Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Shutting Down the Highway to Internet Hell
Yahoo News / Ziff Davis: News ^ | 10 April 2005 | Larry Seltzer

Posted on 04/11/2005 10:12:57 AM PDT by ShadowAce

click here to read article


Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100101-120 next last
To: dfrussell
The most you can do here is to use a broken system and insert additional, incorrect information before passing along

Which is what most spammers do, hence my statement Spam is almost never traceable, it usually comes from a bunk address Stands...

81 posted on 04/11/2005 12:57:07 PM PDT by N3WBI3
[ Post Reply | Private Reply | To 67 | View Replies]

To: Arthalion

Sounds like the way Microsoft does things. SP2 caused me a few headaches because the firewall was enabled by default and I only found out because I couldn't use Remote Desktop or install my VPN client. Ugh.


82 posted on 04/11/2005 12:59:00 PM PDT by Squawk 8888 (End dependence on foreign oil- put a Slowpoke in your basement)
[ Post Reply | Private Reply | To 75 | View Replies]

To: tacticalogic
Just getting everyone to implement SPF records, and then require a valid SPF resolution before accepting the mail would fix the spambots.

Possibly, but SPF isn't likely to become widespread because many people use a return address unrelated to a sending site and SPF would eliminate this ability.

This means that you wouldn't be able to use your business address from hotmail and vice versa.

83 posted on 04/11/2005 1:00:19 PM PDT by dfrussell
[ Post Reply | Private Reply | To 78 | View Replies]

To: N3WBI3

Actually it's pretty easy to trace, the problem is most users don't know where to look. The original IP is almost always in the header, so just run a WHOIS on it and forward to the owner of the address. That's how I shut down the guy who hacked Free Dominion and sent email threats to the membership.


84 posted on 04/11/2005 1:02:06 PM PDT by Squawk 8888 (End dependence on foreign oil- put a Slowpoke in your basement)
[ Post Reply | Private Reply | To 81 | View Replies]

To: N3WBI3
Which is what most spammers do, hence my statement Spam is almost never traceable, it usually comes from a bunk address Stands...

1. Most spammers don't bother because they're not in the US and could care less if the spambots they're using are blacklisted.

2. It's easy to check the mailing headers and verify the chains. If one of the hops is an open proxy, you know that anything prior to that is bogus, and there are a number of locations which will give you a free ID and a web interface which will automatically do this for you.

Believe what you like, but you're wrong.

85 posted on 04/11/2005 1:11:25 PM PDT by dfrussell
[ Post Reply | Private Reply | To 81 | View Replies]

To: dfrussell
This means that you wouldn't be able to use your business address from hotmail and vice versa.

I not really sure if I'd care about getting email from someone who runs their business email from a hotmail account, anyway.

86 posted on 04/11/2005 1:15:54 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 83 | View Replies]

To: dfrussell
2. It's easy to check the mailing headers and verify the chains. If one of the hops is an open proxy, you know that anything prior to that is bogus, and there are a number of locations which will give you a free ID and a web interface which will automatically do this for you.

Open relays get blacklisted in short order. 99+% of the time, the ip address your mail server got it from is the source, and everything before that is a lie.

87 posted on 04/11/2005 1:21:21 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 85 | View Replies]

To: tacticalogic
I not really sure if I'd care about getting email from someone who runs their business email from a hotmail account, anyway

Possibly I wasn't clear...

Lots of people with corporate IDs go home and work (lots of Type As out there) or have a blackberry and want to use their coroprate ID as a return address. This wouldn't be possible and IT mgmt isn't going to implement because corporate mgmt would complain :)

88 posted on 04/11/2005 1:23:27 PM PDT by dfrussell
[ Post Reply | Private Reply | To 86 | View Replies]

To: tacticalogic
Open relays get blacklisted in short order. 99+% of the time, the ip address your mail server got it from is the source, and everything before that is a lie.

You're confusing open relay and open proxy.

You can fake some of the header info with an open proxy, but you can't with an open relay.

Very little spam is sent through open proxies and those are also tracked in RBLS.

89 posted on 04/11/2005 1:27:04 PM PDT by dfrussell
[ Post Reply | Private Reply | To 87 | View Replies]

To: dfrussell
Lots of people with corporate IDs go home and work (lots of Type As out there) or have a blackberry and want to use their coroprate ID as a return address. This wouldn't be possible and IT mgmt isn't going to implement because corporate mgmt would complain :)

Corp email from home or a Blackberry is pretty standard stuff. Even a small business can set up an email server with a web front end.

90 posted on 04/11/2005 1:27:58 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 88 | View Replies]

To: dfrussell

I'll still stand by my statement. A mailserver configured as an open relay will be found by the spammers and exploited, and will be blacklisted by all the major RBL's within 48 hours.


91 posted on 04/11/2005 1:31:06 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 89 | View Replies]

To: tacticalogic
Corp email from home or a Blackberry is pretty standard stuff.

And they won't work if DNS/SPF listed the valid outbound IPs for a domain.

Even a small business can set up an email server with a web front end.

Yes, but many people in mgmt do not care to use them :)

92 posted on 04/11/2005 1:37:02 PM PDT by dfrussell
[ Post Reply | Private Reply | To 90 | View Replies]

To: tacticalogic
I'll still stand by my statement. A mailserver configured as an open relay will be found by the spammers and exploited, and will be blacklisted by all the major RBL's within 48 hours.

OK.... well if this is now your "statement", obviously your previous statement that the IPs can't be tracked is incorrect... which means you've just agreed with me because that is the one I said was incorrect :)

93 posted on 04/11/2005 1:43:50 PM PDT by dfrussell
[ Post Reply | Private Reply | To 91 | View Replies]

To: dfrussell

I didn't say it couldn't be tracked. Someone else, maybe?


94 posted on 04/11/2005 1:46:20 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 93 | View Replies]

To: dfrussell
And they won't work if DNS/SPF listed the valid outbound IPs for a domain.

I meant from the corp's own mailserver.

Yes, but many people in mgmt do not care to use them :)

I find they warm up to the idea quite nicely when it's the only way their email is going to get delivered :).

95 posted on 04/11/2005 1:49:34 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 92 | View Replies]

To: tacticalogic
I didn't say it couldn't be tracked. Someone else, maybe?

Could be... tough to keep track after awhile :)

48 hours in terms of spam is ancient history, and many locations will not even accept reports of spam > 48 hours.

I agree that most open relays are discovered, exploited and blacklisted easily within 48 hours.

96 posted on 04/11/2005 1:54:15 PM PDT by dfrussell
[ Post Reply | Private Reply | To 94 | View Replies]

To: dfrussell

So your saying that I can not forge a mail header to come from a false address if I ay... find an open relay?


97 posted on 04/11/2005 1:57:59 PM PDT by N3WBI3
[ Post Reply | Private Reply | To 85 | View Replies]

To: dfrussell
I agree that most open relays are discovered, exploited and blacklisted easily within 48 hours.

Agreed, I was just making allowances for the odd holiday weekend debut.

98 posted on 04/11/2005 1:58:07 PM PDT by tacticalogic ("Oh, bother!" said Pooh, as he chambered his last round.)
[ Post Reply | Private Reply | To 96 | View Replies]

To: N3WBI3
Sounds like allota work for a little gain. inorder for this to be measurabally useful SMTP will have to be trashed. It would be easier for IPS's to allow users to create white list via some kind of web interface, and for the ISP to force reverse lookup of incoming mail.

Some ISPs (ie. Earthlink) do something similar.

as for the 250 a month what about listserves?

The beauty of my scheme is that email senders would have to identify themselves, so listservs could probably get an exception (since they are opt-in/-out).

What you propose would work, but what you get out of it is no different than a person creating a deny *, and putting allowed addresses infront of it.

Not true. It would allow anyone to send anybody mail. But the difference is that it would prevent spammers from sending bulk-mailings.
99 posted on 04/11/2005 1:58:43 PM PDT by Bush2000
[ Post Reply | Private Reply | To 48 | View Replies]

To: tacticalogic
I meant from the corp's own mailserver.

OK... but my point was the exact opposite.

I find they warm up to the idea quite nicely when it's the only way their email is going to get delivered :).

The company owns the relays and irrespective of what the techs think, mgmt makes the decisions.

Without prior mgmt agreement, this is probably grounds for termination, and I'm rather fond of being paid :)

100 posted on 04/11/2005 1:59:07 PM PDT by dfrussell
[ Post Reply | Private Reply | To 95 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 41-6061-8081-100101-120 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson