Posted on 09/24/2006 4:54:12 AM PDT by jwparkerjr
September 21, 2006 (IDG News Service) -- Computer security analysts who fight spam face the same thankless task as goalkeepers: They don't get much credit for the unsolicited e-mail they stop, only demerits for the ones that get through.
But those few messages that wriggle past increasingly sophisticated filters constitute the greatest threats on the Internet.
The messages range from relatively harmless pitches for human growth hormones to ones with malicious code attached that could steal passwords or documents from a machine.
The sheer volume of spam still threatens to bring the Internet to a crisis point. Up to 90% of all e-mail traffic is spam, a figure that has crept upward in recent years. The forecast isn't good, either.
"We see spam just going up to the point where Internet servers start having difficulty," said Steven Linford, chief executive officer of Spamhaus, a London nonprofit organization that generates a list used by technology companies and organizations running e-mail servers to block spam.
"Spam will tend to increase to where it will be 99 percent of all e-mail on the Internet," he said. "At that point, governments will start to take notice."
(Excerpt) Read more at computerworld.com ...
I setup a filter at work and it blocks around 5-6 thousand messages per day. We have one user who has over 400 spam messages per day sent to them. It has gotten far worse over the last couple of years.
The courts aren't helping the fight against spam:
http://www.spamhaus.org/legal/answer.lasso?ref=3
I have had an idea on this problem for years. It seems to me a different approach might work better. I think of it as similar to the notion that, to curtail illegal aliens, we choke off the jobs by nailing the employers.
In order for spammers to make money, there has to be somewhere for them to receive money. Now, all spammers are not Nigerians or Chinese. A lot of legitimate companies are stupid and pay bulk emailers to send out ads. If you call them, they alwasy claim that they have no control, that they only use mailers that send to "opt in" lists. Which is total bull.
For example, I had one spammer bombarding me with ads for a particular company. I called their marketing dept. and told them, getting the same line about opt in. I politely but firmly explained that I was going to sue them because it was legally their responsibility for hiring the spammer. I faxed this notice to the appropriate person (faxes now being legal documents). I asked for and received a written acknowledgement of my request.
Here is the interesting part. I stated to the marketing director that not only would I sue if I continued to get spam with their ad, I would sue if I continued to get any spam from that bulk mailer, since they had hired them in the first place.
Not only did I get a notice from the company that they were following my directions, I also received contact from the spammer stating that they would leave me alone. I called the contact at the company at that point and she told me that she had called the spammer and told him in no uncertain terms that she would fix his wagon if they didn't leave me alone.
Now, I'm sure they continued to use this spammer, but they left me alone after that.
My point is that any real & legit company that is using 3rd party outfits to spam, and claiming no responsibility, should be held legally liable for the spamming. Choke off that source of revenue to the spammer. Obviously, that is only one segment of the spam we get, but still a significant one. And I am fed up with companies knowingly using spammers and then denying any culpability or knowledge that they are doing so.
I had a run in with Columbia Records some time ago just as I described above. They cussed me out, but damned if the spamming didn't stop. Columbia was dumb enough to give me the marketing department's fax number so I could fax them my request to stop. After doing that, I posted the number in a newsgroup on spam. Suggested that those receiving Columbia spam bombard them with faxes on the subject.
Follow the money. Hit them in the pocketbook.
I use qmail, with patches that allow Spamassassin and Clam-AV to check the mail before it gets queued. I also use RBL's from spamhaus, spamcop, and sorbs. The RBL's reject about 80% of the attempted connections, but an annoying amount of spam still makes it through.
So what server do you use, and how'd you configure it to work this way?
On postfix you can use something called postgrey:
http://isg.ee.ethz.ch/tools/postgrey/
Here is my end user anti spam strategy: get yourself at least two email addresses- one preferably from a free service such as hotmail (public) and the other from your isp (private). Use only the public address when registering for accounts/ products etc. and use your private address for friends, family and business (do not publish your private email address on any websites, use the public address or create a sub account with your isp for that). This way you can disregard 99% of the email going to your public address, pick out the emails you wish to keep and dump the rest.
Use outlook, not outlook express (MS users). Outlook 2003 has some very good spam filters built in. Make sure to update outlook regularly through microsoft updates (windows update site, top bar, office family button). Set up message filtering rules in outlook for any spam that still gets through (tools drop down, rules and alerts...if subject has "viagra, money, XXX" etc. send to deleted items).
If you do not have outlook get yourself a spam filter add in, Qurb is a good example, and let it help you.
When the remote server is in my black list, and it sends mail to me, it opens a TCP socket. My side holds it open, consuming resources on the sender. :>
Check it out here
No idea. I've always used SpamAssassin until recently. I still do, it just doesn't have much to do.
Of course, I believe that using Windows for email is like using gasoline to pressure wash hot engines. You might get away with it for a while but sooner or later you're going to get burned.
A million thanks for the info!
It just sorta creeps up on you. When I was getting less than a hundred a day I figured it was more work to get filtering set up than it was to just delete the obvious spam. Then it kept creeping up and I kept adjusting to it, like the frog in the boiling water experiment from grade school.
It's gone from the ridiculous to the sublime and it's time to take some action!
Thanks for waking me up.
re: But...But...WE PASSED A SPAM LAW!
Seeing how effective that law has been maybe we should pass one making it illegal to come the US without the proper papers, etc. </s>
re: the "Nigerian" scam
I worked for me! I'm waiting for my check to arrive any day now. It's been almost six months, but you know how slow the mail is from those foreign countries. </s>
"Show me just what Mohammed brought that was new, and there you will find things only evil and inhuman, such as his command to spread by the sword the faith he preached." -Manuel II Paleologus
I have several e-mail addresses and invariably I get these spam messages and they use all these tricks. I just delete them. However, in my opinion this is a political problem. Spammers should be put out of business permanently and either sentenced to life in federal penetentiaries or outright execution. If the politicians see this as a political problem they can act and enact strong laws that will put 99% of these clowns out of business.
But the one thing that REALLY concerns me is phishing. I nearly fell for one of those the other day after being on the computer for several hours. That was a real wake-up call.
Interesting technique. I use several blacklists and maintain my own whitelist, and I just reject them all with a 550, but some zombies will retry the transaction up to 50 times before giving up. I'll try scripting up your solution and see what happens.
This is very true. I can watch my firewall processing email at any given time and many of the connecting hostnames appear to be coming from broadband internet subscribers.
"My mail server gets a request from a sending host, records the IP address, then boots the email back with a 450 error.
Very clever, sending a 'soft error' in response to an SMTP connect. That will slow things down a bit, but if a quick response isn't important in your operations that's all good.
Every day I have 12-45 new spams, almost all with no text. I guess the spammers are simply looking for good email addresses.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.