Nice link Aki,

Good reading on there too. They have some very good points.


http://www.iuni.com/...tware/web/index.html
Links Plugins

Oh yes....That is one of the services that list people that are not spammers and require the non spammers to make all kinds of changes to their email system before they will take them off thier list.

I have had to get off thier list before because I had a hole in my email server (a long time back) and they were really uncool to deal with. Trust me that you don't want to be innocent and listed in their system. They will make you feel VERY guilty before it is all said and done.

I can imagine that would be a headache to try and determine who is really guilty and who isn't. I would think there are many email addresses in there that aren't really spammers.

Sean

That is why the system has to be based on the domains that benefit from the spam. Block them and you block the revenue stream. Block the revenue stream and you block the spammer from even existing. No money-no spam.

I agree, but then there are the pure idiots who just do it for fun.


http://www.iuni.com/...tware/web/index.html
Links Plugins

Here is a perfect example: Who would get listed in this email below?

EDIT: I know this address to be on mailing lists sold, leased and shared throughout the world. The funny part is that it is not a real address.

---

SMTP <er@industrypages.com>

The original mail envelope addresses are:

User-From: SMTP<andres5252e43@wu-wien.ac.at>

Recipient: [er@industrypages.com]

The message was submitted on Wed, 14 Aug 2002 14:02:26 -0700

by host [200.206.190.46] [200.206.190.46]

Received: from unknown (44.167.164.106) by n9.groups.huyahoo.com with QMQP; 02 May 0102 05:37:13 +0100

Received: from unknown (HELO hd.ressort.net) (178.222.92.54) by asy100.as122.sol-superunderline.com with esmtp; Thu, 02 May 0102 06:34:26 +0800

Received: from [38.191.232.201] by mta21.bigpong.com with smtp; 02 May 0102 14:31:39 -0300

Received: from rly-xw05.oxyeli.com ([201.208.58.241]) by rly-xl04.mx.aolmd.com with SMTP; Thu, 02 May 0102 11:28:52 -0900

Received: from [153.213.197.39] by mx.loxsystems.net with local; Thu, 02 May 0102 02:26:05 +0700

Reply-To: andres5252e43@wu-wien.ac.at

Message-ID: 006b64d43c5c$7524e3c1$7ec36bb1@rrkmgs

---

True...but are you going to let a small percent set the rules or would it be smarter to go after the big players that do it for money?

hmmm, I dont know! 44.167.164.106 perhaps.


http://www.iuni.com/...tware/web/index.html
Links Plugins

153.213.197.39

It is actually a trick question.

All the relays are people that are being USED by spammers and potentially not spammers at all.

Now the email itself has a response in it. Either a PRESS HERE button or a hyperlink of another kind. THe address that BENEFITS from the email is the one I would block. Even if it is GM or United Airlines or Linkshare or any domain. Then THEY would try to find out why they are on the list and then be told that someone in Turkey acting on their behalf through their affiliate program sent SPAM to X address on X day.

They would in turn contact their affiliate and either the spam would stop or they would be dropped from the affiliate program.

Of course this is using the example of an affiliate program being abused and there are so many more ways that these spammers get paid than just affiliate programs.

If it comes from someone that bought a list they will in turn go back to the list provider.

If it came from a person scraping (extracting) email addresses off the web their site would be blocked.

and so on...

Here is another example:

From: youremailaddress.vom

To: youremailaddress.vom

Reply to: youremailaddress.vom

I am sure you have seen these around in your email box. Again the only one that can be held accountable is the site that BENEFITS from the spam.

That sounds pretty reasonable to me. By going after the people who can actually do something about stopping it. I guess you would ban the freemail people like earthlink or hotmail or aol then too?

I think my computer is about to konk again


http://www.iuni.com/...tware/web/index.html
Links Plugins

I guess you would ban the freemail people like earthlink or hotmail or aol then too?

Only if they BENEFIT from the email being sent.

If the spam was "Get your free 2000 hours from AOL today" and the link in the body was to http://www.somesignuppage.aol.com then aol.com would get blocked. If it was to the another site to get the free AOL time then the LANDING site would get banned.

If people shut off open relays we wouldn't even be having this discussion. The spammers are obviously wrong but the fools who allow relaying are just as much to blame.

SO the guy who leaves a hole in his email system that was just found expoitive by hackers is to blame?

Come on man...Stuff moves way to fast on the net to hold some kid in BFE responsible to be on top of every hack attack on his server.

The way to stop it is to cut off the money! Bottom line!

Would you like to start a list to assist EVERY email server owner in keeping up on the pathes needed to keep hackers out of their email server? Not me! I don't have nor would I and every one of my friends have the time to keep that afloat.

>>
SO the guy who leaves a hole in his email system that was just found expoitive by hackers is to blame?

Come on man...Stuff moves way to fast on the net to hold some kid in BFE responsible to be on top of every hack attack on his server.
<<

I said people who allow open relaying.

I agree with you there. The person that leaves their front doors unlocked is partially at fault for letting their house get burgled. Education is probably more important in this case.

But the poop can keep going uphill too, it's the also responsiblity of whoever created the default configuration to ensure that the end users know how to close off the relay.

Though, I don't think it's unreasonable that people who let other's freely relay be blocked until their servers are fixed. It's much like trusting a compromised box.

So how would you know who did allow it and who didn't even know about it?

Get my point?

How are you defining "freely" and who would establish the fact?



Better to cut off the resources then to shut down a domain that may or may not know they are being hacked.



Things are going to get harder and harder to detect when it comes to hacks. I have lots of devices and software in place to protect mine. But I still only feel as safe as my last log file review. And I am on top of it.

Money is the root. Follow the money!

Easy enough to check if a relay is open, telnet to the port and send yourself an email.

It's a bit of a blunt weapon to use, but sometimes it's necessary:

http://news.com.com/...3-235632.html?tag=rn
http://www.internetnews.com/...article.php/8_281191

Nothing the black list admin can do really about hacks, aside from informing the admin, but if you've been hacked open mail relays are the least of your problems. You can become the jump point for an attack on another system. Once informed the hacked system's admin is obliged to fix their server.

It's totally true though that to get rid of spam you have to go after the people that seek to profit from it. Either by money or by wackiness. The measures I'm talking about just make sure people at least try keep their seatbelts buckled.

I think there should be some way to send original untouched headers with emails, I really hate the way headers can be forged so easily.

This thread along with pending legislation (reducing freedoms of the web) make me compelled to do this project.

I really appreciate everybodys opinions and points of interest. They are priceless.

Anything which helps reduce spam is priceless!


http://www.iuni.com/...tware/web/index.html
Links Plugins

Have you heard any number figures if spam is actually profitable? Most of the stuff I see, nobody I know would even bother replying to them (maybe except for this guy: http://thespamletters.com/)

It is maily profitable to the spammers and not the advertisers.