-----BEGIN PGP SIGNED MESSAGE----- I've got a question for y'all. Some idiot finally sent me a junk e-mail message that I couldn't do anything about with what I have the knowledge to do -- reading the headers turned up only one ISP, which was apparently owned by the spammer. I'm hoping you guys would know where I could find out more about this individual -- I'm hoping that he does in fact buy his service from someone else, and if so, I'm not sure how to find that out. If he doesn't, is there anything I can do? -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0 for non-commercial use <http://www.pgp.com> Charset: noconv iQEVAwUBNLenyABMw4+NR29ZAQHvrgf+NnvFR55ExZrzp2m/XDT5MisT2rem4Hct /okK9HV/DkZJzCsklbqjOrJkEHg96txCPyQ+DKBWatP5ywoaw4O47Tn8udiuDNwI 7DGiFcbYtG5fFHKYzDxM3KWtXbIDn1bliFF80xSoYzYdJKqxCkYPtuaDjasr1EIG iYC9Sm+BQoeFb2n0ptxwB8PsK7Pi5nlf5DCXsIMGrQmcm6GqhgkzC3aNPqNucka4 lyY0YjLnx9WC2JDRrg0Xji1zffC5MiZJrf/1ne9HXylEubWXHh49UdCeAXwyzmDS 5vW7FY2XeQL2OcPOKRVU26eiqnyCxxkx/tLi3yq4yRDt/MfIDHBOuQ== =5oGu -----END PGP SIGNATURE-----
I've got a question for y'all.
Some idiot finally sent me a junk e-mail message that I couldn't do anything about with what I have the knowledge to do -- reading the headers turned up only one ISP, which was apparently owned by the spammer.
Well, if it's used only for spam, get it on some block lists.
I'm hoping you guys would know where I could find out more about this individual -- I'm hoping that he does in fact buy his service from someone else, and if so, I'm not sure how to find that out.
Well, it's pretty easy to harass or otherwise push someone off of the Net (I guess that's why we've got Eternity servers and anonymous remailers)...do a traceroute and an Internic whois. This will reveal his/her/its/their upstream provider (a hop or two before the end of the traceroute or as a contact on the whois results), among other things.
If he doesn't, is there anything I can do?
Well, although I don't think this would be warranted for anything short of an emergency, you could try a more direct DoS attack by hacking, death threats, or DoS Politics, or you could try to get more powerful entities than yourself pissed off at the spammer. Like I said, though, I don't think it's wise to start a Scientology-esque netwar whenever an ISP turns you a deaf ear. Can't imagine being a remailer operator trying to defend against all this, though... --------------------------------------------------------------------------- Randall Farmer rfarmer@hiwaay.net http://hiwaay.net/~rfarmer
On Sat, 10 Jan 1998 12:43:34 -0400 The Sheriff <sheriff@speakeasy.org> writes:
Some idiot finally sent me a junk e-mail message that I couldn't do anything about with what I have the knowledge to do -- reading the headers turned up only one ISP, which was apparently owned by the spammer.
It happens.
I'm hoping you guys would know where I could find out more about this individual -- I'm hoping that he does in fact buy his service from someone else, and if so, I'm not sure how to find that out. If he doesn't, is there anything I can do? ^^^^^^^^^^^^^^^^^^^^^^^^^
Yeah, there is. Delete the friggin e-mail like a sensible person. I get a lot of spam every day, but I just delete it and go on with my life.
At 04:02 PM 1/11/98 -0400, The Sheriff wrote:
My interest isn't simply in getting rid of the spam. "Empty Trash" is a pretty simple concept on Eudora. What I want to do is fight the flow -- and while there may be as many as 10 spammers per ISP out there, every spam I do something about is one less server that accepts messages for routing that don't come from one of their accounts.
There's some interesting technical work being done at maps.vix.com, by Paul Vixie and friends. They've got a Realtime Blackhole List server which kills any email coming from any site they know that permits third-party smtp relays. They're a bit on the aggressive side (their current implementation doesn't provide a convenient local override list, so if you install their system in your sendmail.cf, you lose email from anybody they block until _they_ decide the site has rehabilitated itself.) I learned about them the hard way (they blackhole ix.netcom.com, so my mail to the pgp-users list now gets rejected. Sigh.) Their web page says they'd rather throw out a few extra babies to get rid of all this excess bathwater. After all, they're not just killing spam, they're killing all mail you receive from any system that's easy to spam through, whether it's spam or not. Getting rid of third-party relays is a good start, and you don't need to get rid of _all_ of them to make spamming much harder; if you convince most of the big internet services to turn them off, you force the spammers to go searching for relays, which is not only more work, but if there are a number of trap systems waiting for them they may get caught. Losing third-party relay is rather a shame - the Internet used to be a cooperative system where everybody tried to get mail through, and avoiding third-party relay is more complex if your users have lots of different domain names (e.g. www.foo.com hosted at bigisp.net). It also pushes the net more in the direction of all mail needing to have True Names, which is a Bad Thing, and decreases robustness of the overall system. Personally, I've found it more trouble now that my employer doesn't do third-party relay, since I need different configurations for Eudora and Netscape Mail depending on whether my laptop is on the LAN at work or dialed into my ISP from home (Win95 IP appears to be too dumb to let me configure a hosts file that points "mailhost" to the appropriate IP address, and Netscape seems to keep all its options in the Registry rather than accepting command-line options like Eudora does.) Another approach to reducing spam is of course to keep contacting ISPs to kill off bad users, and to get ISPs to refuse spamhauses as customers. Thanks! Bill Bill Stewart, bill.stewart@pobox.com PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
-----BEGIN PGP SIGNED MESSAGE-----
I'm hoping you guys would know where I could find out more about this individual -- I'm hoping that he does in fact buy his service from someone else, and if so, I'm not sure how to find that out. If he doesn't, is there anything I can do? ^^^^^^^^^^^^^^^^^^^^^^^^^
Yeah, there is.
Delete the friggin e-mail like a sensible person.
I get a lot of spam every day, but I just delete it and go on with my life.
Look, I realize I was probably asking a stupid question, but you don't have to be quick with me. I figured that there were some things that I could do that I simply didn't know about, beyond the simplicity of returning the spam the postmaster, root, and abuse account of the last ISP the spam was routed through. My interest isn't simply in getting rid of the spam. "Empty Trash" is a pretty simple concept on Eudora. What I want to do is fight the flow -- and while there may be as many as 10 spammers per ISP out there, every spam I do something about is one less server that accepts messages for routing that don't come from one of their accounts. If that doesn't make sense to you, don't bother answering the e-mail next time, eh? Best wishes and fresh-roasted peanut taste, The Sheriff. -- ***<REPLY TO: sheriff@speakeasy.org>*** - --- As kinky as it sounds, finger me to see my PGP key and confirm the signature attached to this message. Either that, or head for pgp.ai.mit.edu on the WWW and search for my e-mail address. - --- Any and all SPAM will be met with immediate prosecutory efforts. Solicitations are NOT welcome here! - --- ----BEGIN INFLAMATORY BLOCK---- Version: 160 (IQ) Comments: Definitely one of their greatest misses. Reporter: "Do you know what Public Enemy is?" - --- Citizen: "Public enemy?" [long pause] "Probably somebody in office." -----END INFLAMATORY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0 for non-commercial use <http://www.pgp.com> Charset: noconv iQEVAwUBNLqJ2ABMw4+NR29ZAQG0YAf/ZJ0mbwUKZYJH9f6MHxjVUcGmr4C0GLNB v0CaGBYx51vZhUxbpS8DQUzJLB/wOY1B+8XSgBH0j6TxOyUqygn4Nmiju4cKE6Tm 1T95PM0rWxvHNUT91PDgy6Lxb+8r54w6jj1HhjpNwJScNJwF4+qB1+TuZDZAW0+e bmOSlq3w57GuO9+z1l87AVbS1ulu8UlileQDW6gZBdYWflvappFXfkUdde/N+j6r CMVUR7gkF4WVBWGJuce1GMpy1KnQWCdU9nswNDps0/R7CeicxhpFe98qAGVdCuiw jUX9blcjA708xMHwfY4saJ3PDpzY/efQ3W7LDYfsjhXcg/Cc3klhKA== =VRUN -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Losing third-party relay is rather a shame - the Internet used to be a cooperative system where everybody tried to get mail through, and avoiding third-party relay is more complex if your users have lots of different domain names (e.g. www.foo.com hosted at bigisp.net). It also pushes the net more in the direction of all mail needing to have True Names, which is a Bad Thing, and decreases robustness of the overall system.
[snip]
Another approach to reducing spam is of course to keep contacting ISPs to kill off bad users, and to get ISPs to refuse spamhauses as customers.
I do see the validity of your argument, and I do agree about forcing everybody to have a "True Name" to not necessarily be a good thing. Then again, a few years ago the marketing industry (if it may be called that) had no idea the "wealth" they could produce by using the Internet for relatively cheap advertising. I love Eudora for a very simple reason: the simplicity of the filters offered in even the free version. While the simplicity also bars complex filters that take care of a bunch of e-mail in one pop, it does allow for layering. I have various levels in my filtering system: content- based, like filtering for PGP messages, stupid crap from Vulis or threads I don't feel like following. Next comes the To: filters -- I've got a number of different e-mail boxes, each with its own purpose. If I get mail auto-forwarded from any of my secondary accounts, it falls through these filters and is dropped into the correct folders. After that come the sender-based filters. If there is mail for me from an anonymous source that is not addressed to me, and doesn't contain content that interests me, it's dropped into the trash. Then all the mail from persistant spam domains that I allready know about gets thrown in the trash. If any mail comes FROM a mailing list, instead of being sent TO a mailing list, it's the next to go. After all that, I filter the To: line for all my mailing lists, and each bit of mail is sent into the correct folder as above. After all that rot, if the mail in question doesn't contain my address in the To: or Cc: lines (except recipient list repressed mail, which is sometimes interesting), it too is dropped into my *SPAM folder and the subject is changed accordingly, which then wraps up 99% of all the spam that I receive, and I forward the headers to the appropriate ISPs. There is a "simple" solution to this, and it isn't government legislation. If spammers want to be smart about it and AVOID legislation by power-hungry politicians, all they have to do is subscribe to spam ISPs that are set up for the express purpose of spamming. It doesn't matter how many of them are out there, really, or what mailing lists are abused: those who are receptive to spam will respond, and those of us who hate spam can set up blacklists that detail all the spam ISPs that we encounter, and circulate those lists. It then becomes insanely easy to receive no more than ONE message from each spam ISP (they could create a new domain tag, .spm), and everybody's happy. If the spammers would be smart enough to put the effort into creating such a network, much as we have, for discussing issues that matter to us, then they would be in a lot less trouble, and fewer people would be calling for their heads. Or am I wrong? :) Best wishes and fresh-roasted peanut taste, The Sheriff. -- ***<REPLY TO: sheriff@speakeasy.org>*** - --- As kinky as it sounds, finger me to see my PGP key and confirm the signature attached to this message. Either that, or head for pgp.ai.mit.edu on the WWW and search for my e-mail address. - --- Any and all SPAM will be met with immediate prosecutory efforts. Solicitations are NOT welcome here! - --- ----BEGIN INFLAMATORY BLOCK---- Version: 160 (IQ) Comments: Definitely one of their greatest misses. Reporter: "Do you know what Public Enemy is?" - --- Citizen: "Public enemy?" [long pause] "Probably somebody in office." -----END INFLAMATORY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0 for non-commercial use <http://www.pgp.com> Charset: noconv iQEVAwUBNLyC+gBMw4+NR29ZAQGhowf/f35tihuAl6b+IH8FD7P4dGQR9+t1JKwq rt7CT7eYrJ7ZJ2KO/YZlmufVmaeVGac0eN4MkrjHj8TIvAMKtxegWnmd0GLmp+cI QUwuVGKN2Fab6sxvQjwKaLDPjgQFSBiOS6Rsm8jnSstPbtD/dmgcEf2+svW+edXH oivyKeSF0VcdCcYPDX/+sRiKKbB8ZdMimAqNuIEboGQjOIMLVkwnWsxKQH+XIw3/ fdBOAEPLNj0Tz6R2v3W2XLgewZsmJpjELoZl7ZYYNpdm5h6h80JdXCoC6vOSDsEu ATwsvvRQw0wcKvgB0fsBhpO9u0KdHk0NYuPr2i/Z9oxoMbo8h7hoZQ== =OfnS -----END PGP SIGNATURE-----
Another approach to reducing spam is of course to keep contacting ISPs to kill off bad users, and to get ISPs to refuse spamhauses as customers.
<snip>
I love Eudora for a very simple reason: the simplicity of the filters offered in even the free version.
On the note of filters: Why are Netscape Communicator's filters nonworking? I couldn't get them to work, *ever*.
participants (4)
-
Bill Stewart -
lord_buttmonkey@juno.com -
The Sheriff -
Uhh...this is Joe [Randall Farmer]