Home |
Search |
Today's Posts |
#76
|
|||
|
|||
OT. new antispam laws in the US
Following up to Bob Hobden
Any control must be better than now, we get about 100 spam's per day. Do not disclose your email on usenet[1]. Encrypt your email on webpages.[2] Then start with a new email with a reputable ISP and you should only get a few. 1] If you want the code I can post it. 2] Use a dustbin email address here, this stops mail bouncing back to maliciously forged innocent addresses and haves the junk flying about. Some news services like Uni. Berlin insist on a valid address for this reason. -- Mike Reid "Art is the lie that reveals the truth" P.Picasso Walking-food-photos, Wasdale, Thames, London etc "http://www.fellwalk.co.uk" -- you can email us@ this site and same for Spain at "http://www.fell-walker.co.uk" -- dontuse@ all, it's a spamtrap |
#77
|
|||
|
|||
OT. new antispam laws in the US
On Mon, 1 Dec 2003 08:56:44 -0000, "Martin Sykes"
wrote: I recently got some spam where the forged return address was myself so it kept getting bounced round until I spotted it. I found it quite amusing at the time... LOL I have had the same, but I don't bounce mail. -- Martin |
#78
|
|||
|
|||
OT. new antispam laws in the US
On Mon, 01 Dec 2003 12:14:05 +0000, Reid
wrote: Some news services like Uni. Berlin insist on a valid address for this reason. They will also accept which has a valid format, but is certainly not my e-mail address. -- Martin |
#79
|
|||
|
|||
OT. new antispam laws in the US
In message , martin
writes On Sun, 30 Nov 2003 16:43:35 +0000, Jane Ransom wrote: In article , martin writes (4) some innocent victim of her bounces will formally complain to her ISP about her spamming, eventually. How will they distinguish between a bounce and an invalid address used initially by the spammer? They will see the spam coming from you, not the original sender. Depends on how the bouncing is done. Anything I bounce goes back to the address in the return path complete with all the spammers forged headers. It is then up to the unfortunate on the receiving end to decode them and complain about the forgery to the spammers ISP or more likely the dumb sysop with the open mail relay (or his ISP). If they also use bouncing, you will get it straight back. Bounces of bounces are prevented by having a null return path to avoid endless loops. I contacted demon recently because of what people were saying on this thread - their advice was . . . . continue bouncing. but then again Demon thinks that spam can't be identified and tagged. All that bouncing does is waste bandwidth and server resources. Somebody in Demon deserves the sack. Bouncing tells the sender (or whoever appears in the return-path) that their mail could not be delivered. Blocked by local policy or no such user. Opinion in Demon and amongst Demon users is divided on the usefulness of bouncing. It isn't ideal, but then neither is simulating a black hole. Bouncing Swen for instance seems much preferable to accepting it and at least alerts the owner of the infected PC to their problem. Regards, -- Martin Brown |
#80
|
|||
|
|||
OT. new antispam laws in the US
Following up to martin
Some news services like Uni. Berlin insist on a valid address for this reason. They will also accept which has a valid format, but is certainly not my e-mail address. the reason I didn't use that is killfiles often work on email address, you could get dumped along with some troll. -- Mike Reid "Art is the lie that reveals the truth" P.Picasso Walking-food-photos, Wasdale, Thames, London etc "http://www.fellwalk.co.uk" -- you can email us@ this site and same for Spain at "http://www.fell-walker.co.uk" -- dontuse@ all, it's a spamtrap |
#81
|
|||
|
|||
OT. new antispam laws in the US
On Mon, 1 Dec 2003 12:44:26 +0000, Martin Brown
wrote: Bouncing Swen for instance seems much preferable to accepting it and at least alerts the owner of the infected PC to their problem. It's hardly likely. Swen does not use the address of the infected PC. The correct action is to ignore and delete it, preferably at server level. -- Martin |
#82
|
|||
|
|||
OT. new antispam laws in the US
In article , Martin Brown
writes Bounces of bounces are prevented by having a null return path to avoid endless loops. I'm glad you sent that post!! We seem to have been put on a porn list at an address which is a mixture of my work id and our demon id. After this thread I was worried about ping pong bounces - but you have set my mind at rest I wish demon had told me the same!!!! -- Jane Ransom in Lancaster. I won't respond to private emails that are on topic for urg but if you need to email me for any other reason, put ransoms at jandg dot demon dot co dot uk where you see |
#83
|
|||
|
|||
OT. new antispam laws in the US
On Mon, 1 Dec 2003 14:46:44 +0000, Jane Ransom
wrote: In article , Martin Brown writes Bounces of bounces are prevented by having a null return path to avoid endless loops. I'm glad you sent that post!! We seem to have been put on a porn list at an address which is a mixture of my work id and our demon id. After this thread I was worried about ping pong bounces - but you have set my mind at rest All you have to do now is to worry about bouncing to the innocent victims of header forgery. I wish demon had told me the same!!!! All we need now is an explanation from the person who suffered from his/her own bounces. I haven't had a worm or a virus since 1999, I did receive several mails from system managers, as far away as Chile, informing me that I was posting Swen viruses. -- Martin |
#84
|
|||
|
|||
OT. new antispam laws in the US
In article , martin
writes All you have to do now is to worry about bouncing to the innocent victims of header forgery. Been there, experienced that, read the book, seen the film . . . . Life is tough in the jungle (((((((( -- Jane Ransom in Lancaster. I won't respond to private emails that are on topic for urg but if you need to email me for any other reason, put ransoms at jandg dot demon dot co dot uk where you see |
#85
|
|||
|
|||
OT. new antispam laws in the US
On Mon, 1 Dec 2003 16:00:41 +0000, Jane Ransom
wrote: In article , martin writes All you have to do now is to worry about bouncing to the innocent victims of header forgery. Been there, experienced that, read the book, seen the film . . . . Life is tough in the jungle (((((((( :-) -- Martin |
#86
|
|||
|
|||
OT. new antispam laws in the US
On Mon, 1 Dec 2003 12:44:26 +0000, Martin Brown wrote:
...Anything I bounce goes back to the address in the return path complete with all the spammers forged headers. It is then up to the unfortunate on the receiving end to decode them and complain about the forgery to the spammers ISP or more likely the dumb sysop with the open mail relay (or his ISP). That kind of "bounce" is worse than useless and merely aggravates the problems caused by spam. Stop it right now. [If I'm repeating myself in what follows, apologies.] There are two distinct types of e-mail bounces: 1. The kind you describe, where the entire message is received by a POP server, then forwarded, either by the server or by an e-mail program under user control, to the address in the "Return-path:" header. This is what's described above. 2. The other kind is where the destination SMTP/POP server refuses to accept a message and returns an error code to the originating SMTP server. This is what you get if you send e-mail to a non-existent address. It sounds like lots of people don't understand how e-mails are sent. They are in three parts, which are transmitted in this order: 1. The "envelope", which says who the message is for. This is normally invisible to the end recipient because it is stripped off by most POP servers. The envelope may also contain the size of the message within and a small amount of other data. 2. The "headers", starting with "Received:" headers, most recent first. Every server that a given e-mail passes through adds a "Received:" header at the front. The headers usually include a "From:", "To:", and "Subject:" headers, among others. Return-path is among these. 3. Finally, separated by a blank line from the headers, the body of the message. Items 2 and 3 constitute the "message". The key thing to understand is that the headers (item 2) may have nothing to do with anything; they can all be complete forgeries with the solitary exception of the most recent (first in line) Received: header. If I send someone an e-mail and BCC (blind carbon copy) it to someone else, the primary recipient cannot tell that a copy went to the BCC recipient. Also, the headers in the BCC copy will show the primary recipient in the To: header. The only place the BCC recipient's e-mail address is shown is in the envelope. Spammers usually (I was going to write invariably) forge the headers. It takes considerable skill and experience to reliably sort out the truth from all the lies. In particular, From: and Return-path: are very likely forged; the spammer really does not care what happens to a message once it is fired off into the ether. While we wait for effective anti-spam legislation to be brought in, the only bounces that do any good are those based on the envelopes. But I have yet to hear of anti-spam software that operates on the fly as a message trickles in. It is conceptually possible to write software that would look at the identity of the transmitting server (itself forge-able) and the target address and block further transmission by emitting an error message. Moreover, when a spam uses an intermediate server, such a bounce will never get back to the spammer. He doesn't care! However, it will reduce the bandwidth spam consumes by allowing the transmitting server not bother with the headers and body. Whether the transmitting server then tries to pass the error message backwards to wherever it received the spam from depends on the server software there. The upshot of this is that anti-spam software that operates after the entire message is received should not bother "bouncing" anything. It's a total waste of time in almost all cases. The best you can expect is to either delete identified spam or mark is as spam so at least the end recipient doesn't have to download it from the pop server. Since the final connection in the chain is often a slow dial-up connection, this can save a lot of connect time, but the spam has already chewed up *internet* bandwidth and done its best to clog the recipient mailbox. But whatever you do, don't "bounce" spam on the basis of the headers. You're merely causing someone else, probably an innocent, trouble. If you want, you can analyze the Received headers and notify sysadmins that either they are harboring a spammer or that they are running an open mail server used as a relay. If you are really a masochist, you can open the spam, access the web pages, and see if you can figure out where your money would go. But remember where the profits are in spamming: not in the businesses that advertise using spam, but in the business of sending spam on behalf of idiots. Sorry for the very long and very off-topic message, but there are evidently considerable misunderstandings about e-mail operation and people are responding to spam in counter-productive ways. -- Rodger Whitlock Victoria, British Columbia, Canada [change "atlantic" to "pacific" and "invalid" to "net" to reply by email] |
#87
|
|||
|
|||
OT. new antispam laws in the US
In message , Rodger Whitlock
writes On Mon, 1 Dec 2003 12:44:26 +0000, Martin Brown wrote: ...Anything I bounce goes back to the address in the return path complete with all the spammers forged headers. It is then up to the unfortunate on the receiving end to decode them and complain about the forgery to the spammers ISP or more likely the dumb sysop with the open mail relay (or his ISP). That kind of "bounce" is worse than useless and merely aggravates the problems caused by spam. Stop it right now. Not likely. [If I'm repeating myself in what follows, apologies.] There are two distinct types of e-mail bounces: 1. The kind you describe, where the entire message is received by a POP server, then forwarded, either by the server or by an e-mail program under user control, to the address in the "Return-path:" header. This is what's described above. No it isn't. Demon provides full SMTP services to end user domains. And their software provides for genuine envelope rejection. 2. The other kind is where the destination SMTP/POP server refuses to accept a message and returns an error code to the originating SMTP server. This is what you get if you send e-mail to a non-existent address. Exactly. And that is what I and many other Demon users do. It sounds like lots of people don't understand how e-mails are sent. Don't be too quick to jump to conclusions. 1. The "envelope", which says who the message is for. This is normally invisible to the end recipient because it is stripped off by most POP servers. The envelope may also contain the size of the message within and a small amount of other data. You are assuming that I use a POP server. I don't. The key thing to understand is that the headers (item 2) may have nothing to do with anything; they can all be complete forgeries Agreed. Although usually there is a small amount of real path hidden somewhere in amongst the dross. It is really only worth beating up on major corporate data centres that have open mail relays. While we wait for effective anti-spam legislation to be brought in, the only bounces that do any good are those based on the envelopes. But I have yet to hear of anti-spam software that operates on the fly as a message trickles in. Turnpike and for that matter the DOS based KA9Q that I used before that both provide envelope based rejection and SMTP. Your faith in the ability of legislators to deal with spam is touching but sadly misplaced. They might drive it offshore but that is all. The upshot of this is that anti-spam software that operates after the entire message is received should not bother "bouncing" anything. It's a total waste of time in almost all cases. I agree entirely. Once it has been downloaded you may as well file it in a junk folder and then trash it. But on a dialup line bouncing bulk UCE dross by applying rules to the envelope is extremely efficient. YMMV Regards, -- Martin Brown |
#88
|
|||
|
|||
OT. new antispam laws in the US
In message , martin
writes On Mon, 1 Dec 2003 14:46:44 +0000, Jane Ransom wrote: In article , Martin Brown writes Bounces of bounces are prevented by having a null return path to avoid endless loops. I'm glad you sent that post!! We seem to have been put on a porn list at an address which is a mixture of my work id and our demon id. After this thread I was worried about ping pong bounces - but you have set my mind at rest Strictly what I have described is what should happen. Some systems are not as well behaved as they could be but bounce loops are very rare. All you have to do now is to worry about bouncing to the innocent victims of header forgery. The innocent victims of header forgery can look after themselves. *Their* address was forged by a third party. If they want to go after that individual they need all the headers from the original message to do it. I haven't had a worm or a virus since 1999, I did receive several mails from system managers, as far away as Chile, informing me that I was posting Swen viruses. I wouldn't like to bet on that. Swen subverts PCs and ISP smarthosts to broadcast itself and makes little effort to disguise where it has come from. In most cases the return path points back very close to the location of the infected machine. This may be different now but it was true initially. Most of the early victims that got laid waste by Swen had up to date AV and so felt they were invulnerable. Big mistake... Regards, -- Martin Brown |
#89
|
|||
|
|||
OT. new antispam laws in the US
On Tue, 2 Dec 2003 13:11:22 +0000, Martin Brown
wrote: The innocent victims of header forgery can look after themselves. *Their* address was forged by a third party. If they want to go after that individual they need all the headers from the original message to do it. What an appallingly selfish attitude. -- Martin |
#90
|
|||
|
|||
OT. new antispam laws in the US
On Tue, 2 Dec 2003 10:25:11 +0000, Martin Brown
wrote: ~In message , Rodger Whitlock writes ~On Mon, 1 Dec 2003 12:44:26 +0000, Martin Brown wrote: ~ Snipped the mail contents deliberately as it's the threading I'm commenting on. Just to stick my nose back in the thread, I'm not actually receiving a lot of the replies. For instance, I didn't get Rodger's post (though pieced it together from the reply!) and I didn't get one of Jane Ransom's from 2 or 3 days ago. Does anyone here know if bt censor or miss posts? I rely on pop access to demon for mail and btclick/btopenworld for posting and news, as they run the broadband I use. If I know bt are clipping then I guess I'll have to do a weekly dialup or something :-( -- jane Don't part with your illusions. When they are gone, you may still exist but you have ceased to live. Mark Twain Please remove onmaps from replies, thanks! |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
Even chickens get a better life under new animal laws | United Kingdom | |||
LAWS ABOUT DIVERTING WATER | Ponds | |||
LAWS ABOUT DIVERTING WATER | Ponds | |||
Monsanto Uses Canadian Taxpayer Money to Violate Foreign Laws Case highlights need for strong Biosaf | Gardening | |||
Messy laws | Gardening |