Jump to content

Spam: Whats your solution?


VaKo
 Share

Recommended Posts

http://edition.cnn.com/2006/WORLD/europe/11/27/uk.spam.reut/

Like it or not, the internet has to change. Spam email is becoming a huge problem thats causing mail servers to fall over right, left and center. So whats the solution? Spam filters have become a joke, and a constant arms race between the spammers and sysmins. So how far would you go for a spam free inbox? Better filters? An email postage charge ala sender ID? Or would you, like me, go much further? Instant disconnection for anyone with a zombie computer, with a charge to have it inspected before its allowed back on the internet? Fines for zombie computer owners? Fines for spammers and bot net owners? Not small ones, £1000 for every email sent, or a life term in jail if you can't pay? Total seizing of all assets owned by a spammers and there family, including there parents, siblings and children's possessions, property and assets? Or would you go further? Public posting of spammers identity's, there families identity's, where there kids go to school, where there parents live, the houses they own, the cars they drive etc? Disconnecting small 3rd world nations who cannot police there internal networks and have sold there digital heritage to spammers?

Personally, after clearing 35000 emails from a server (this is now daily), I'd quite happily fire bomb the family homes of spammers and bot net owners. And I wouldn't feel bad about collateral damage inflicted. If we don't do something about spam now, we may not have an internet to use sooner or later.

Link to comment
Share on other sites

Earthlink has a really interesting way of dealing with spam

If you send email to someone who has it turned on (spam block) and it doesnt know your address, it replys back and says hey, come here (link) and get your address approved.

You click on the link it takes you to a site, that you can fill in a 80char long message to tell the person who you are, and they get a ping saying, is this dude ok? y/n

Then once your added your good to go. I like it alot better than some of the black hole lists.

On our corporate servers we have a strict address book policy. Not in the address book, it gets put in holding. If duplicates come in, and no one knows the person, it is spam and dump it.

A little over agressive but works.

Link to comment
Share on other sites

I don't think there's anything too extreme in terms of spam killing, I'm pissed off with it too, it's like a fucking poisonous vine creeping through the net.

I've no idea how but I managed to catch a spambot the other day, I noticed a sudden spike in network usage and after a quick Ethereal session I soon found emails being pumped out left right and centre... I soon dealt with it but it pissed me off that some asshole was using my machine and my connection to spew out canadian pharmacutical spam.

I want these fuckers dealt with, I'm just not sure how... I should've dissected the bot now that I think about it but the first thing on my mind was killing it. It's all goddamn money... same as in RL.

Link to comment
Share on other sites

I don't think that we will ever get rid of Spam, its like herpies, its bad but its not going to stop people from having sex, just like Spam isn't going to stop people from using email.

I think that increasing the punishment for Spam will stop some but not all, people will do _anything_ for money. I don't think that fining the zombie computer owner is a good idea, but the whole idea of disconnecting it from the Internet until it has been fix is a great idea, but i highly doubt that the normal mum and dad computer user would like there Internet taken away from them for something they didn't do.

As punishing there family members i don't think is the right idea, i mean i wouldn't like it one day the cops show up and take my computer and stuff because my brother sent Spam emails.

Link to comment
Share on other sites

Well I agree that it's not necessarily the computer owner's fault but people don't know enough to realise they're even infected let along how to clean a zombified machine. If education isn't going to work (which it won't) then people have to be beaten in to taking notice.

Link to comment
Share on other sites

I do think that awareness of zombie machines needs to be more prevalent. I mean people think that just because they have Norton Internet Security that they are invincible on the net, but i don't get how fining the user is going to help anything, its like putting a fine on getting robbed, its just kicking a dead horse.

Link to comment
Share on other sites

See, my plan is to make it such a ball ache to be infected that you will pay attention to your computers health. So you know that if you get infected with something your not going to have the net for ages, and that you'll have to pay to get your computer back on the net. So if you don't take care, don't use anti-virus, don't use anti-malware and firewalls you know its going to put you out until an engineer is sent around at your expense to certify that your machine is clean.

As for the spammers themselves, I would take everything from them, including and in a very literal sense, the very shirt from there back. I'd also ban them from owning anything that can send email, ie mobile phones, computers, digital TV boxes even. Anyone living with them, ie family would also have similar restrictions put on them, but to balance that out, they can get immunity by turning on the person who was doing it.

Then you get up to the nasty side of things like posting personal information about spammers on the web, including details about there familys and friends online. And vigilante action along the lines of taking a hammer to someones fingers.

My plan is to make being a spammer, or being involved in spamming so bad to be involved in that its dangerous. At the moment its a victimless crime, you send 30000 emails and someone punches a monitor on the far side of the planet. No one see's anyone get hurt. Now imagine a world where you send 30000 emails, your street's internet is cut of for a month, everyone is told why, and pointed in your direction. You can never use the internet or phones again, your family is under the same restrictions, electricity is cut off to your house and your charged with a criminal offense. Or some well meaning member of the public pours petrol threw your letter box. In the 3rd world nations, bribe the governments to crack down on it, nothing like a size 12 steel toe capped boot repeatedly reinforcing the idea that Spamming is Bad.

Link to comment
Share on other sites

In theory its a good idea, but the plain fact is that people dont like to be told what to do and what to do on there own computers and they will fight tooth and nail for it. I mean in a perfect world the idea would totally work, well in a perfect world a idea like that would not exist.

But i do agree with that the spammer them selfs should have a MUCH harder penalty given to them.

But the whole idea of punishing their family/public is not a good idea imo. There are some sick people out there that do what they want and screw with the outcome.

Link to comment
Share on other sites

The best thing to do currently seems to graylist, combined with some advanced filtering.

The SMTP protocol allows your mail server to respond with the equivalent of "Um... I'm kinda busy right now, could you try again later?".

It seems the VAST majority of spam servers don't take the time to try again later whereas the legitimate servers will have no qualms doing so.

You can then whilelist the servers that behave so the lag in delivery gets dealt with aswell.

http://en.wikipedia.org/wiki/Greylisting

Link to comment
Share on other sites

Graylisting sounds interesting, will have to look into that.

As for claims that my ideas are to extreme, has anyone seen the movie Swordfish? People should have as much freedom as they can be responsible with.

Link to comment
Share on other sites

Well I agree that it's not necessarily the computer owner's fault but people don't know enough to realise they're even infected let along how to clean a zombified machine. If education isn't going to work (which it won't) then people have to be beaten in to taking notice.

in my eyes it is !

look when there's something wrong with a m8 or family's computer

(probably spyware etc) i go fix it (the 1st time)

and i lay down the rules :

  • dont use p2p networks (exept bittorrent)

use firefox or opera

use a av preferably x,y or z (a list i give em of av's i advise) note that i dont even list norton as a anvtivirus (its a piece of SHIT!)

use a firewall (again preferably x,y or z from the list)

use s&d and adaware se and check for spyware on a weekly or 2weekly bases.

next time they borked i have a look @ the pc and ask if they followed my guidelines .... if not I DONT FIX IT ! i edjucated them if they wont listen its not my fault ! now i wont fix it or charge (and im still to nice cos i only charge half of wot computer shops over here charge ! )

Link to comment
Share on other sites

My plan to deal with spam is to use media to make heaps of hype about spammers and how they are going to destory the internet for us all. Then hacker's track them and post their identity in an appropriate place. The general population then go rip their balls off, burn them at the stake, do other nasty things to them. The spammers computer is then taken apart and find out how they are making the spambot armys and then imunise everyone elses computers. Also it will be the hackers who have saved the day! :D

edit: I just read that artical and it says that only a fraction of the people need to reply for spammers to make a profit, what if no one replyed? Damn those people who reply, if it wasn't for them spammers wouldn't make any profit so the would stop eventually becasue it's just a waste of time.

Link to comment
Share on other sites

I don't know what all commotion about spam, is for, I rather like it. On toasted wheat bread with lettuce, mmmm... thats some good food.

As far as the unsolicited emails go, "I get no spam." I really don't mean to quote Dvorak, but I don't. I've only got 4 in the past month. I find, that most spam comes from those email that your mom/sisters/girlfriends sends you that are like:

Subject:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:

Fwd:RE:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:

Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Re:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Hey guys,

From: katKat@s.com

to: <A list of every boy that she sent it to>

I don't know if you know this but little Jimmy has Cancer. He going to die unless you help me

Please!!!111!!1 Help ME help Jimmy!!!11!!

Microshaft has pledged that they will give us $1 for every name in this email

Please!!!

Put your name below and send it to every body you know including the person that sent it to you!

Jessy Nooberson

Maggie McNoob

Katie Nooberton

...

The catch is the "including the person who sent it to you." So that it will make it back to the spammer with everybodies names and emails. Using a little logic you could associate the two, and get really clever spam. :x

Link to comment
Share on other sites

I agree. I have a spam filter on my inbox and most get filed out, yet i still have 300 unread messages in my inbox because i havnt had the time to go and save what needs savin. Im on the mailing list for the nexenta devlopers group, so i get like 30 messages a day from them. On an average week i probably delete some 3000 messages out of my filter box.

I think that end users should be held responsible. Computers are becoming more and more a part of our lives, even if you have no interest in them. I compare computers to cars alot. If you are going to drive a car then you have to follow the rules of the road. If nobody did then driving would not be possible. Same thing with computers. If you are going to own a computer and have it hooked up to the global internet then you should have to obey certain rules. This would hopefully put a curb on the number of zombie computers out there.

Link to comment
Share on other sites

To continue the car analogy, in the UK it was either suggested or is currently the case (I'm not sure, I haven't yet got a licence) that you must have basic knowledge of how to replace a wheel, check oil and water levels and perform general maintenance on your car. If this sort of thing was a rule for anyone who uses computers, here's a few ideas an example;

- Basic use of firewalls, anti-crapware apps and antiviruses, why you need them, how to use them and what they do, how to choose one that isn't fake/a malware downloader,

- Be aware of what these malware apps do and why,

- How to tell if your machine has been turned in to a zombie or if it's infected,

- Be aware of rootkits and the potential damage they can cause even if you can't remove them,

- Know when it's time to call an end, back up your files and start again,

- How to tell if you're about to install an potentially unsafe application and learn ways to test an application in a safe environment,

- Learn that not everything requires internet access and to question the reasons when something unexpected makes a connection.

- Learn that if it looks like it's being helpful but you didn't ask for it then it's probably fake... too many people fall for "zomg you've got 10,000,000 viruses on your computer, click here to fix them!!".

These things may sound like standard knowledge, perhaps people might say that people don't need to know this stuff but in my opinion those things are essential knowledge if you're going to connect a machine to the internet.

Another thing is that people rely on geeks too much. Yes, I said it. I used to like being the guy everyone came to to fix their computer problems, I enjoyed it. Then came a point where 99 times out of every 100 the issue was malware related. People should know how to deal with that themselves for our sake and theirs. They shouldn't need to suffer a slow machine/connection and we shouldn't need to suffer having to fix it every time but they need to learn how to deal with it otherwise it's going to continue the way it already is.

Also people need to stop saying "zomg use linux instead!!" because if people can't keep a Windows system clean then it's unlikely that they'll manage to successfully use Linux. Everybody says that Linux doesn't get malware but if you have the faintest clue then you'll know that's not the case. If people all switched to Linux believing it'll keep them safe with no effort then they just continue to remain ignorant to malware and viruses.

Link to comment
Share on other sites

I don't know what all commotion about spam, is for, I rather like it. On toasted wheat bread with lettuce, mmmm... thats some good food.

As far as the unsolicited emails go, "I get no spam." I really don't mean to quote Dvorak, but I don't. I've only got 4 in the past month. I find, that most spam comes from those email that your mom/sisters/girlfriends sends you that are like:

Subject:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:

Fwd:RE:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:

Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Re:Fwd:Fwd:Fwd:Fwd:Fwd:Fwd:Hey guys,

From: katKat@s.com

to: <A list of every boy that she sent it to>

I don't know if you know this but little Jimmy has Cancer. He going to die unless you help me

Please!!!111!!1 Help ME help Jimmy!!!11!!

Microshaft has pledged that they will give us $1 for every name in this email

Please!!!

Put your name below and send it to every body you know including the person that sent it to you!

Jessy Nooberson

Maggie McNoob

Katie Nooberton

...

The catch is the "including the person who sent it to you." So that it will make it back to the spammer with everybodies names and emails. Using a little logic you could associate the two, and get really clever spam. :x

i get the same spam... exactly the same spam..

Link to comment
Share on other sites

Also people need to stop saying "zomg use linux instead!!" because if people can't keep a Windows system clean then it's unlikely that they'll manage to successfully use Linux. Everybody says that Linux doesn't get malware but if you have the faintest clue then you'll know that's not the case. If people all switched to Linux believing it'll keep them safe with no effort then they just continue to remain ignorant to malware and viruses.

huh, who, what, where when, Linux malware? I thought Linux didn't get viruses(or at least none that weren't patched with updates) If Linux isn't as secure as I though it was...then can you please tell me how to secure my Linux :shock:

Link to comment
Share on other sites

I know, just ask Dvorak what he does about spam

Apparently spam is on the rise, people were talking about it on some security focus mailing list i don't get anymore cos they clutter my inbox

i personally don't have a problem with spam, but i've been very careful about who i give my address out to. I try never to leave it out on a website somewhere

Link to comment
Share on other sites

Also people need to stop saying "zomg use linux instead!!" because if people can't keep a Windows system clean then it's unlikely that they'll manage to successfully use Linux. Everybody says that Linux doesn't get malware but if you have the faintest clue then you'll know that's not the case. If people all switched to Linux believing it'll keep them safe with no effort then they just continue to remain ignorant to malware and viruses.

huh, who, what, where when, Linux malware? I thought Linux didn't get viruses(or at least none that weren't patched with updates) If Linux isn't as secure as I though it was...then can you please tell me how to secure my Linux :shock:

Dont run as root. Backup your main users daily. If in the event you do get a virus then it is fairly straightforward to delete and recreate the user account that was infected.

Link to comment
Share on other sites

Also people need to stop saying "zomg use linux instead!!" because if people can't keep a Windows system clean then it's unlikely that they'll manage to successfully use Linux. Everybody says that Linux doesn't get malware but if you have the faintest clue then you'll know that's not the case. If people all switched to Linux believing it'll keep them safe with no effort then they just continue to remain ignorant to malware and viruses.

huh, who, what, where when, Linux malware? I thought Linux didn't get viruses(or at least none that weren't patched with updates) If Linux isn't as secure as I though it was...then can you please tell me how to secure my Linux :shock:

Dont run as root. Backup your main users daily. If in the event you do get a virus then it is fairly straightforward to delete and recreate the user account that was infected.

Sweet, I don't run as root and anything importaint is saved to USB drive, Im all good then, Thanks :)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...