Text 192, 126 rader
Skriven 2005-01-26 09:19:49 av Gerald Miller (1:342/512)
    Kommentar till text 149 av Frank Vest (1:124/6308.1)
Ärende: Fighting Spam
=====================
Hello Frank,

    Responding to a post in the INTERNET area:
    On Tuesday December 21 2004 at 03:12,
    Frank Vest [1:124/6308.1] wrote to Gerald Miller,
    about: Fighting Spam

I don't remember if I replied to this message or not....

 GM>>>> I think a better solution would be to choose a more obscure email
 GM>>>> address and then notify everyone of the address change.  Any
 GM>>>> opinions?
 FV>> I use Netscape's filter in conjunction with sbcglobal's (my ISP)
 FV>> filter. I used to try to report the spam, but most seem to not
 FV>> care... or they tell me the spam is not from them and to report
 FV>> it to the proper place... without telling me where the "proper
 FV>> place" is. :(
 GM>> I don't use Netscape (per se) as my web browser -- I use a
 GM>> derivative, Mozilla (on WinXPP) and Mozilla Firefox (on W98SE)
 GM>> and I NEVER use them to get my email.  I also won't use Outlook
 GM>> Express or other MSN products...
 FV> I have Firefox on my system here. Not bad, but no e-mail support. I
 FV> assume you use a web interface to get e-mail?

I think you will need Mozilla / Thunderbird for the e-mail.  I'm using
Mozilla (with the Quick Launch feature) on my XPP box and it shows a
"E-Mail & Newsgroup" launch menu -- I don't use it.

 GM>> Now, in regards to where the "proper place" is...  (someone
 GM>> please correct me if my presumptions are wrong) In the header of
 GM>> every email, is the address of every ISP that "handled" (routed)
 GM>> the email before it reaches you.  There is software available
 GM>> that will parse the header and reveal the originating ISP from
 GM>> where the spammer initiated his/her junk. (this doesn't always
 GM>> work because some of the "smarter" ones are quite ingenious in
 GM>> their methodology.)
 FV> You've stated the problem. "this doesn't always work....". :(

I read a news article that the FBI has a web site and they are actively
pursuing Spammers and their ISPs -- it may be worth looking into; maybe
your info will prove to be useful for them.

 GM>> Once you have that information, you can take action.
 FV> If that information is correct. Otherwise, one may/will get a reply
 FV> from the ISP that one makes the report to informing that they are not
 FV> the ISP of that person. Sadly, as I said, they do not give much help
 FV> with who the correct ISP is.... even if they know.

I'm currently reading "TCP/IP for Dummies" (yup, that would be me <g>) and
it has a section devoted to IPv6 -- "The Next Generation of IP addressing".
I did a search for ipv6 on my WinXPP box and it's in my C:\Windows\System32
folder.  There are also 8,300,000 results when I do a Google for IPv6...
It is my understanding that when IPv6 is implemented, it will make it much
easier to track the spammers (and it will be extremely difficult for them
to falsify their originating e-mail address).

I'm going to investigate IPv6 MUCH more thoroughly!

 GM>> The other approach would be to send a report to any of the DNSBL
 GM>> (Dynamic Name Server Black List) organizations and request that
 GM>> the offending ISP be added to their list.  There are many such
 GM>> organizations available -- just Google for DNSBL...
 FV> Being a Sysop, and having an e-mail server running, I find this to be
 FV> a two edged sword. I have found that I suddenly could no longer send
 FV> or receive e-mail and discovered that my domain had been added to some
 FV> DNS black list. My logs show no mass e-mail or other spam leaving my
 FV> site and I do not allow relays. There is no reason for my domain to be
 FV> blocked. I then have the option of either requesting that my domain be
 FV> removed and dealing with the hassle involved in that, or not using
 FV> that DNS blacklist server. I usually choose the latter, even though it
 FV> means more spam gets through. Of course, that only allows e-mail to
 FV> come into my system. Other server that use that particular dns
 FV> blacklist can not receive from me. Sometimes this is a major ISP. :(

I am also a sysop, but my Fidonet system is totally isolated from any
Windows and, I don't run a BBS, but I can sympathize with your problems.
Is your e-mail server running in a Demilitarized Zone?

 FV> Fortunately, my software has the ability to block domains that I enter
 FV> (built in blacklist), so I do not have to use the blacklist servers as
 FV> much.

My MailWasher Pro will permit me to block domains as well, but I ususally
opt to blacklist a particular email address for thirty days because some of
my friends send e-mail from addresses within those domains....

 GM>> Some governments (your own, for example) are slowly enacting
 GM>> legislation to deal with spammers (and, hopefully, their ISPs).
 GM>> A recent case melted out a seven year prison sentence to a cretin
 GM>> for his bulk email spam...
 FV> Hard thing is, with the amount of e-mail server software available and
 FV> some built into applications without the user knowing, it is easy for
 FV> someone to simply install a program and then discover that the hidden
 FV> server has been compromised by some spammer and a law suit served. The
 FV> spammer walks and the unsuspecting software user pays. :(

Find out which ports are open (that you're not using) and lock them.  After
reading the "Dummies" book, I had a better understanding of the ports and I
revamped a lot of settings in the hope of preventing such compromises.  I'm
not saying that I locked all the ports, but at least I'm doing as much as I
can to make my system "bulletproof"....

 FV> Yes, I know that it is the user that should know their software... but
 FV> that doesn't/isn't gonna happen when/while the OS makes the software
 FV> "user stupid".

There may be a lot of companies that market "user stupid" OS software, but
I'm really disappointed that the most popular OS software is being produced
by "stupid programmers"...  No need to mention names here, but it is a well
known fact that this company has the major (global) market share!

 GM>> There may be some hope, but it will be slow in coming.
 FV> As you note, the "bottom line" is where things begin. Until the bank
 FV> account is hit hard enough, little action takes place on anything
 FV> (generally speaking).

Proceeds of crime?

If spamming is a criminal offense, then any income derived through such
should be seized!

           Cheers ... Gerald

... Then God separated light from dark, and did two loads of laundry.
--- GoldED+/DPMI32 v1.1.5-040330 [msg of January 26, 2005]
 * Origin: Attention: WIN95 interroGATES your HDD! (1:342/512)