime...

Re:Sure, that's fine... (3, Interesting)

spuke4000 (587845) | more than 9 years ago | (#11045125)

How about modifying your mailserver, such that when an email message is marked as spam it sends a message to the sender saying it bounced. That way you don't drop any valid emails, and at best you get dropped from the spammer's list, at worst you make it so spammers have to keep long lists of invalid email addresses in case they are implementing this filter.

Just a thought.

Re:Sure, that's fine... (1)

ticktockticktock (772894) | more than 9 years ago | (#11045181)

How would that help if a spammer is using a compromised windows machine to do their spamming from that can't accept emails? Are you assuming spammers actually put their real from address on emails?

Re:Sure, that's fine... (5, Informative)

fafaforza (248976) | more than 9 years ago | (#11045201)

Most spammers use joe-job attacks so you'll likely get a double bounce back on your server, or someone innocent will get your bounce.

Re:Sure, that's fine... (0)

Anonymous Coward | more than 9 years ago | (#11045164)

it's going to be a totally unacceptable solution.

Hence the poster calling this "The Hard Way"; yes it is extreme and unacceptible for multiple users or even for some individual users. Noone said it wasn't. I assume you just wanted to show how wonderfully brilliant you are and found some niche, albeit obvious, drawback - and brought out the bitching. I wish you wouldn't do that.

Re:Sure, that's fine... (1)

nacturation (646836) | more than 9 years ago | (#11045237)

A better solution would be to implement blackhole lists on your firewall itself. The firewall sees an incoming connection, checks with Spamhaus/SPEWS/whoever for whether or not that IP is blacklisted. If so, it simply doesn't respond to the packet. So rather than a "550 FOAD Spammer!" error message, the spammer will see it as completely not there. Same effect, but it doesn't punish legitimate uses.

This is a joke, right? (0)

Anonymous Coward | more than 9 years ago | (#11045016)

Where's the foot icon?

I just block spam at transmission time with a SpamAssassin scan. If anything gets through, it gets sent to SpamCop, etc. This sounds like a temporary fix. A one time rejection doesn't get you removed from lists. I've had domains I bought with pre-spammed email address that still get spam even after they were non-MX'd for years.

or... (1)

paul185 (826515) | more than 9 years ago | (#11045017)

How about just shutting off your computer for good?

Re:or... (0)

Anonymous Coward | more than 9 years ago | (#11045215)

I tried that and I got a 100% decrease in the amount of spam in my inbox!

Better Ways (1)

Talian (746379) | more than 9 years ago | (#11045020)

Or just bounce the emails while continuing to use email normally.

Check out Mailwasher [mailwasher.net] .

Has a great bounce function, although in my experience bounces don't neccesarily always cause a removal from spam lists.

NO!!!! (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11045054)

After reception bounces (ie they've hit your inbox) are a BAD, HORRIBLE idea. Most of the information in spam is forged. If you can reject at SMTP reception time, then it's best to use a service like SpamCop to report the offenders.

Re:Better Ways (1)

hanover.fiste (253470) | more than 9 years ago | (#11045104)

With the amount of spam coming from forged senders, your bounces contribute to the spamload of otherwise innocent folks.

Just wait until some spammer forges *your* address in their From: and Reply-to: headers.

Re:Better Ways (1)

Talian (746379) | more than 9 years ago | (#11045134)

Agreed, I didn't say it was an optimal solution, but if you're at the point of turning off your box with the point of bouncing -everything-, then isn't something like that a better solution?

Between Spamassasin and Spambayes most of my spam problems are well handled.

Re:Better Ways (0)

Anonymous Coward | more than 9 years ago | (#11045172)

No, this isn't a better solution. Spammers aren't likely receiving your bounces, and even if they were, they don't care. It's more work to remove addresses from their files than it is to spam it. In their view, that email address might start working again someday anyway.

What you're most likely doing is just creating problems for other regular users like yourself.

There's a typo in the dept. line (3, Funny)

Anonymous Coward | more than 9 years ago | (#11045021)

They left out a t.

Re:There's a typo in the dept. line (0)

Anonymous Coward | more than 9 years ago | (#11045082)

Or an o

Re:There's a typo in the dept. line (1)

QuijiboIsAWord (715586) | more than 9 years ago | (#11045095)

And that, my friends, is subtle t.

Re: Explanation in case of editing (0)

Anonymous Coward | more than 9 years ago | (#11045117)

The department line currently says "from the going-to-far dept."

Note that one would assume that the typo was that "to" should have been "too."

Re: Explanation in case of editing (0)

Anonymous Coward | more than 9 years ago | (#11045210)

It's funny, laugh!

Shutdown (5, Funny)

Anonymous Coward | more than 9 years ago | (#11045029)

In my case, a two-day shutdown resulted in 97.5% decrease in spam traffic!

Rumour has it that shutting down your server permanently will result in a 100% reduction in spam traffic.

That's not the hard way (3, Funny)

Neil Blender (555885) | more than 9 years ago | (#11045030)

Manually deleting them one by one is the hard way.

That only works for smart spammers (4, Informative)

fireboy1919 (257783) | more than 9 years ago | (#11045031)

Don't be fooled: there are plenty of stupid ones.

I shut down my e-mail server for a year and a half when I was getting the strange Spanish spams.

When I brought it back online again, I started seeing them again.

I guess you could call it... (0)

Anonymous Coward | more than 9 years ago | (#11045183)

I shut down my e-mail server for a year and a half when I was getting the strange Spanish spams. When I brought it back online again, I started seeing them again.

The spanish inquisition?

Re:That only works for smart spammers (1)

Feanturi (99866) | more than 9 years ago | (#11045205)

You get those ones too? I have absolutely no idea how I attracted those, as nobody I talk to ever seems to get them. Most of my spam is in spanish, and it's all the usual stuff, mortgages, increase your whatsit, whatever. It's been going on for a couple years now, and none of my other email accounts get them.

In case it's Slashdotted... (0, Troll)

TrollBridge (550878) | more than 9 years ago | (#11045037)

Thursday, December 09, 2004

Posted 11:16 PM by Anurag
De-Spamming The Inbox: The Hard Way

Even after using precautions like dummy email address in public forums, I have been plagued by the spam mails for long time now. Two years back it used to be a few per day. And since then it has been a steady increase in the volume. As a result, till last weekend I used to get around 200 spam mails a day on my Institute's life-time email account. Then, one fine day (well, actually we were given notice 3 weeks in advance) our Institute decided to upgrade the Exchange mail server to the latest version. Hence the mail server was shut down for approximately 2 days/48 hours (4th Dec evening to 5th Dec noon). During that time, all the mails sent to my mail account were of course bouncing. Between the time when the system was shut down and the time when the system came back online on 5th noon, something miraculous had happened: My spam traffic had reduced considerably. After John finished with me, he reached over onto the nightstand and brought out what we prepared earlier. Five raw eggs, emptied and drawn into a turkey baster. John excitedly inserted the baster into my ass and squeezed. Thoughts of sanitation quickly left my mind as a rush of pure pleasure came over me. Just when I thought it couldn't get any better, I realized the laxative I had taken just an hour earlier had kicked in. I tried with all my willpower to hold on. I could feel the warmth of John's breathing, and I knew his open mouth was right behind me. After what seemed like an eternity, I just let go. In a split second, a beautiful cocktail of raw egg, excriment, and man-juice erupted from my rear, coating John's face and hair and running down his body. A perfect end to a perfect evening--almost as perfect as when a troll like this gets modded up on Slashdot.
Now I am receiving 'only' (!) 5-6 spam mails everyday! That is a 97.5 % drop in spam traffic! Interesting, eh? So what's happening is that the spammer dudes are dropping the bounced mail IDs like a mad-cow disease affected, well, cow. There doesn't seem to be a second try from spammers: Apparently they don't use the bounced email IDs again. I would assume that after the two-day shut-down/start-up of mail server, my spam traffic would have become zero. My current 'very low' spam traffic is only probably because of my email being available in public domain on webpages where I can not remove it from (damn my early Internet days' Naivete).

Essentially, for this De-Spamming methodology we can draw an analogy with the routine detoxing of the body. Example: On the basis of specific relgious beliefs, people fast once in a while. More than the religious custom, fasting has a scientific reason behind it: It detoxifies whole internal system by a) giving the body some much-needed rest and b) by cleansing the traces of toxins (as there's no fresh inflow, the bodily processes work on the left-over inventory and makes sure that it is digested properly and taken care of to give a fresh start the day after the fast).

So, is De-Toxing (De-Spamming) the Inbox by fasting/starving! (shutting down the Mail Server) a good idea? Well its effetive for sure, but it has its costs. You lose the genuine mail traffic for the duration of shut-down. Hence, if you are in a desperate need of De-Spamming your Inbox, here's what you should do. Let's say you plan to shut your mail sever down on Date T and you plan to bring it back to life after Y days. The question is for how long do you shut down the mail server? Well, I think most mail programs try to re-send the mail for a maximum of 48 hours. If the message doesn't go through even in 48 hours, the mail program gives up and finally returns error to the sender. Hence, to be on the safer side I would say, shut the mail server down for at least 48 hours (2 day). So once you have decided on a shut-down date and duration, here's the how-to guide to shutdown survival and resurrection thereafter!
1) T-30 (days) : Include in your mail signature at the top the "Please Note" clause stating that during days X to Y, your email won't be available and hence on those days, they should communicate to you on an alternative email ID. This should be highlighted in Bold and in a different color if possible.
2) T-15 (days): Remove all possible traces of your email ID from the Internet, public egroups, discussion boards or any other public forum.
3) T-15 (days): If you have to keep your email ID on a particular webpage in the public domain, encrypt your email ID by using simple HTML Codes for characters.
4) T-2 (days): Send all the people in your contact/address list a "Please Note" notification that during days X to Y, your email won't be available and hence on those days, they should communicate to you on an alternative email ID.
5) T-0: Well, shut the damn thing down!
6) T to Y: a) If you have a girlfriend, take a vacation with her.
b) If you dont have a girlfriend, check mails on the temporary alternative email ID.
7) T+Y (days): Bring the server back to life and enjoy the miracle of spam-free/reduced-spam Inbox!
8) T+Future: Make sure you do not release your email ID in public domain. Always use dummy email ID, like aj@example.com . Also, If you are the guy who was checking mails on alternative email ID during shutdown, go get a girlfriend just in case it didn't work very well the last time and you need to shut it down again sometime!

Happy De-Toxing/De-Spamming! Here's one to long spam-free life of your email ID!

Re:In case it's Slashdotted... (1)

Azghoul (25786) | more than 9 years ago | (#11045110)

Now THAT is some funny shit! (pun intended)

Re:In case it's Slashdotted... (0)

Anonymous Coward | more than 9 years ago | (#11045140)

This is a troll, the text of the story is modified with some dumb sex story.

My First Karma Whore :) (0, Redundant)

brobak (683932) | more than 9 years ago | (#11045039)

Site was slowing down, so here's the text:

Even after using precautions like dummy email address in public forums, I have been plagued by the spam mails for long time now. Two years back it used to be a few per day. And since then it has been a steady increase in the volume. As a result, till last weekend I used to get around 200 spam mails a day on my Institute's life-time email account. Then, one fine day (well, actually we were given notice 3 weeks in advance) our Institute decided to upgrade the Exchange mail server to the latest version. Hence the mail server was shut down for approximately 2 days/48 hours (4th Dec evening to 5th Dec noon). During that time, all the mails sent to my mail account were of course bouncing. Between the time when the system was shut down and the time when the system came back online on 5th noon, something miraculous had happened: My spam traffic had reduced considerably. Now I am receiving 'only' (!) 5-6 spam mails everyday! That is a 97.5 % drop in spam traffic! Interesting, eh? So what's happening is that the spammer dudes are dropping the bounced mail IDs like a mad-cow disease affected, well, cow. There doesn't seem to be a second try from spammers: Apparently they don't use the bounced email IDs again. I would assume that after the two-day shut-down/start-up of mail server, my spam traffic would have become zero. My current 'very low' spam traffic is only probably because of my email being available in public domain on webpages where I can not remove it from (damn my early Internet days' Naivete).

Essentially, for this De-Spamming methodology we can draw an analogy with the routine detoxing of the body. Example: On the basis of specific relgious beliefs, people fast once in a while. More than the religious custom, fasting has a scientific reason behind it: It detoxifies whole internal system by a) giving the body some much-needed rest and b) by cleansing the traces of toxins (as there's no fresh inflow, the bodily processes work on the left-over inventory and makes sure that it is digested properly and taken care of to give a fresh start the day after the fast).

So, is De-Toxing (De-Spamming) the Inbox by fasting/starving! (shutting down the Mail Server) a good idea? Well its effetive for sure, but it has its costs. You lose the genuine mail traffic for the duration of shut-down. Hence, if you are in a desperate need of De-Spamming your Inbox, here's what you should do. Let's say you plan to shut your mail sever down on Date T and you plan to bring it back to life after Y days. The question is for how long do you shut down the mail server? Well, I think most mail programs try to re-send the mail for a maximum of 48 hours. If the message doesn't go through even in 48 hours, the mail program gives up and finally returns error to the sender. Hence, to be on the safer side I would say, shut the mail server down for at least 48 hours (2 day). So once you have decided on a shut-down date and duration, here's the how-to guide to shutdown survival and resurrection thereafter!
1) T-30 (days) : Include in your mail signature at the top the "Please Note" clause stating that during days X to Y, your email won't be available and hence on those days, they should communicate to you on an alternative email ID. This should be highlighted in Bold and in a different color if possible.
2) T-15 (days): Remove all possible traces of your email ID from the Internet, public egroups, discussion boards or any other public forum.
3) T-15 (days): If you have to keep your email ID on a particular webpage in the public domain, encrypt your email ID by using simple HTML Codes for characters.
4) T-2 (days): Send all the people in your contact/address list a "Please Note" notification that during days X to Y, your email won't be available and hence on those days, they should communicate to you on an alternative email ID.
5) T-0: Well, shut the damn thing down!
6) T to Y: a) If you have a girlfriend, take a vacation with her.
b) If you dont have a girlfriend, check mails on the temporary alternative email ID.
7) T+Y (days): Bring the server back to life and enjoy the miracle of spam-free/reduced-spam Inbox!
8) T+Future: Make sure you do not release your email ID in public domain. Always use dummy email ID, like aj@example.com . Also, If you are the guy who was checking mails on alternative email ID during shutdown, go get a girlfriend just in case it didn't work very well the last time and you need to shut it down again sometime!

Happy De-Toxing/De-Spamming! Here's one to long spam-free life of your email ID!

Sounds a lot like worm prevention! (2, Funny)

Tezkah (771144) | more than 9 years ago | (#11045040)

Just unplug your ethernet cable and your Windows box will be safe from worms!

Beware the airborne version. [wi-fi.org]

KDEMail? (1, Informative)

datastalker (775227) | more than 9 years ago | (#11045051)

If I'm not mistaken, doesn't KDEMail have the ability to send back "fake" bouncebacks to spam messages? I've been hoping that Evolution would get something like that for a long time, but it would seem like a good idea for just about any email client.

That way, you click a button and send the "bounceback", and hopefully after enough, the spammers would remove you from their lists.

Re:KDEMail? (4, Insightful)

rf600r (236081) | more than 9 years ago | (#11045127)

Bounce != no SMTP session at all

Spammers care little if at all about bounces. Ponder, for a moment, how many bounce messages his server sent when it was off if this is still confusing you.

Re:KDEMail? (5, Insightful)

Erik Hensema (12898) | more than 9 years ago | (#11045179)

No. Bounces never reach the spammer. Ever. Spammers always use fake sender addresses, so the bounces will go to an innocent bystander.

So, while totally ineffective, you also burden the innocent bystander with yet another bounce.

The only way to combat spam is to reject it on the SMTP level.

Note that the guy in the article was wrong. When a mailserver is offline for two days, no bounces are sent. Sending mailservers will usually retry for 5 days before bouncing the message.

However, spammers don't use mailservers to send their spam, they deliver the spam direcly to the receiving mailserver. They've got instant feedback on wether the spam is accepted by the mailserver or not.

When a mailserver is offline, spammers will know immediately. However I doubt they'd remove your name from the list because of this simple fact. Mailservers are regulary offline for multiple days.

In this case I rather think they installed a very good spamfilter on that brand new Exchange Server.

My hotmail (1)

scaaven (783465) | more than 9 years ago | (#11045052)

Dummy accounts are basically required to use alot of the "sign-up" sites. My hotmail account gets about 4-500 spams a day. At least they provide the tools to delete them easily =\

Exchange spam filter (2, Insightful)

John the Kiwi (653757) | more than 9 years ago | (#11045053)

What are the odds the new mail server he is using put spam filters on there for him and he just didn't notice?

consequence: (4, Insightful)

Progman3K (515744) | more than 9 years ago | (#11045055)

A few hundred random people received
"The message you sent X was undeliverable"
spam instead.

Nice.

Vacation Response? (0)

Anonymous Coward | more than 9 years ago | (#11045059)

Will setting up a vacation response do the same? In other words, will the SPAM server see the response as a bounce back?

That might be a more acceptable method.

Guaranteed (-1, Redundant)

daeley (126313) | more than 9 years ago | (#11045068)

Turn off your mail server permanently, and you'll get a 100% drop in spam.

I guarantee it.</dude from Men's Wearhouse commercials>

Problem solved (0)

Anonymous Coward | more than 9 years ago | (#11045069)

Forward all spam to malda@slashdot.org [mailto]

I hate SPAM... (1)

schizacopf (768954) | more than 9 years ago | (#11045072)

Thats why I by corned beef!

...and cabbage...

Captain Obvious (1)

Pi-Zero Meson (453690) | more than 9 years ago | (#11045075)

And this may just be me but if I was going to upgrade me email server I would put Spam blocking software on them. So I wouldn't turn of my email server till I found out if the there is now anti Spam software on this guys servers cause lets face it two days of bouncing isn't going to purge you from that many lists.

This simply doesn't work. (5, Informative)

barcodez (580516) | more than 9 years ago | (#11045081)

I've got domains that I have left inactive for year then re-added them to dns and set up mail accounts for them and the spam comes in immediately.

Spammers simply aren't diligent when it comes to maintaining their list, they don't remove bounced emails (as they have spoofed all the headers anyway so they don't receive the bounces) they don't remove the address from domains without MX records or no reponding hosts(as they send all the spam from botnets that don't report failures back anyway).

I don't know what this guy did but he is thoroughly mistaken.

Re:This simply doesn't work. (1)

DogDude (805747) | more than 9 years ago | (#11045155)

You're right. What incentive do they have to go through their lists? The variable cost of sending each spam is negligible, if not zero, since most heavy duty spam servers actually guarantee that email will go out from that machine for x amount of time before they have to shut it down. I've seen people selling use of a spam server in Asia for $10K/week, for example (this was years ago).

Re:This simply doesn't work. (1)

Len Budney (787422) | more than 9 years ago | (#11045222)

Spammers simply aren't diligent when it comes to maintaining their list, they don't remove bounced emails... I don't know what this guy did but he is thoroughly mistaken.

He isn't mistaken. He simply discovered that spammers don't retry. If you shut off your computer for two days out of three, legitimate mail will sit in the queue until the server gets through. Spammer software tries once to send, and moves on if it fails. Voila! On your "on" days, your signal/noise ratio is tripled.

He will discover that around 4-5 days, legitimate mail starts bouncing back to the senders. Two days is probably the limit of safety.

If he decides to tinker with his MTA instead of power-cycling his server, and if he takes a programming course, he will re-invent greylisting [puremagic.com] .

--Len.

Re:This simply doesn't work. (4, Insightful)

SoTuA (683507) | more than 9 years ago | (#11045233)

I don't know what this guy did but he is thoroughly mistaken.

I'd bet a beer that the new mail server installed at his institute includes some form of spam protection. My university's mail system has gone down for two days, and I still get one or two hundred spam mails a day. (of course, only one or two make it through the spam filters :)

Reinstall Windows for E-mail (1)

cyngus (753668) | more than 9 years ago | (#11045083)

So this is the equivilant of reinstalling windows every six months on your computer, I guess. I imagine the spam will begin again after a time. "I will be unavailable by e-mail for two days while I de-spamify, contact me later." Of course, you'd like to have that as an auto-reply, but then I guess this wouldn't work. For me, GO GMAIL SPAM FITLER GO!

you mean greylisting? (2, Informative)

ntr0py (205472) | more than 9 years ago | (#11045085)

That sounds to be like a really inefficient form of greylisting [puremagic.com] .

By the way, I started greylisting on my mail server a couple of days ago, and my spam has gone down to virtually zero.

To drop to zero? (0)

Anonymous Coward | more than 9 years ago | (#11045086)

Under any reasonable (i.e., geometric or Poisson for instance) model, it will take an infinite amount of time for the amount of spam to drop to zero. That's a trivial and useless "optimization".

Ummm, yeah ... (1)

slagdogg (549983) | more than 9 years ago | (#11045090)

I'll just give my IT folks a ring and see what they think of that. Mmmmkay.

You want us to what?!?!?!

Won't work. (1)

Archbishop (161322) | more than 9 years ago | (#11045092)

I had a domain that didn't have mail service for about 2 years. (it was for an old company that no longer exists) In that time, any and all messages would have bounced.

I re-enabled email on it out of curiosity. Tons of spam started arriving almost instantly.

Spambots don't check for bounces. The majority of them don't have valid reply addresses for the bounce to reach anyway.

good idea (1)

derxob (835539) | more than 9 years ago | (#11045096)

It is a good idea but in a business enviorment it's not that easy to just shut down your mail servers for two days.

I've been using SpamAssassin with a Qmail setup for some time now and I've pretty much filtered out 95-98% of all SPAM. SpamAssassin has a Bayes learning system that can learn between the spam and non-spam messages and it works well.

have you ever considered.... (2, Insightful)

takitus (733922) | more than 9 years ago | (#11045098)

the fact they might have installed some anti-spam filters when they were upgrading the mail server? duhhh

Nice for personal email, but... (1)

lothar97 (768215) | more than 9 years ago | (#11045099)

Nice for personal email, but... What do I do for my business email addresses? I cannot afford to have my business email down for more than 24 hours. If my client at xyz.com domain sends me an email, and my email host is unreachable, the server will attempt periodically for 24 hours to resend the email. If it's not successful by that point, it notifies the person at xyz.com that the email is undeliverable, and will try again for another 24 to 48 hours (depends on server configuration). Let's just say that this is quite unprofessional, and will lead to suprised clients, loss of incoming leads, etc.

For now I'll stick to blocklists, tarpitting, and spam filters.

Wrong Approach? (1)

I_Love_Pocky! (751171) | more than 9 years ago | (#11045101)

Couldn't we just ask spammers to stop? I'm sure if they were aware that many people didn't enjoy their email messages they would likely find a new way to advertise. They surely wouldn't want to offend potential customers, right?

Simple solutions for simple problems, lol!

Sounds like fun (5, Funny)

hobo2k (626482) | more than 9 years ago | (#11045103)

Anybody want to help me shutdown hotmail for a couple days?

Other option.. (3, Interesting)

Coleco (41062) | more than 9 years ago | (#11045107)

..perhaps won't slow the flow of spam but will let you know who that bastards are that are selling your email in the first place. Buy a domain name then use a different email address of every site that asks for an email.. for example 'amazon_email@yourdomain.com' if you fill in a form at amazon.com.

You'd be suprised at the sites that promise to protect privacy and don't.

backup MX? (1)

molo (94384) | more than 9 years ago | (#11045109)

This would require shutting down or disabling backup MX servers also. Or, maybe changing the DNS records to remove backup MX servers.

Regardless, it would be pretty desperate to do that.

BTW, it took 48 hours to upgrade a MTA?! I'm glad I don't use Exchange.

-molo

Maybe they added spam filtering? (4, Insightful)

sterno (16320) | more than 9 years ago | (#11045115)

The article says that the school upgraded to a new version of Exchange during that two day period. IS it possible that during the course of the upgrade they also added some anti-spam features that aren't visible to the end user?

I know that personally I've had my mail server go down for more than two days without a backup relay and had no notable drop in spam traffic.

Yes (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11045144)

That sounds like a more reasonable explanation. I've had domains that got spam which I then didn't host anywhere for years, and then re-hosted, and they still got spam.

Another method (1)

stinkyfingers (588428) | more than 9 years ago | (#11045116)

Stop putting your email address on your blog. And your phone number.

The equivalent of colonics to lose weight... (0)

Anonymous Coward | more than 9 years ago | (#11045119)

Probably OK as a near-term solution (have to fit into dress X and time Y) but probably not going to last much beyond that zero-day date... as candy bars beckon and spam bots retrench.

bah ummm bug (1)

WormholeFiend (674934) | more than 9 years ago | (#11045121)

it's not going to stop brute-force dictionnary-based spam.

I find it especially annoying that gmail forwards me spam (albeit in my spam box) based on variants of "day.of.the.tentacle", eg dayofthe[whathaveyou]@gmail.com (yes, even without the dots between each word).

Thank you Google.

Business email users cannot afford this (2, Insightful)

ChrisPee (810133) | more than 9 years ago | (#11045122)

I would much rather spend 2-3 minutes a day deleting those spams that weren't caught by my automated spam filter, then miss even one legitimate business email message.

This doesn't work (1)

rlandrum (714497) | more than 9 years ago | (#11045131)

Unfortunatly, this solution doesn't work, and only affords a temorary reprieve from spam. I attempted the same thing. The problem is that your email address is on a list that is never *pruned*. It's resold and redistributed again and again, and while your current spammers may have pruned you from their lists, future spammers will check the address and see it as active, and continue spamming.

Sorry, there's no easy way out of spam.

Greylisting? (5, Informative)

Doomie (696580) | more than 9 years ago | (#11045135)

Isn't this just a variant of greylisting [puremagic.com] ? (the link is the first hit on google for 'greylisting')

In case of our university mailserver it worked like magic. I was getting 100 spams per day and now I get 4-5 and these are mostly from 'professional' "spamming houses" (the ones with proper mailing lists and proper mailservers, but which don't like poeople who try to unsubscribe).

Yes, like greylisting. (ie, Postgrey for Postfix) (5, Interesting)

kriegsman (55737) | more than 9 years ago | (#11045213)

Our Postfix mail server uses Postgrey [ee.ethz.ch] (click link for graph showing effectiveness), and it's as close to 'magic' as I've seen yet in the antispam category.

-Mark

Guess what'll happen... (1)

Maljin Jolt (746064) | more than 9 years ago | (#11045138)

I think I'll model, simulate and then optimize the amount of shut-down time required for spam levels to drop to zero!

Until spammers will send you a ping email to verify if your box awakes next week. Without any unnecessary top theoretical models...

This doesn't work (0)

Anonymous Coward | more than 9 years ago | (#11045142)

I tried this a while ago too, but it did not help anything. After my server was back up, the spam just resumed. Trying to make this work involves the basic assumption that a spammer only wants to send to real email addresses and is not spoofing the from and reply-to fields. I believe this assumption is false, since it makes no difference to the majority of spammers is some of their spam never reaches legitimate addresses.

Everything old is new again. (1)

gpinzone (531794) | more than 9 years ago | (#11045147)

Wow. I guess the popularity of web-based email addresses made this technique viable again. Back in the day when almost everyone except AOLers had to configure an email client to send and receive email, proxies that would bounce spam were used. It was effective at first. Then the spammers chose to ignore the bounced emails and just send them anyway. Now that there are so many people online that use the likes of Yahoo, Hotmail and GMail, this might be viable again. Anyone know how to bounce the mails in the Yahoo Bulk mail folder without a POP account?

I secured my windows box in a similar fashion... (1)

Lisandro (799651) | more than 9 years ago | (#11045150)

... i simply unplugged it off the router. The procedure resulted in 99% percent of logged attacks, give or take 2%.

Seriously, isn't that a bit extreme? Making the service unavaiable is no cure for spam when is unavaiable for everyone else aswell.

Why bother shutting down? (1)

Bellyflop (681305) | more than 9 years ago | (#11045153)

Why not just bounce all email for n days but deliver it as well. So you'll have to tolerate the spam and the recievers will have to tolerate the bounces, but the bounce message could include a line saying that it has actually been delivered. That way you avoid shutting down but get the same effects.

Are you kidding me? (0)

klipsch_gmx (737375) | more than 9 years ago | (#11045154)

I guess I should be surprised that this sort of nonsense made it to the front page, but that's nothing new. (To protest this sort of poor article choice, I encourage you to visit the Jihad [anti-slash.org] .

I've never seen any evidence, in years of running my own mail server, that shutting down for several days stops any spam traffic at all. I run my email domain off my cable modem, so from time to time I will lose service for several days. After it comes back, so does the spam, every single time.

I don't think the author of this article gets it. The spam zombie software that exists on so many people's home computers is not intelligent. It's fire-and-forget. If the message bounces, they don't even issue a "QUIT" command. They just drop the connection. Same goes for 4xx "not right now" style messages. (That's why things like greylisting [rhyolite.com] work so well.

Darpa project ??? (1)

karvind (833059) | more than 9 years ago | (#11045158)

Is this what scientists and researchers investigate these days on the name of science ? Find few more variables and optimize it or find variables and vary them and plot 100 graphs to write in a journal. Weak. -a

Arghh! (1)

Saint Aardvark (159009) | more than 9 years ago | (#11045165)

More than the religious custom, fasting has a scientific reason behind it: It detoxifies whole internal system by a) giving the body some much-needed rest and b) by cleansing the traces of toxins (as there's no fresh inflow, the bodily processes work on the left-over inventory and makes sure that it is digested properly and taken care of to give a fresh start the day after the fast).

I heard this all the time when I worked at a natural foods store. I call bullshit. From QuackWatch.org [quackwatch.org] :

It can be terrifying to believe that one's body is being poisoned by toxins from within. But if this were true, the human race would not have survived, says Vincent F. Cordaro, M.D., an FDA medical officer. "A person who retained wastes and toxins would be very ill and could die if not treated. The whole concept is irrational and unscientific."

Best link I could come up with on short notice.

That said, this anti-spam method sounds interesting. I've been Greylisting [puremagic.com] on my mailserver for a while now, and it's certainly helped. It would be interesting to compare & contrast and get some hard numbers on how well these (and other) approaches work.

I get almost no spam. (0)

Anonymous Coward | more than 9 years ago | (#11045174)

I've had the same email address for about 6 years and still get virtually no spam.

It's not always been that way, I used to get tons.
I use MacOSX mail.app and made heavy use of the "bounce" function. Many get re-returned due to forged return addresses, but also many go through.

I also used SPAMCOP and reported every single SPAM I got for quiet a period.

It seems that the squeaky wheel gets the oil since I get virtually no spam anymore, probably one every couple of weeks or so from TAPES.COM , which I report every single time, and then bounce. They will get the message.

Unacceptable (4, Insightful)

DanteBlack (656808) | more than 9 years ago | (#11045175)

This is a totaly unacceptable solution in a real-world business environment. Two days worth of bounced emails and even a moderate size company could miss over a $100K worth of online orders. Worse yet they could lose a current customer or, almost certainly, a potential customer. Customers as a rule don't take kindly to bounced orders and then they go to a competitor.

There are drop in solutions out there. Use them if it's a real issue.

Didn't work for me. Bots are stubborn. (2, Informative)

jakedata (585566) | more than 9 years ago | (#11045185)

I decomissioned a mail server recently. The IP address is empty. The MX record is flat out gone.

Despite this, my packet sniffer still sees ~20 connection attempts per hour to that old address, nearly three months later. They are all bot-infected PCs according to sbl-xbl.spamhaus.org

That address was being mercilessly spammed and under constant dictionary attack.

Ultimately, I was able to use my log files to reconstruct the dictionary they were hitting me with. I put the whole thing under blacklist_to and saw a big drop in junk getting past my filters.

-j

Odd girlfriend comment (2, Funny)

Anonymous Coward | more than 9 years ago | (#11045189)

6) T to Y: a) If you have a girlfriend, take a vacation with her.
b) If you dont have a girlfriend, check mails on the temporary alternative email ID.


This just in: Apparently airlines, the U.S. highway system, hotels, parks and other attractions have now opened their doors to people without girlfriends. Also, coffeeshops, bars, music venues, theaters, yoga studios and other local businesses are consdering joining this pilot program on a case by base basis.

Those without girlfriends, then, might be able to take a 48 hour break from the Internet as well.

Fake bounce messages? (1)

b0s0z0ku (752509) | more than 9 years ago | (#11045194)

Why bring down your server at all? Just have it send out fake bounce notifications to all authors of incoming messages (except for maybe those on a white list) for a few days, but have the mail go through as normal. You could even include a little blurb in the bounce messages stating that they are fake - spammers are very unlikely to read the actual contents of those messages since spamming is usually handled automatically.

-b.

Tried that, didn't work (0)

Anonymous Coward | more than 9 years ago | (#11045195)

I have my own domain, so as an experiment once I temporarily deleted my account for... about a month (sent a temporarly email address to friends and family to use).
A month later, I opened the old account again. Took about 5 minutes to get the first spam. I shut it down again and pernamently switched to the temporary address.
I think that even if the spammers that currently use your address remove you from the list, the problem is you old address will get resold, regardless if it works or not.

Block them at the MTA (1)

deadl0ck (92256) | more than 9 years ago | (#11045198)

I get spam to roughly 3 accounts. www@mydomain, I use that everywhere, usenetMMYYY@mydomain, I rotate that every few months and remove the alias. And the only issue I have with spam is one of my friends decided 4 years ago that I need 12 free CD's and posted my main myfirstname@mydomain on a web site. I'm still getting spam to that address but it comes in spurts. It seems its sold to a new Spam agency every 6 months and I spend about 2 weeks putting more DENY's in sendmail, I get a break for a few months after that. I also use the www address to update my ACCESS list for sendmail.

Interesting approach... (1)

kzinti (9651) | more than 9 years ago | (#11045199)

Sacrifice a few days of legitimate e-mail for a drastic reduction in spam, but I'm wondering if it's possible to let some e-mail through while bouncing all the rest - a whitelist approach. This would entail not turning off the server entirely, but responding "no such address" to all but those few names on the whitelist. So you could still hear from Grandpa or Aunt Jo, but all other mail would bounce. Would that be as effective as a complete shutdown? I'm guessing it would, because either way the recipient is unreachable, and thus gets culled from the spammer's lists.

One problem I see with either approach is that the effect may be temporary. You'll get removed from the lists of people sending out mail during those few days you're shut down, but because your address is still in all those "millions of e-mail addresses on CD" lists that the spammers sell to each other, your spam load is eventually going to ramp back up to its previous levels.

Some of us aren't going to be able to use your method, because our mail goes through a forwarder. I buy an e-mail address from pobox.com that forwards to my real address. The SMTP server at pobox.com is always going to look valid to the spammers - unless I temporarily change my alias... and then I risk losing it.

I have an alias that I've been using for nearly 10 years. The beauty of a forwarding service like pobox is that you can keep the same e-mail address no matter what your "real" e-mail address is. The curse of a forwarding service like pobox is that the spam finds you no matter what your "real" e-mail address is. I keep using my e-mail address, clinging to the faint hope that, some day, a solution to the spam problem will arise - one that doesn't include having to change my alias and give the new one to the hundreds of people and web sites that I want to receive legitimate e-mail from.

In the mean time, I use the CRM-114 discriminator. Not ideal, because it gets too many false positives, but until I make the sacrifice of changing to a "clean" alias, it's the best I'm able to do.

the next logical step (1)

4-D4Y (825020) | more than 9 years ago | (#11045217)

track down spammers and apply shotgun

Required time (1)

Papay-Noel (316944) | more than 9 years ago | (#11045219)

"I think I'll model, simulate and then optimize the amount of shut-down time required for spam levels to drop to zero!"

Let me guess... I think he'll get the best results when delta t approaches infinity.

Greylisting (2, Informative)

mpeppler (128232) | more than 9 years ago | (#11045226)

I added greylisting to my mail server, and that cut down on both spam and virus messages by a tremendous amount. See http://greylisting.org/ [greylisting.org] for more info.

Hire My Company (0)

Anonymous Coward | more than 9 years ago | (#11045229)

Fire your network admins, any decent mail-system upgrade should *never* take 48 freeking hours! Guess that's what you get for using Exchange...

-scheides

What we need... (1)

InfinityWpi (175421) | more than 9 years ago | (#11045232)

...is a way to receive email, but reserve the right to send a 'bounce' message sometime in the next, say, 24 hours. So once a day you can go into your server, sort the spam out, and just send out bounce messages en-masse to clear the address out of those lists. It's more work than shutting down the server, but lets you keep the 'good' email coming.

Since the article is /.'d (1)

fimbulvetr (598306) | more than 9 years ago | (#11045234)

It's /.'d, so I can't RTFA. However, submitter says:
In my case, a two-day shutdown resulted in 97.5% decrease in spam traffic!
Is it just me, or does it seem like one should see a 100% spam reduction after shutting down your mail server.
Additionally, if your mailserver is your laptop, you can actually preserve fertility by using this method as well.

Interesting... however... (1)

Atrophis (103390) | more than 9 years ago | (#11045236)

Now, expect an instant change in how spammers handle bouncing email addresses.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?