one big petri dish (jnfr) Wed 2 Feb 05 11:19
I don't use system filtering where it's offered. I use my own pre-filtering program before I download my mail. One thing it will do if I ask it to is send bounce messages to every spam source. Since I've started doing that my spam has dropped to a quarter of what it was.
Brian McWilliams (bmcwilliams) Wed 2 Feb 05 13:54
jnfr, since spammers usually forge the "from" and "reply-to" lines in spam, don't you run the risk of hurting an innocent third party when you "bounce" messages back to the (apparent) source?
Brian McWilliams (bmcwilliams) Wed 2 Feb 05 13:59
Betsy wrote: >Many sites apply spam filtering to all user email without user >control, and the result is that email is becoming less reliable, as >valid email disappears into "black holes". No kidding. I did some testing last month and found that Hotmail will delete email if it contains certain "spammy" keywords in the subject line. I don't mean Hotmail files it into the spam folder. The service simply doesn't deliver it. I believe the subject line I used was something like "viagra oxycontin sex lolitas stock alert teens penis." Message body simply had the word "test."
Dan Mitchell (mitchell) Wed 2 Feb 05 14:35
I'm set up really well: spamassassin on the Well, then Speakeasy's filter, then Eudora's. Maybe 5-10 spams a day make their way to my machine, and more than half of those go into Eudora's spambox.
The Phantom of the Arts Center (tinymonster) Wed 2 Feb 05 14:48
<I believe the subject line I used was something like "viagra oxycontin sex lolitas stock alert teens penis."> I can't wait to see who takes that as a pseud first.
viagra oxycontin sex lolitas stock alert teens penis (rosmar) Wed 2 Feb 05 15:42
Why do I so often need someone else to point out good pseud possibilities? Thanks.
one big petri dish (jnfr) Wed 2 Feb 05 16:40
I'm sure a bounce message will hit real people some significant portion of the time, and I'm sure those poor folks are getting lots of bounce messages, along with a ton of complaints. I feel for them, but I still bounce, because as I said it's cut my spam enormously.
Betsy Schwartz (betsys) Wed 2 Feb 05 19:07
Instead of bouncing, most sites just drop on the floor these days, because if you bounce a mail containing a virus, you're propagating the virus. And also, if some innocent person gets his or her name used, they can get *flooded* with email (often called a "joe job") I hate just dropping email, because it breaks the RFC's, but I do it.
Brian McWilliams (bmcwilliams) Thu 3 Feb 05 12:45
Speaking of joe-jobs, Hawke and other spammers in Spam Kings often put random return addresses on their spam messages. I heard from a couple victims who were absolutely steamed about having to handle all the bounces, complaints, etc. generated by the spams. One guy was going to try to sue Hawke over it ... I don't know whether he had any success. Then there are the victims of "dictionary" and "brute force" spam attacks. In chapter 5, I tell the story of Karen Hoffmann, a web designer who received over 100,000 spams over the course of two days. Her ISP had to disconnect its mail server from the Internet. Apparently some spammer's software had gone berserk trying to pepper her domain with possible valid addresses. Guinness Book material?
Gail Williams (gail) Thu 3 Feb 05 12:48
The Guinness Book of Spam Records. The mind boggles.
Cynthia Dyer-Bennet (cdb) Thu 3 Feb 05 13:02
(NOTE: Offsite readers who have comments or questions can send email to firstname.lastname@example.org and we'll add 'em to this discussion. Please be sure to note "Brian McWilliams discussion" in the subject line. Thanks!) Brian, I'm intrigued by the names spammers create for their "from" lines. Names like "Digression G. Saltiest" and "Guadalupe Butts" and "Socorro Quintero" and "Sequencer J. Stomached." The names are obviously sooooooooooooo phony that I can't imagine anybody thinking they're legitimate, yet it seems to be a technique that's becoming more and more popular. What's the point of these bizarre names?
Dan Mitchell (mitchell) Thu 3 Feb 05 14:08
I think you answered your own question: >I'm intrigued by the names Not that you fell for it, but drawing attention is the goal.
Brian McWilliams (bmcwilliams) Thu 3 Feb 05 14:25
Cynthia, often those strange names in the "from" line are hard-coded into the spam software by developers, not chosen by the spammers themselves. Like Dan says, it seems to me a way to intrique recipients. Which brings up a kind of sad point. Many bright minds are being drawn into the software side of the spam business -- especially on the spam filtering side. I attended the recent spam conference at MIT and was amazed at the brain power being focused on beating spam. Seems like such a waste. (Yet I'm glad they're on the job.)
Betsy Schwartz (betsys) Thu 3 Feb 05 16:34
I watched last year's SPAM conference and remember hearing one of the participants say something like that:when you were studying so hard to get your degree did you think you'd be using it to fight penis pills? Something like that. The SPAM Conference is available on the web at http://spamconference.org Usually makes fine watching
Brian McWilliams (bmcwilliams) Thu 3 Feb 05 19:19
Yes, if you tune into the beginning of session three, you can watch me muddle through my presentation about Spam Kings and the Achilles heel in spam filtering: the spam folder. http://spamconference.org/webcast2005.html I discussed the results of some unscientific research I recently did, which showed that many people click links in spam messages even after they've been filtered into their spam folders. To me, this means that (some) spammers can survive even if spam filters are 100% effective and in universal use.
Betsy Schwartz (betsys) Fri 4 Feb 05 04:09
For spammers to truly survive, it has to be profitable. This is one reason I was rocked a bit to hear that some spammers are shipping so much product, because that probably makes it so much harder to prosecute them. Do you think there's anything to be gained by addressing this from the credit card company side? It should be harder for a credit card scammer to charge money to a card, I think.
Betsy Schwartz (betsys) Fri 4 Feb 05 04:16
I also want to comment some more on the book, and on Shiksaa. I do a lot of enduser support and training, and I'm deeply interested in how people learn about computers (and how women in particular navigate the technical scphere) so I was particularly struck by how *fast* Shiksaa seemed to go from being an AOL end user, the naivest of the naive, to a member of an elite group. This is very unusual. As you point out, even her name was against her, having an AOL address, and "newbies" tend to get flamed out of technical groups. Was this a case of a person discovering an inner gift, or did she get particularly good help, or what? You narrate the path she took but I'd like to hear more about successfully got past the inevitable obstacles. Also, one thing that particularly struck me about the book was the absence of lengthy semi-technical digressions. SO many books feel obligated to *explain* everything about the Internet, and drop into side tours that really should be set in the margins in little boxes. Inevitably, these are too annoyingly vague for people who understand the technology, but not enough for the non-technical to grasp. The DNS tree in 250 words or less! TCP/IP in half a page! I thought you did a particularly nice job of mentioning what the technology *was*, without getting sucked away from the story.
Brian McWilliams (bmcwilliams) Fri 4 Feb 05 07:18
Betsy asked: >Do you think there's anything to be gained by addressing this from >the credit card company side? Possibly. As I chronicle in the book, getting a credit card merchant account with a high limit is essential to spam success. At one point in late 2002, Hawke's partner, Brad Bournival, was only able to spam for a couple weeks each month because he so quickly reached the maximum number of transactions allowed on his merchant accounts. He and Hawke had a major breakthrough a few months later, when they lined up a shady deal for an unlimited merchant account. If merchant account issuers had a no-spam policy and enforced it, they could dry up a lot of spam very quickly.
Brian McWilliams (bmcwilliams) Fri 4 Feb 05 07:32
>I thought you did a particularly nice job of mentioning what the >technology *was*, without getting sucked away from the story. Betsy, thanks. Regarding your question about how Shiksaa, the AOL newbie, became an anti-spam goddess: >Was this a case of a person discovering an inner gift, or did she get >particularly good help, or what? You narrate the path she took but >I'd like to hear more about successfully got past the inevitable >obstacles. I think Shiksaa picked up on her own a few technical tricks that reliably enabled her to gather dirt on spammers. (E.g., their tendency to leave ftp logs lying around and allow their directories to be listed.) She also told me she got some good guidance along the way from techies who took her under their wing. But Shiksaa also became a master of non-technical sleuthing. She discovered lots of good online resources for looking up corporate registrations, legal documents, etc. She also had an excellent memory, and could keep track of the myriad aliases and m.o.'s of the various spammers. Plus, she just spent a lot of time talking to spammers online. They sometimes gave her dirt on their competition or enemies. Bottom line, she had a strong drive to be good at anti-spamming, and desire can overcome a lot of obstacles.
Rafe Colburn (rafeco) Fri 4 Feb 05 09:14
I think that fighting spam is such a compelling problem for techies because it appeals to the programmer's sense of laziness, as defined by Larry Wall: Laziness The quality that makes you go to great effort to reduce overall energy expenditure. It makes you write labor-saving programs that other people will find useful, and document what you wrote so you don't have to answer so many questions about it. Hence, the first great virtue of a programmer, Also hence, this book. See also impatience and hubris. (p.609) I think people look at the time and effort that is spent deleting spam one by one and think, if I could write a filter that would save me this effort, in the end it would save me time. Sifting through your email to get rid of garbage is a boring repetitive task, exactly the kind of task that programmers love to automate.
Brian McWilliams (bmcwilliams) Fri 4 Feb 05 11:06
>I think that fighting spam is such a compelling problem for techies >because it appeals to the programmer's sense of laziness Rafe, really interesting point. Too bad that programmer laziness is a double-edged sword. Some techies are being enticed to join the spam trade (as spamware developers, sysadmins for spam kings, virus writers, and as spam kings themselves) out of laziness -- or at least the desire to make a quick buck!
David Adam Edelstein (davadam) Sun 6 Feb 05 16:04
Clearly we need to make it more entertaining to fight spam (or work for a legit company) than it is to write spamware! One thing that I've noticed in the media is that most of the discussion of spam is largely US-centric. What's the spam situation in the rest of the world? How much spam do they get in other countries? I suppose the corollary to that is to ask about spammers working outside the country -- how much of our spam in the US comes from offshore operations, or from spammers in the US using offshore server farms?
Berliner (captward) Mon 7 Feb 05 03:08
Back when I was with Compuserve, I had an ID number they gave to non-US accounts. When spam really started up, I got tons in Cyrillic, often with pictures. There was lots of perfume (presumably counterfeit), quite a few odd machines (no idea what they were: I don't read Russian), and lots and lots of learn-English offers. One of my current accounts is with GMX, which has a crappy spam filter, and most of the spam is in English, the usual penis/Rolex/dope spam. There are, however, cyber-hookers operating in German, with a "I'm a 27-year-old student studying to be a beautician, and I just want a man to call my own" pitch. I assume these are Russians in Germany working their girls.
Brian McWilliams (bmcwilliams) Mon 7 Feb 05 06:56
>One thing that I've noticed in the media is that most of the >discussion of spam is largely US-centric. What's the spam situation >in the rest of the world? How much spam do they get in other >countries? David, I don't have stats handy. But USA users may get a disproportionate amount of spam for a couple reasons. For example, until recently, AOL.com was the most frequently targeted spam domain -- in part because America Online users were seen by many spammers as receptive to spam. Spammers also like to launch "dictionary" and "brute force" attacks against large Internet providers, and the USA has some of the biggest targets. Finally, spammers are less likely to harvest off the Internet and compile lists of email addresses that end in anything other than dot-com and dot-net. When spammers sell each other so-called "general Internet" email lists, they're usually free of country domains such as dot-tw or dot-jp. >how much of our spam in the US comes from >offshore operations, or from spammers in the US using offshore server >farms? According to Spamhaus.org, six of the top 10 spammers in the world right now are based in the USA. (Russia, Ukraine, and Brazil have the other four spots.) But what's most shocking, I think, is that most of the spam we receive is coming from USA Internet addresses. The USA has over three times as many addresses on the Spamhaus Block List as the #2 country, China. And USA-based MCI is the #1 provider worldwide of services to spammers. http://www.spamhaus.org/statistics.lasso
Brian McWilliams (bmcwilliams) Mon 7 Feb 05 07:14
>One of my current accounts is with GMX, which has a crappy spam >filter, and most of the spam is in English, the usual >penis/Rolex/dope spam. There are, however, cyber-hookers operating in >German, with a "I'm a 27-year-old student studying to be a >beautician, and I just want a man to call my own" pitch. I assume >these are Russians in Germany working their girls. Interesting anecdotes, Berliner. Sounds like some kind of (rare) attempt at target marketing by spammers. I think many of the Nigerian (aka 419 or Advance Fee Fraud) spammers also practice some amount of geographical targeting as well. But on the whole, the economics of sending email make it expedient just to send your spams far and wide rather than hone them for a specific audience. I can't believe the amount of spam I receive that's written in Chinese or other character sets that my computer doesn't have. And I'm pretty sure there are lots of women receiving those "Have you ever wanted to impress your girl with a huge cumshot?" spams that recently cropped up. :(
Members: Enter the conference to participate