Another request

  • Thread starter Thread starter Glenn
  • Start date Start date
G

Glenn

This one should be easy.

I have been targeted lately for spam on "nail fungus". Must have gotten 7 -
8 in the last couple days. I added the 2 words to my filter but they are
smarter than that. The last ones were variations of "na il fung us" and
each with different "froms". The body is a picture so a word in it can't be
targeted.

What we need and I'll bet that includes everyone, is a program that reads
the subject and will remove all spaces, dots etc. Then "nailfungus" or
"Viagra" etc, could be targeted and would bounce. That would be easy to
write. What I need is a tie-in to OE. Anything like that out there?

Glenn
 
This one should be easy.

I have been targeted lately for spam on "nail fungus". Must have gotten 7 -
8 in the last couple days. I added the 2 words to my filter but they are
smarter than that. The last ones were variations of "na il fung us" and
each with different "froms". The body is a picture so a word in it can't be
targeted.

What we need and I'll bet that includes everyone, is a program that reads
the subject and will remove all spaces, dots etc. Then "nailfungus" or
"Viagra" etc, could be targeted and would bounce. That would be easy to
write. What I need is a tie-in to OE. Anything like that out there?
Click to expand...

I use Popfile. It catches all that stuff.
 
Hi:

I use a whole SMART system..

1. setup 2 email addresses.
-1 personal
-1 spam

2. Create a NEW folder in your inbox.

3. Create message rules..
-If any mail has the TO line of (your spam email address) then PUT IN
TRASH.

-any messages with the TO line of (personal email address) then put in
the NEW folder.

Now, use the SPAM email for Newsgroups, not trusted people, personal
websites, and Websites demanding a valid Email (from untrusted/known sites)
give them your spam address (amazon.ca, and .com are good for not spamming
except the ocasional sales they have, but don't share their mailing lists).

Use your PERSONAL address for friends, family, and trusted people.

The first rule will auto trash spam where spammers got your email from a
website, and newsgroup, etc.

Second rule moves the real messages to a new Real Inbox folder and the
Forged emails (to (e-mail address removed) and end up in your inbox) will be
in the Inbox and you can manualy delete those. IF there was a rule stating
email without (personal email address) then delete it, that would work
better than making a new folder.

Other than that, another Idea I got (may work, may not) is to make all kind
of bogus numbers@noshuc domain.. ie (e-mail address removed) and put
them all up on a website and wait for a spider to attempt to snag the bogus
emails, and flood a spider with bad addresses to make it not worth spamming
(but make sure you have real bogus, and not wanted to register domainnames).
Might be an option. But perhapse more friustration talks than anything.
 
Its Me said:
Hi:

I use a whole SMART system..

1. setup 2 email addresses.
-1 personal
-1 spam

2. Create a NEW folder in your inbox.

3. Create message rules..
-If any mail has the TO line of (your spam email address) then PUT IN
TRASH.

-any messages with the TO line of (personal email address) then put in
the NEW folder.

Now, use the SPAM email for Newsgroups, not trusted people, personal
websites, and Websites demanding a valid Email (from untrusted/known sites)
give them your spam address (amazon.ca, and .com are good for not spamming
except the ocasional sales they have, but don't share their mailing lists).

Use your PERSONAL address for friends, family, and trusted people.

The first rule will auto trash spam where spammers got your email from a
website, and newsgroup, etc.

Second rule moves the real messages to a new Real Inbox folder and the
Forged emails (to (e-mail address removed) and end up in your inbox) will be
in the Inbox and you can manualy delete those. IF there was a rule stating
email without (personal email address) then delete it, that would work
better than making a new folder.

Other than that, another Idea I got (may work, may not) is to make all kind
of bogus numbers@noshuc domain.. ie (e-mail address removed) and put
them all up on a website and wait for a spider to attempt to snag the bogus
emails, and flood a spider with bad addresses to make it not worth spamming
(but make sure you have real bogus, and not wanted to register domainnames).
Might be an option. But perhaps more frustration talks than anything.
Click to expand...


I never use a real address in a ng including this one.

Can't prove it but I believe they can get isp addresses fairly easy. Then
they computer drive a search of every conceivable name and every conceivable
combination of that name and try the name. If it doesn't come back, bingo,
they sell it to every sleazy spammer in the country. Based on that theory,
there is no way to eliminate your address from getting out. With fast
computers now-a-days that wouldn't take all that long.

I consider my way the best but I have no tie-in to OE off hand. I will look
into it if there is nothing out there.

Glenn
 
Glenn said:
This one should be easy.

I have been targeted lately for spam on "nail fungus". Must have
gotten 7 - 8 in the last couple days. I added the 2 words to my
filter but they are smarter than that. The last ones were variations
of "na il fung us" and each with different "froms". The body is a
picture so a word in it can't be targeted.

What we need and I'll bet that includes everyone, is a program that
reads the subject and will remove all spaces, dots etc. Then
"nailfungus" or "Viagra" etc, could be targeted and would bounce.
That would be easy to write. What I need is a tie-in to OE.
Anything like that out there?

Glenn
Click to expand...

Doesn't work like you've described, but no matter -- this program is a
favorite of many:

http://keir.net/k9.html

<quote>
K9 is an email filtering application that works in conjunction with your
regular POP3 email program and automatically classifies incoming emails
as spam (junk email) or non-spam without the need for maintaining dozens
of rules or constant updates to be downloaded. It uses intelligent
statistical analysis that can result in extremely high accuracy over
time.

K9 learns from its mistakes and becomes better and better at being able
to identify spam. More importantly it learns to recognize what you
consider to be spam.

</quote>
 
This one should be easy.

I have been targeted lately for spam on "nail fungus". Must have gotten 7 -
8 in the last couple days. I added the 2 words to my filter but they are
smarter than that. The last ones were variations of "na il fung us" and
each with different "froms". The body is a picture so a word in it can't be
targeted.

What we need and I'll bet that includes everyone, is a program that reads
the subject and will remove all spaces, dots etc. Then "nailfungus" or
"Viagra" etc, could be targeted and would bounce. That would be easy to
write. What I need is a tie-in to OE. Anything like that out there?

Glenn
Click to expand...

K9
http://keir.net/k9.html

regards

Dud
 
Its Me wrote:

Other than that, another Idea I got (may work, may not) is to make all kind
of bogus numbers@noshuc domain.. ie (e-mail address removed) and put
them all up on a website and wait for a spider to attempt to snag the bogus
emails, and flood a spider with bad addresses to make it not worth spamming
(but make sure you have real bogus, and not wanted to register domainnames).
Might be an option. But perhapse more friustration talks than anything.
Click to expand...

I had the same idea one night and decided to write a program that will
create 1000's of invalid email addies just to put it on the web for them
to come across. So I took a trip to the world of spammers to look at it
from their point of view. Here's what I found while researching it-

A majority of email addresses are culled from NGs. This includes munged
addresses ([email protected]). Yes, they have software will use
'fuzzy logic' to remove certain popular strings. The software they use
scours the net/NGs looking for anything vaguely resembling an address
(anything with (e-mail address removed)- and links to other sites that potentially
have addresses on them (sign my guestbook links are popular)


Of the addresses they collect, they can (and do) check them for validity
on 3 levels depending on the spam software they use.

Level 1 checking- Correct syntax (IAW RFC 2821/2822) This means making
sure that addresses don't contain illegal chars. (although, my research
has taught me that technically, the rules for invalid characters is a
grey area) (see RFC 2821 section 4.1.2 for more info).

Level 2 checking- DNS lookup of the domain (it will check to see if the
chars after @ and before .com is a valid domain name.

Level 3 checking- Connecting to the SMTP server of the domain in the
potential email address and trying to send empty message to the
"person". Depending on the SMTP server, it may or may not send back a
message saying whether or not they have a user by that name. (Yahoo for
example won't reply if it a valid address or not- it is up to the
spammer to decide whether or not to include these). I am guessing this
is why so many have invalid reply addresses because if they choose to
include the domains that don't reply, they risk getting thousands of
bounced email addresses. Since it's perfectly normal to intiate a
contact with an SMTP server, and send that request (because that is how
email is sent), they are still breaking no laws.

It's important to note that all 3 levels can be done without ever
sending an actual email to anyone and more importantly 1000's of email
addresses can be verified in a minimal amount of time.

Yeah, I feel your pain and frustration. Posting 1000's of invalid email
addresses will only trap the spiders without the proper tools to verify
the addresses. However, I digress. Here is what I am thinking.
Every second the spend trying to verify a bogus address is one less
minute in their day to spam people. It eats up processor time. The
problem lies in getting lots of people to post lots of addresses.
Furthermore, spammers are conintually searching for fresh addresses, so
simply uploading a page to your webspace will only work for a short
time. For it to work, you will need keep posting fresh invalid
addresses to keep tying them up.

In a perfect world, SMTP servers would simply stop responding to 'user
exists' querries, and ISPs could do more than sue a spammer. Yeah, yeah
I know that in the US a spammer can face a fine of $25,000 a day and a
trip to Federal 'pound-me-in-the-ass' prison, but AFAIK no spammers have
seen the slammer. To compound the problem, some ISPs actually profit
from spammers and remain untouchable because they inevitably claim they
didn't one of their users were spamming (despite charging them for extra
bandwidth for months before closing an account!) Not to mention the
overseas spammers (Hong Kong, I'm looking at you)

I really don't know what the 'answer' is. Spammers have a slew of
underhanded methods of getting your email address and no shortage of
people who aren't privy to their sleazy methods enough to protect
themselves. The best you can do at this point is to use filters set on
"draconian", be very cautious about giving out your email address,
refuse to do business with spammers and companies that support spammers
(again this is a slippery slope to travel, because I have found out that
MANY so called reputable companies take part in spamming to some
degree). In other words, keep a low profile, try to stay off their
radar, and with any luck, in time, a solution can be found.


Sorry, this was so long, do you see my frustration?
 
I had the same idea one night and decided to write a program that will
create 1000's of invalid email addies just to put it on the web for them
to come across. So I took a trip to the world of spammers to look at it
from their point of view. Here's what I found while researching it-
Click to expand...

I did the same, but I found differing tools.

I've resigned myself to accept that there is nothing that I can do,
other than never replying to a spam.

The first two tools that I checked out create and validate email
lists. The user can set however many digits preferred as to the left
side of the @ and it will generate all permutations. The other
verifies, removing any that do not respond. Hotmail does respond.

So, in 20-30 minutes a spammer can generate all possible email
addresses to say (e-mail address removed) and verify them in a bit
longer. The sad part is they don't care how many bounce, so
verification is of low priority.

Then, with a simple search and replace tool hotmail.com can be changed
to yahoo.com, or your.com, or my.com.

Luckily my ISP has been working with filters and is getting about 85%
of the spam. Thunderbird makes quick work out of the 15% that gets
through. I almost trust it enough that I don't need to scan the junk
before deleting it, but occasionally I do get an email from someone I
don't know. The only way I can see these is if the sender uses a
subject that I can tell is not spam, like "ACF - freeware question."
I really don't know what the 'answer' is. Spammers have a slew of
underhanded methods of getting your email address and no shortage of
people who aren't privy to their sleazy methods enough to protect
themselves. The best you can do at this point is to use filters set on
"draconian", be very cautious about giving out your email address,
refuse to do business with spammers and companies that support spammers
(again this is a slippery slope to travel, because I have found out that
MANY so called reputable companies take part in spamming to some
degree). In other words, keep a low profile, try to stay off their
radar, and with any luck, in time, a solution can be found.
Click to expand...

The only addresses of any real value are those that reply.

Addresses are cheap and for the making. 150,000,000 bounces? It's of
no consequence to the spammer. Only the mail servers suffer. It
doesn't make sense to spend 2 minutes to validate or to look at
bounces and I seriously doubt any spammers do. They probably scan for
responses though looking for the susceptable.
 
REM said:
The first two tools that I checked out create and validate email
lists. The user can set however many digits preferred as to the left
side of the @ and it will generate all permutations. The other
verifies, removing any that do not respond. Hotmail does respond.

So, in 20-30 minutes a spammer can generate all possible email
addresses to say (e-mail address removed) and verify them in a bit
longer. The sad part is they don't care how many bounce, so
verification is of low priority.
Click to expand...

If mail admins all over the world decide to do something really useful to
stop spamming they could do this:
Warn all their users that from next week all mail addresses are changed,
the domain part of the addresses are changed to something completely new.

They should also avoid giving a lot of people the same domain, like
millions of users at hotmail.com, instead divide the users into smaller
groups and give them different domain names.

All usenet participants should be told to use fictitious domain names as
sender. And everybody are told to not reveal their new addresses in public.
Teach them good ways to munge their address if they absolutely have to
reveal it in public.

This would result in that spammers would no longer have valid email
addresses to use, and they would not even have valid domain names to try
out by creating user names by permutations.

The spammers would have nowhere to send their spam, except to their own
email domains, because they would only know the new domain names of their
own addresses.
When they spammed their own domains they would get caught a lot easier, it
would become a local problem for the mail admin at the local domain.

The internet in general would not have to use a lot of capacity for spam
messages and bounces.
 
I also hear Billy Gates has an Idea to curb spam..

Acording to the radio gameshow I listened to, he (bill gates) is considering
charging a 1¢ Fee for sending Emails. so thespammers will have to pay
Thousands to send mail making it less desireable to market like that.

Only 2 problems I have is htis:

1. Who gets the money? Bill gates? or does the individual ISPs? and who will
be alowed to sell 'stamps'?

2. This only opens the Door for them to start charging 10¢, 15¢, 20¢, or
more for 'Stamps'.
 
Another way to curb spam would be some CGI form Email (that doesn't reveal
the email address) and use a form to email (a cryptic email address) and
make the subject have a cryptic subject that if not present, will delete the
message on site (then direct people there to do mailing).
 
Its said:
I also hear Billy Gates has an Idea to curb spam..

Acording to the radio gameshow I listened to, he (bill gates) is considering
charging a 1¢ Fee for sending Emails. so thespammers will have to pay
Thousands to send mail making it less desireable to market like that.

Only 2 problems I have is htis:

1. Who gets the money? Bill gates? or does the individual ISPs? and who will
be alowed to sell 'stamps'?

2. This only opens the Door for them to start charging 10¢, 15¢, 20¢, or
more for 'Stamps'.
Click to expand...

I have serious problems with anyone who wants to start imposing costs on
a medium of free speech. To me its an example of someone who is rich,
trying to get richer. I don't think this is a case where charging
people will make it go away (look at music downloading- despite charging
people, has illegal downloading gone away?) No. I don't think that
will solve anything, except giving legitimacy to their operations
("..well, I'm paying for it, so it must be ok")

Isn't it odd that I've gotten thousands of emails from certain spam
companies. If they were phoning me, or following me around handing out
flyers for different products in real life, I would be able to charge
them with harrassment.
 
I have serious problems with anyone who wants to start imposing costs on
a medium of free speech. To me its an example of someone who is rich,
trying to get richer. I don't think this is a case where charging
people will make it go away (look at music downloading- despite charging
people, has illegal downloading gone away?) [clip]
Click to expand...

Well, I'm not too worried. If M$ starts charging to send E-mail from
Outlook, or Hotmail, well, I'll find another Email manager.

If all the Email apps go that way, someone will find a way to re-create a
NEW system like E-Mail like service back for free. (or some hacker will find
a way to trick Email to think it has unlimited stamps or something) in which
case, we will be back at Square 1. Smap and free e-mail.
 
Hi Roger,

It is good that people are thinking of ways to cut down spam.
However, what you are suggesting would take more resources than anybody has
available.
 
derek / nul said:
It is good that people are thinking of ways to cut down spam.
However, what you are suggesting would take more resources than anybody has
available.
Click to expand...

Yeah, maybe.. But the resources are already there. All mail servers have
some people who administrate them already.

These people only need a better idea than to try to adjust their hardware
capacity to a swelling flood of spam.

They could also limit the number of emails a user can send per day on all
smtp servers. A limit of 100 emails per day would hardly be a problem for
normal users.

But the spammers can also run their own smtp servers, if the ISP is
allowing such traffic. Most ISP:s are already blocking such private smtp
servers, but some allow it.
 
I also hear Billy Gates has an Idea to curb spam..

Acording to the radio gameshow I listened to, he (bill gates) is
considering charging a 1¢ Fee for sending Emails. so thespammers will
have to pay Thousands to send mail making it less desireable to market
like that.

Only 2 problems I have is htis:

1. Who gets the money? Bill gates? or does the individual ISPs? and
who will be alowed to sell 'stamps'?

2. This only opens the Door for them to start charging 10¢, 15¢, 20¢,
or more for 'Stamps'.
Click to expand...

I saw on a research site that instead of using money. The system server
would use time, eg how long it takes a 'human' to type a mail, say 30 secs,
that's how often you could send an email. Instantly putting machine
creatable mail systems out of business. or reducing spam to a definable
number per day per server system.

I wouldn't stop us sending as we would have to type them. If you were
sending a multiple message to a group of contacts say 25, then
25x30 secs 12 minutes would pass before a server would accept an email from
you.

Any restriction to stop/reduce spam is ideal.

S
 
@nd said:
I have serious problems with anyone who wants to start imposing costs on
a medium of free speech. To me its an example of someone who is rich,
trying to get richer. I don't think this is a case where charging
people will make it go away (look at music downloading- despite charging
people, has illegal downloading gone away?) No. I don't think that
will solve anything, except giving legitimacy to their operations
("..well, I'm paying for it, so it must be ok")

Isn't it odd that I've gotten thousands of emails from certain spam
companies. If they were phoning me, or following me around handing out
flyers for different products in real life, I would be able to charge
them with harrassment.
Click to expand...

And another obvious point is that most of use are paying for the
privilege of using email already. My ISP gets $20 a month from me. I
don't like the idea of paying for something twice.

As for cutting spam to you email account, simply contact your ISP and
have them change your user name to a sequence of random characters
(for instance, 2sa85g). This will change your main email address and
all spam sent to your old one will bounce. Then, start a spam dump
account and only use that one when you have to provide an email
address to businesses or people that you don't trust to use common
sense (i.e. people who forward chain letters.)
I recently did this and my spam dropped to about 1 a month.
 
Back
Top