www.digitalmars.com         C & C++   DMDScript  

c++.chat - SPAM

reply Jan Knepper <jan smartsoft.us> writes:
Any one interested in some real bad statistics?!
Check this!!!
http://www.digitaldaemon.com/Internet%20Services/blocked_email.html

-- 
ManiaC++
Jan Knepper
Nov 27 2003
parent reply "Walter" <walter digitalmars.com> writes:
What's reverse DNS blocking?

"Jan Knepper" <jan smartsoft.us> wrote in message
news:bq5muh$21lk$1 digitaldaemon.com...
 Any one interested in some real bad statistics?!
 Check this!!!
 http://www.digitaldaemon.com/Internet%20Services/blocked_email.html

 --
 ManiaC++
 Jan Knepper

Nov 27 2003
parent reply Jan Knepper <jan smartsoft.us> writes:
Reverse DNS blocking is the first level of SPAM blocking. It prevents 
the SPAM from actually being sent to the SMTP server(s)

1. Reporting/Registration:
- Some one report SPAM at www.spamcop.net for instance.
- Spamcop.net analyses the email and finds out where it comes from (IP 
address).
- The IP address is than added to bl.spamcop.net 
(http://www.spamcop.net/bl.shtml)

2. Using:
- The SMTP server(s) here are wrapped in rblsmtpd.
- When a connection is made to smtp.digitalmars.com:25 (for delivery of 
email) rblsmtpd is being activated and rblsmtpd check with 
bl.spamcop.net, list.dsbl.org and relays.ordb.org if the connecting IP 
address is reported as SPAMMER.
- If the connecting IP address is reported as SPAMMER the SMTP 
connection is denied, otherwise the connecting is accepted and the 
actual email is being received my the SMTP server.

CHKUSR is the second level of SPAM blocking. It prevents email to 
non-existent email addresses from making it to webmaster  or postmaster  
the domains.

Once rblsmtpd fires up qmail-smtpd (the actual SMTP) server, qmail-smtpd 
checks the email headers for valid "From:" and "To:" headers. The 
"From:" domain has to exist and accept email. The "To:" email address 
has to exist. If there is something wrong with either an error is 
returned to the sender.

Thanks!
Jan



Walter wrote:
 What's reverse DNS blocking?
 
 "Jan Knepper" <jan smartsoft.us> wrote in message
 news:bq5muh$21lk$1 digitaldaemon.com...
 
Any one interested in some real bad statistics?!
Check this!!!
http://www.digitaldaemon.com/Internet%20Services/blocked_email.html

--
ManiaC++
Jan Knepper


-- ManiaC++ Jan Knepper
Nov 28 2003
parent reply "Walter" <walter digitalmars.com> writes:
Ok, I understand. I had thought that very little spam came from a valid
domain, so by checking to see if the domain existed or not, one could block
spam without needing blacklists. That's what I thought reverse DNS lookup
was. That looks like what chkusr is, though.

From the volumes being blocked, it's pretty clear that email is getting to
be unusuable without some sort of blocking.

"Jan Knepper" <jan smartsoft.us> wrote in message
news:bq7ot7$2470$1 digitaldaemon.com...
 Reverse DNS blocking is the first level of SPAM blocking. It prevents
 the SPAM from actually being sent to the SMTP server(s)

 1. Reporting/Registration:
 - Some one report SPAM at www.spamcop.net for instance.
 - Spamcop.net analyses the email and finds out where it comes from (IP
 address).
 - The IP address is than added to bl.spamcop.net
 (http://www.spamcop.net/bl.shtml)

 2. Using:
 - The SMTP server(s) here are wrapped in rblsmtpd.
 - When a connection is made to smtp.digitalmars.com:25 (for delivery of
 email) rblsmtpd is being activated and rblsmtpd check with
 bl.spamcop.net, list.dsbl.org and relays.ordb.org if the connecting IP
 address is reported as SPAMMER.
 - If the connecting IP address is reported as SPAMMER the SMTP
 connection is denied, otherwise the connecting is accepted and the
 actual email is being received my the SMTP server.

 CHKUSR is the second level of SPAM blocking. It prevents email to
 non-existent email addresses from making it to webmaster  or postmaster 
 the domains.

 Once rblsmtpd fires up qmail-smtpd (the actual SMTP) server, qmail-smtpd
 checks the email headers for valid "From:" and "To:" headers. The
 "From:" domain has to exist and accept email. The "To:" email address
 has to exist. If there is something wrong with either an error is
 returned to the sender.

 Thanks!
 Jan



 Walter wrote:
 What's reverse DNS blocking?

 "Jan Knepper" <jan smartsoft.us> wrote in message
 news:bq5muh$21lk$1 digitaldaemon.com...

Any one interested in some real bad statistics?!
Check this!!!
http://www.digitaldaemon.com/Internet%20Services/blocked_email.html

--
ManiaC++
Jan Knepper


-- ManiaC++ Jan Knepper

Nov 28 2003
parent reply Jan Knepper <jan smartsoft.us> writes:
Walter wrote:
 Ok, I understand. I had thought that very little spam came from a valid
 domain, so by checking to see if the domain existed or not, one could block
 spam without needing blacklists. That's what I thought reverse DNS lookup
 was. That looks like what chkusr is, though.

The trick is that spammers these days use domains like yahoo.com for instance as 'fake' "From:" domain. Although the account yahoo.com does not exist, this SPAM would still come through the system, yet reverse DNS indeed might block these once reported as they most likely would not come from an IP address associated with yahoo.com. Than they also setup domains, just for the purpose of spamming... Domains that for the period of the SPAM being processed are actually on the internet... <sigh> chkusr only checks for existence of *local* email addresses, i.e. "To:" email addresses digitalmars.com, smartsoft.us, etc.
 From the volumes being blocked, it's pretty clear that email is getting to
 be unusuable without some sort of blocking.

Yes, it's definitely becomming unusuable. Blocking helps some, but realized that the bandwith required for the email and for the blocking to work is becoming serious. Jan -- ManiaC++ Jan Knepper
Nov 28 2003
next sibling parent reply John Reimer <jjreimer telus.net> writes:
Jan Knepper wrote:

 Walter wrote:
 
 Ok, I understand. I had thought that very little spam came from a valid
 domain, so by checking to see if the domain existed or not, one could 
 block
 spam without needing blacklists. That's what I thought reverse DNS lookup
 was. That looks like what chkusr is, though.

The trick is that spammers these days use domains like yahoo.com for instance as 'fake' "From:" domain. Although the account yahoo.com does not exist, this SPAM would still come through the system, yet reverse DNS indeed might block these once reported as they most likely would not come from an IP address associated with yahoo.com. Than they also setup domains, just for the purpose of spamming... Domains that for the period of the SPAM being processed are actually on the internet... <sigh> chkusr only checks for existence of *local* email addresses, i.e. "To:" email addresses digitalmars.com, smartsoft.us, etc.
 From the volumes being blocked, it's pretty clear that email is 
 getting to
 be unusuable without some sort of blocking.

Yes, it's definitely becomming unusuable. Blocking helps some, but realized that the bandwith required for the email and for the blocking to work is becoming serious. Jan

This is so insidious! I was talking to my brother the other day, and we just couldn't fathom how spammers could be so tenaciously pushy. They are sending spam to millions of people who wouldn't in a million years buy their products. But they'll do anything to force these people get the mail. I jsut don't understand this. It must be a virus-makers mentality or something. I REALLY wish these people could be held accountable for their actions. Excuse my rant! But I can't stand it! :-) Oh and thanks Jan. That was informative. You're doing a great job protecting us from that insanity. Later, John
Nov 28 2003
next sibling parent reply "KarL" <karl kimay.net> writes:
 This is so insidious!  I was talking to my brother the other day, and we
 just couldn't fathom how spammers could be so tenaciously pushy.  They
 are sending spam to millions of people who wouldn't in a million years
 buy their products.  But they'll do anything to force these people get
 the mail.  I jsut don't understand this. It must be a virus-makers
 mentality or something.  I REALLY wish these people could be held
 accountable for their actions.

Because some people believe this is "working from home". Helping a "genuine" company in their promotion. This way, they (housewives, mentally challenged unemployed) effective become spammers and the real crook can get away. Just like in Australia - one guy who just got caught by "Give $14,500 and I will teach you how to become rich by buying a $400,000 apartment from me". Go figure.
Nov 30 2003
parent "KarL" <karl kimay.net> writes:
"KarL" <karl kimay.net> wrote in message news:bqdub7$1mdi$1 digitaldaemon.com...
 Just like in Australia - one guy who just got caught by "Give $14,500
 and I will teach you how to become rich by buying a $400,000
 apartment from me".  Go figure.

Oops, forgot the URL: http://www.smh.com.au/articles/2003/11/28/1069825986592.html?from=storyrhs
Nov 30 2003
prev sibling parent reply "Matthew Wilson" <matthew.hat stlsoft.dot.org> writes:
 This is so insidious!  I was talking to my brother the other day, and we
 just couldn't fathom how spammers could be so tenaciously pushy.  They
 are sending spam to millions of people who wouldn't in a million years
 buy their products.  But they'll do anything to force these people get
 the mail.  I jsut don't understand this. It must be a virus-makers
 mentality or something.  I REALLY wish these people could be held
 accountable for their actions.

 Excuse my rant! But I can't stand it! :-)

 Oh and thanks Jan.  That was informative.  You're doing a great job
 protecting us from that insanity.

I wish there was some way we could get in a room with them. I really do! (I can't say what I'd really like to happen, as it'll no doubt be used in some court case in the future when I totally lose it and write some abusive email to the spammers, and then end up in the US supreme court guilty of everything you could shake a stick at.)
Nov 30 2003
parent reply roland <--rv ronetech.com> writes:
Matthew Wilson a écrit :
This is so insidious!  I was talking to my brother the other day, and we
just couldn't fathom how spammers could be so tenaciously pushy.  They
are sending spam to millions of people who wouldn't in a million years
buy their products.  But they'll do anything to force these people get
the mail.  I jsut don't understand this. It must be a virus-makers
mentality or something.  I REALLY wish these people could be held
accountable for their actions.

Excuse my rant! But I can't stand it! :-)

Oh and thanks Jan.  That was informative.  You're doing a great job
protecting us from that insanity.

I wish there was some way we could get in a room with them. I really do! (I can't say what I'd really like to happen, as it'll no doubt be used in some court case in the future when I totally lose it and write some abusive email to the spammers, and then end up in the US supreme court guilty of everything you could shake a stick at.)

There was an interesting discussion here last June called "interesting spam trap". It ended with the conclusion that the way that was sugested to fight spam doesn't work unless the whole internet melt down ... Well IMO measure will be taken before it completely melt down and may be it could be interesting to have a new look in this discussion ? roland
Dec 01 2003
parent reply "KarL" <karl kimay.net> writes:
"roland" <--rv ronetech.com> wrote in message
news:bqf1sn$7o4$1 digitaldaemon.com...
 There was an interesting discussion here last June called "interesting
 spam trap".
 It ended with the conclusion that the way that was sugested to fight
 spam doesn't work unless the whole internet melt down ...
 Well IMO measure will be taken before it completely melt down and may be
 it could be interesting to have a new look in this discussion ?

The problem is simply the fault of SMTP! If the mail transport protocol is enhanced (yes, they did, but....) to prevent SPAM, then OK. However, SMTP is like your own mailbox at home. Everyman and his dog can stuff thing into it if you don't stay watch over it. Hence this is the situation. The only difference is the post office can only "relay" if you attach a stamp. Junk "mail" does not have stamp - only poor suckers who will "work" for $5 for to stuff 1000 junk mail into letter boxes will do it. Similarly, you will always have poor suckers who think that they can "work at home" emailing 100,000 people and get paid $5 for the work, so they repeatedly SPAM people. Real spammer don't spam themselves. They find some poor soul to do it - or sell CD's of email addresses. You and I who owns a domain or two need a legitimate contact which can be collected by whois! I tried that - registered a new domain with a new email address and only one day later, that email starts getting SPAM! My $0.05
Dec 01 2003
parent reply "Walter" <walter digitalmars.com> writes:
"KarL" <karl kimay.net> wrote in message
news:bqgi5j$2g5v$1 digitaldaemon.com...
 If the mail transport protocol is enhanced (yes, they did, but....) to
 prevent SPAM, then OK.  However, SMTP is like your own
 mailbox at home.  Everyman and his dog can stuff thing into it
 if you don't stay watch over it.  Hence this is the situation.

The problem caused by spam is characterized by economists as "the tragedy of the commons." Essentially, the cost of spam is not born by the sender, so it is abused. The only solution that has a prayer of working is to make sending emails cost money. I wrote a brief essay on it: www.walterbright.com/spam.html
Dec 01 2003
parent reply roland <--rv ronetech.com> writes:
Walter a écrit :
 The problem caused by spam is characterized by economists as "the tragedy of
 the commons." Essentially, the cost of spam is not born by the sender, so it
 is abused. The only solution that has a prayer of working is to make sending
 emails cost money. I wrote a brief essay on it:
 
 www.walterbright.com/spam.html
 

That's a smart text and IMO the best solution. The trouble is that it doesn't come "naturally" and need a kind of political will to be implemented. May be for that there must be some intermediate step so that everybody realize the need of it. Here is a sumarize of the "interesting spam trap" thread at least as I understood it. There http://www.unclebobsuncle.com/antispam.html they suggest a way that if interesting, according to Jan does not work because the crawlers check the validity of the e-mail adresses they collect digging a DNS server. The dig command is very fast but still. We come to the conclusion that if for example 10000 web pages have 100000 invalid e-mail adresse (=10E9 adrresses), the internet could melt down. So what ? isn't e-mail going almost unusable already ? Let's imagine a program that creates random e-mail adresses and make the insertion of those adresses on existing web site very easy. Even those pages can be dynamic and chane all the time. Imagine a lot of web site owners accept to put one or two big pages of those adresses all over the world. What will appen ? The crawlers are going to crawl, check huge amount of adresses to DNS servers. The internet will become slower, slower, even some DNS server could crash. That's the goal: make the internet completely unusable for a few days. Because of who ? because of the spammers. Be sure then, the people, the companies, then the politicans are going to be very very angry. Then your solution has a chance to be implemented. just some thinking roland
Dec 02 2003
parent "Walter" <walter digitalmars.com> writes:
"roland" <--rv ronetech.com> wrote in message
news:bqhk31$10pt$1 digitaldaemon.com...
 Walter a écrit :
 The problem caused by spam is characterized by economists as "the


 the commons." Essentially, the cost of spam is not born by the sender,


 is abused. The only solution that has a prayer of working is to make


 emails cost money. I wrote a brief essay on it:

 www.walterbright.com/spam.html

That's a smart text and IMO the best solution. The trouble is that it doesn't come "naturally" and need a kind of political will to be implemented. May be for that there must be some intermediate step so that everybody realize the need of it.

I think the intermediate step is just one ISP implementing this. Right now, many people accept mail only from whitelists. It's only a small step from there to accepting email only from those willing to pay a penny to send it to you.
Dec 02 2003
prev sibling parent reply "Walter" <walter digitalmars.com> writes:
"Jan Knepper" <jan smartsoft.us> wrote in message
news:bq81mf$2hgv$1 digitaldaemon.com...
 Yes, it's definitely becomming unusuable. Blocking helps some, but
 realized that the bandwith required for the email and for the blocking
 to work is becoming serious.

I don't understand why some of this isn't blocked at the backbone level.
Nov 28 2003
parent Cesar Rabak <csrabak ig.com.br> writes:
Walter escreveu:
 "Jan Knepper" <jan smartsoft.us> wrote in message
 news:bq81mf$2hgv$1 digitaldaemon.com...
 
Yes, it's definitely becomming unusuable. Blocking helps some, but
realized that the bandwith required for the email and for the blocking
to work is becoming serious.

I don't understand why some of this isn't blocked at the backbone level.

While the backbone gets paid by the otherwise 'wasted' bandwidth. . . -- Cesar Rabak GNU/Linux User 52247. Get counted: http://counter.li.org/
Nov 28 2003