Ok, on a whim I decided to have a look at some reports generated by our anti-spam software, and it said that 96% of all incoming emails that we get are spam!! Whats even more worrying is that the company I work for only has 10 people in (including myself) and that we have only received about 3000 non-spam emails!!

Anyone else having the same problems?

Any people with a email having the same problems... :D

I always ask myself what this guy earns... above all with xxx rated msg... :mad:

Oh, I know that anyone with email has these problems. I just wondered if anyone had problems this extreme for such a small company. I guess it's our own fault tho. Nearly every website that has been produced as the contact details of the project manager (inc email addresses), and theres a lot of them...

Hey ho...

Originally posted by piersk
Oh, I know that anyone with email has these problems. I just wondered if anyone had problems this extreme for such a small company. I guess it's our own fault tho. Nearly every website that has been produced as the contact details of the project manager (inc email addresses), and theres a lot of them...

Hey ho...

Why not just use contact forms rather? And if they really want your email addy, make them give you their email addy and then have your email addy emailed to them ;) That should atleast stop spam bots from getting a hold of them. :)

I've started doing that. The problem is that the company I work for has been doing it the old-fashioned way for about 5 or 6 years now :rolleyes:

Originally posted by piersk
I've started doing that. The problem is that the company I work for has been doing it the old-fashioned way for about 5 or 6 years now :rolleyes:

You could change all the addresses that recieve spam and then when someone emails an old changed email address have a auto reply sent to them saying the email address has changed and the email they sent has been deleted, and they should go to the website and use the contact form if they need to contact you(or whoever). Might be alot of work, but if your getting as much junk as you say it might be worth it! :)

I've experienced the
bigger source of spam is the mailing list server.

The freelander, who program lower-cost sites, use free mailing list server. So if you has registered once in any of this, you are getting Kb of spam.

Could it be?

Is the report *accurate*?

On a somewhat related topic, and I wonder if I've mentioned it before ... how do these guys get paid? Is it .0000x for each piece delivered? Is a "proactive" approach (block their IP via tcpd or firewall) going to do any good?

Speaking of spam http://news.google.ca/news?hl=en&edition=ca&q=spam W00t anti-spam law, thats what I like to hear

Originally posted by jebster
Speaking of spam http://news.google.ca/news?hl=en&edition=ca&q=spam W00t anti-spam law, thats what I like to hear
It sucks.
The CAN-SPAM Act does not actually can spam. There is no ban on sending unsolicited commercial e-mail or text messages. Instead, it requires that spam sent to consumers includes a means of opting-out of the mailing list used by the sender.
Which means you still get the spam. And I wouldn't be surprised to find that the legislation identifies "senders" by their email addresses.

But hey; it's an anti-spam law! We don't have to worry about it any more!

That means that your anti-spam program is working effectively to delete the crap. I would never give out my e-mail address. I use ze contact forms.

But the spam is still going out. Millions - nay, tens of millions, scores of millions of ads for medical products I for one have no need or desire for, filling up about 40% of your friendly local major backbone carrier's total bandwidth.

Blocking it at the receiving end does nothing to reduce that load, and I don't see those "opt-out" lists having any effect (there are problems with jurisdiction to start with).

The only sensible place to control it is at the transmission end. With a small tactical nuke, for preference.

Originally posted by Weedpacket
The only sensible place to control it is at the transmission end. With a small tactical nuke, for preference.
small?!??!?!?

I like the new look btw

Guess we need more hackers that have had enough of all this crap! :D

Well, then be forewarned. Spamhauses(the good guys) have been shutting down left and right because of massive DDoS attacks happening to them.

Originally posted by Weedpacket
Blocking it at the receiving end does nothing to reduce that load, and I don't see those "opt-out" lists having any effect (there are problems with jurisdiction to start with).That was the essence of my question. If no server on the planet would accept mail from spammerA, would he still be able to charge his "customers" for the service of distributing his junk? That's a position I've taken, for better or for worse.

I've put myself in a position of looking a tad like an idiot to some people in the Open Source community, because I block SMTP connections from sizeable portions of the Asian, South American, and European networks. AAMOF, over a third of the available IPv4 namespace is blocked by default. So, every once in a while someone with an overseas IP really *needs* to contact me (or wants to, or thinks they need to), and the best they can do is send a message to some mailing list(s) I read with "FAO Dale" on it...I guess they don't believe in contact forms.

I suppose the sad fact is that somebody somewhere is always going to have a misconfigured MTA....The only sensible place to control it is at the transmission end. With a small tactical nuke, for preference. I agree with the sentiment, but I'd have to remind you that the last war in Europe killed a large number of people, only some of whom were actually guilty of much ....

OTOH, it wasn't too difficult to get through the Low Countries, was it? Hmm......

Originally posted by LordShryku
Well, then be forewarned. Spamhauses(the good guys) have been shutting down left and right because of massive DDoS attacks happening to them.

The good guys as in they go after spammers or as in the send out ads the right way? Sorry, just never heard the word spamhauses before ;)

They're the guys who go after the spammers publicly. The websites that post personal information about the spammers on the web. Spammers don't like that...

http://www.spamhaus.org/

Originally posted by LordShryku
They're the guys who go after the spammers publicly. The websites that post personal information about the spammers on the web. Spammers don't like that...

http://www.spamhaus.org/


So spammers have been attacking them? :mad: So they post personal info of spammers eh?... Muhahaha

Yeah, spamhaus.org is probably the biggest one, but there a couple more. Like I said, they've been shutting down because of the DDoS's. Don't know if you saw this (http://www.spamhaus.org/news.lasso?article=13), but someone created a virus specifically to take down spamhaus.org

Yea, read one of those articles, thats pretty bad! Stupid spammers! Well from what I seen they are now protected from dDoS attacks now, which is good. And what a shame, none of the spam operations listed on "The ROKSO List" are near me :( Could went and had a talk with them. ;)

Originally posted by bad76
[B
I always ask myself what this guy earns... above all with xxx rated msg... :mad: [/B]

About a million USD per month

http://www.denverpost.com/Stories/0,1413,36~23827~1840352,00.html

From that link
Richter said OptInRealBig.com makes $15 million a year sending out 15 million e-mail messages a day.

Geez, no wonder they keep doing it even though there are people that would love to use them as a boxing bag!

Originally posted by jstarkey
About a million USD per month
Ok, you get me: my next work is the spammer... :)

However is not a surprise if the hacker are with the spammer: on their sites always you can look popup-banner and email submission.

And the black list cannot be a solution: all the address are masked. I get a lot of spam message, and in a month there are just 1 or 2 ip address repeated. 30 per day, for 30 days... 900 different spammer? I don't think.

from the link
The messages touted everything from free doughnuts to pornographic websites.
AND Why I get ALWAYS "pornographic websites" and NEVER "free doughnuts " ? :D

Originally posted by dalecosp
That was the essence of my question. If no server on the planet would accept mail from spammerA, would he still be able to charge his "customers" for the service of distributing his junk? That's a position I've taken, for better or for worse. The problem with 40% of a major backbone carrier's bandwidth being used for spam is that it means spam represents 40% of that carrier's revenue.

Originally posted by dalecosp
I agree with the sentiment, but I'd have to remind you that the last war in Europe killed a large number of people, only some of whom were actually guilty of much ....Hence the qualifiers: "small tactical" - the sort that are designed to kill, say, a single armoured division. The response is chosen to model the way police officer firearms training revolves around shooting to kill: because anything less thorough has more risk of failing and inviting retaliation.

Originally posted by Weedpacket
Hence the qualifiers: "small tactical" - the sort that are designed to kill, say, a single armoured division. The response is chosen to model the way police officer firearms training revolves around shooting to kill: because anything less thorough has more risk of failing and inviting retaliation. Hmm, perhaps. Given the recent media hype over potential collateral damage with "conventional" explosive devices in Babylon, should we still think of something a tad less destructive....

Perhaps hand grenades? Delivered via IP, of course:

ipfw 00100 allow frag from any to any via {oif}

:D

Originally posted by Weedpacket
The problem with 40% of a major backbone carrier's bandwidth being used for spam is that it means spam represents 40% of that carrier's revenue. (As an aside, couldn't we do without Level3?)

Are you suggesting that either

a. The spammers *are* the NSP's ...

or b. The spammers receive kickbacks from the NSP's ...

This certainly bears some further investigation and thought; I was under the impression that spammers were shady characters who *used* purchased network bandwidth to deliver unsolicited bulk email (with generally stupid content) rather than shady characters who *owned* network service providers and used their own network to send UBE....

If people are more educated, spamming will stop, as less people will fall for their scams. If spammers can't make money off these scams, they'll just give up. The sole purpose of spamming is money. Take away the money and you take away the spam. E-mail and money don't mix!

Originally posted by dalecosp
This certainly bears some further investigation and thought; I was under the impression that spammers were shady characters who *used* purchased network bandwidth Exactly! Purchased (whether directly or indirectly) from the major carriers!

Right, both of you. So what we have, in terms of the classic DEA-style money trail, is this:
---> = $money

$a $b $c
UNUSUAL PHARMACIST ---> SPAM SENDER ---> NETWORK PROVIDER[S] ---> GULLIBLE SPAM RECEIVER
| |
| |
$d ^ <--- <--- <--- <--- <---
Merve's thought, education, would stop the money flow at $d. The classic way to do it, and probably the best, but also the hardest to accomplish. As P.T. Barnum was quoted as saying... "There's a sucker born every minute..."

Weedpacket's comment was to simply eliminate part of the chain, (the $a to $b link) but doing so in the manner described would likely be illegal and possibly immoral; and just because someone else does something immoral and illegal doesn't necessarily give us the right to do so. Too bad the government(s) doesn't(don't) know *how* or *at whom* to wield its(their) sword.

My thought is to paralyze the system at point $a, by convincing the 'unusual pharmacists' that they shouldn't pay the 'spam senders' because they aren't delivering the goods. If, however, it's simply a 'flat fee' that's paid by the 'unusual pharmacists', then my idea really isn't going to accomplish much besides cut the spam sent to my domains and make a few people in other countries mad &&|| frustrated at me.

I was under the impression that "bulk mailings" were priced by the number of pieces delivered. If it's only the pieces *shipped*, then there's no merit to my idea.

However, it might be somewhat effective for more server admins to block IP's of spammers, and for the media to note the trend --- if the 'unusual pharmacists' lose faith in the spammers' ability to create value for them, the spammers lose $$$....

Hot off the presses (http://weblog.infoworld.com/foster/2003/12/19.html)

Richter also claimed in some of the e-mails sent to Synergy6 that he has agreements with major ISPs to white list their spam runs. Earlier this month, Richter was quoted by Reuters as saying he had recently visited AOL headquarters. AOL has neither confirmed nor denied that it had dealings with Richert.

Richter being a notorious spammer....
http://www.spamhaus.org/rokso/evidence.lasso?rokso_id=ROK1790

Originally posted by dalecosp
Right, both of you. So what we have, in terms of the classic DEA-style money trail, is this: You missed out the backbone carriers.

But more importantly, you assume that the link $a exists - that the Unusual Pharmacist and the Spam Sender are separate entities; and it's not a matter of the former buying a CD of FIFTY MILLION EMAIL ADDRESSES! and bulk mail software.

What is needed is an enforceable blacklist: an internationally-sanctioned Internet Death Penalty that will shut down spam-generating operations, and bar from further operation repeat offenders with fines or/and jail terms for recalcitrants. Make a legal requirement of service providers all up and down the service hierarchy ToS clauses forbidding the sending of UBE, with termination of service in event of violation; with criminal charges laid against services that fail to include such clauses, or who fail to enforce them.

It's not a matter of making UBE uneconomical, because it's too ridiculously cheap (cheap enough that there will always be a sufficiently high proportion of mouth-breathers on the Internet to make it profitable); it's going to have to be a matter of making it illegal.

Finding the source isn't too difficult: only once it becomes illegal will it become necessary to backtrace and confirm that the sender really was (in fact or operating on behalf of) whatever entity it was advertising their site/chemicals/diplomas/casinos/whatever they allegedly want your money in exchange for. (Think: if they want your money they have to tell you where to send it.)

I could point out that a significant (on the order of 30%) of UBE is already illegal in New Zealand, but since it's not coming from New Zealand that's not much help when it comes to shutting it down.

I must point out that dale's trail is a simplified version. The actual trail is much more complicated than that, but one can only do so much with monospace text (sigh).

The money is flowing all over the place. The unusual pharmacist is paying the spammers to send out e-mail blasts. They are also paying porn sites to advertise. They are paying guys to make the miraculous medicine. They are paying lots of money, but they're in this to make profit, so what do they do? Their messages have to be catchy: "Grow your member for 5 easy payments of $19.95 so she won't dismember you."

If the money trail were that simple, it'd be much easier to break the trail. Miraculous medicine is not the only spam product. There are also scams that try to weasel you out of money: "Open a bank account with me and you'll get huge returns." We have to go the root of the product: in these cases, the miraculous medicine manufacturers and the banks and tell them to stop. Sue them. Tell them to stop taking advantage of suckers. A combination of weakening the links at every possible point is the best bet for defeating spam. Education of everybody, the manufacturers/banks, the spam receivers. That's what'll help overcome the problem of spam. If we can create better spam filters, spam will no longer be a problem...no more junk mail and inbox clogging.

So let's protect the idiots and joes of the world who fall for these things...but if you're dumb enough to fall for these scams, you kinda deserve it.

OK, Weedpacket; I use NSP = backbone carrier and ISP = local Internet Service Provider. I left out the ISP's, but that link is fairly well assumed for those of us who know much about telecoms...probably for everybody. My ISP is an electricity cooperative, their NSP is a Petroleum pipeline corporation, and their NSP --- well, it breaks up after that. The NSP is big enough deal.

It occured to me while I was posting that it was indeed true that most ISP's have a TOS that prohibits spamming. So, the problem is a lack of enforcement on their part, for whatever reasons. And, the ISP's need ever-increasing bandwidth for their TOS violating networks, and this does add up to more $$ for the NSP, and keeps the wheels greased for continued growth. So, I begin to see your earlier point more clearly.

The government will likely *not* do anything about this, because the Internet community at large is split over the issue of privacy and "free speech" ... and, it seems most governments have more pressing problems at the moment. The NSP's aren't going to lobby for it. Explains quite a bit about recent news on this front....

Anyone got parts for a small tactical nuke?

As I understand it, the spammers don't get paid for sending the email, they get paid for the responses. So they broadcast millions of emails (often by hijacking someone's computer and stealing bandwidth).

The only $ amount I heard is that a mortgage company pays something like $50 for each referral from a spammer. So it doesn't take very many responses to make it worthwhile for them.

The only question I have is why ANYONE would buy ANYTHING from a spammer. But there are suckers born every minute :mad:

Originally posted by tomhath
As I understand it, the spammers don't get paid for sending the email, they get paid for the responses. So they broadcast millions of emails (often by hijacking someone's computer and stealing bandwidth).

The only $ amount I heard is that a mortgage company pays something like $50 for each referral from a spammer. So it doesn't take very many responses to make it worthwhile for them.

The only question I have is why ANYONE would buy ANYTHING from a spammer. But there are suckers born every minute :mad: Which I quoted above...

If what you say is true, then my strategy of blocking the spam is somewhat helpful, and Merve's suggestion to educate people is a good target as well; and both of these are the only route of recourse vs. spam until such time as the ISP/NSP's get their butts together and enforce the TOS'es, and/or the government[s] finally do(es) the correct thing on the issue....

Let's take out the unusual pharmacist for a second. Let's replace that with a big corporation. Now, let's replace the spammers with company employees who have to send out e-mail blasts. The product is still UBE. Some people don't realise that. UBE from GMC is the same as UBE from Member-Growing Inc.

Now, I'm pretty sure that GMC doesn't send out e-mail blasts, but that's just an example. Big corporations do not send out e-mail blasts to my knowledge, but there's a concert organizing company in Toronto called Nova that sends out e-mail blasts. Can they really justify that, even if they are promoting amateur bands? They say it's just a streetlamp. You're eventually going to run out of place with a streetlamp pole if you put too many posters. Well, your inbox is like that, except for it's private! I don't want ads in my inbox. I already see them every time I check my e-mail! So, let's keep the posters on streetlamps and let's get the word out that it doesn't have to be spam to be UBE.

One of the first steps in education :)

Originally posted by Merve
They say it's just a streetlamp. But never mind the streetlamp, who's paying for all those posters they're sticking up?

However you cut it, UBE is theft.

Hi y'all!

The effect of spam as a nuisance is well known, but I'm even more worried about the side-effects generated by fighting the stuff.

I run a webdev. company, and I've experienced some situations where my outgoing mails don't make it through to the recipient, due to his companys spamfilter (or his own @ home). Thus important information may be lost, and the mailprotocol gets to be distrusted as a means to distribute information.

Well, I know I could call the customers in addition to sending them mail, but one of the main advatages of sending mail is that you can send them at any time, when it suits you.
My working hours are a bit on the odd side :D

Another case of the side-effects: a norw. security company usually sent their bid-for-cases as a pdf. All well and good, but to be sure that their customers didn't have to download Acrobat, they sent the file as a self-extracting archive - with the ending of .exe
In the cases where the spamfilters were correctly set up they got a reply from the robot, telling them how wrong-wrong it was to send exe-files by mail. But in many cases they got no reply, and they had no way of knowing the message had flopped.
Even when they zipped the files some filters wouldn't accept the message.

Small fry, you would say, and I agree. This isn't the end of the internet.
But it's a strange situation, and the odd thing about it is that it is a battle between robots! No humans involved* :p

In the red corner:
The Mailhungry mailaddress-suckers!

In the blue corner:
The Spamhungry spam-blockers!

In addition you have the viruses, worms and bots that control the spammers network of spam-pc's, small helpers that ensures a steady flow of spam around the world.
I think one network consisted of over 100 pc's around the world, all controlled by one machine in the US (Florida).
As I understand it, these machines has (mainly) two purposes:
- send out large amounts of mail
- collect email-addresses by traversing the web
The first point is dealt with by the spamblockers, but very little is done about the last.

My point is: this is all done automatically, and the blue corner are the good guys. They stop the garbage before reaching our view, and we're happy for it.

But how about fooling the bad guys for a bit?
The guys in the red corner are stupid as dorks, and with some simple lines of javascript you can mask the address:

<script language="Javascript">
<!--
a = "simplebart";
b = "antispam.org";
document.write("<a href='mailto:" + a + "@" + b + ">");
document.write(" + a + "@" + b + ");
document.write("</a>");
//-->
</script>

If you like an alternative for the clientscript-disabled, add:

<NOSCRIPT>
simplebart at antispam dot org
</NOSCRIPT>

This is all it takes to fool a robot collecting mailaddresses.
Basically what is done is to break up the syntax of the mail, even inserting illegal chars like the " - no mailaddress may use that due to the protocol.
The address is then discarded as not valid, or it won't see it as an emal at all.

I used this for a site we built, to protect the users from the spam-evil.
But feeling uneasy about the emailaddresses still being dispalyed, or at least the parts, I started to search the js-script sites for a better alternative, and found a function that provides better protection.
Then I wrote a php-function to make it work with the server-side, so that it can be used on emails from databases.

The basics:
It is a php-function, taking three alternatives: mailaddress, link text and any args you would put in the link.
The funtion then prints out a javascript, and upon load the client takes over, and decodes the values to html.

The script-enabled sees a mailto-link, the non-enabled (including the robots) sees the "encrypted" version. The word encryption is in caps because it is very weak - just the address written as ascii-values, with an offset to the length of the mailaddress.
This task is performed by the server by php and means more load, and since the purpose just is to obfuscate the address a bit, I left it simple ;-)


## noSpam php-function - returns js with email and noscript-tag ##
## If you put the emailaddress as link text, it will be displayed as is! ##
## Leave it open if you want to have the address as link text ##
function noSpam($email, $mtext, $attr) {
$mparts = explode("@", $email);
$dom = explode(".", $mparts[1]);
$thiscode = "";
$AddrEncoded = "";
$L = strlen($email);
for ($x=0; $x < $L; $x++) {
$thiscode = ord(substr($email, $x, 1)) + $L;
$AddrEncoded .= $thiscode;
if ($x < ($L - 1)) $AddrEncoded .= "|";
}
$str = "<script>noSpam('".$AddrEncoded."'";
if ($mtext != "" || $attr != "") $str .= ", '".$mtext."'";
if ($attr != "") $str .= ", '".$attr."'";
$str .= ")</script>\n<NOSCRIPT>$mparts[0] at $dom[0] dot $dom[1]</NOSCRIPT>";
return $str;
}

## Called with ##
## No args ##
$dMail = noSpam($customermail, "", "");
## Linktext ##
$dMail = noSpam($customermail, "Send mail to $cust_username", "");
## With linktext and args ##
$dMail = noSpam($customermail, "Send mail to $cust_username", "class=\"mailtolink\"");
## Code in args must be backslashed ##

## Javascript needed in header ##
<SCRIPT language="JavaScript">
<!--
function noSpam(codelist, description, atagattr) {
var thiscode, thischar;
var CodeString = new String(codelist);
var CodedArray = CodeString.split('|');
var L = CodedArray.length;
var AddrDecoded = "";
for (var x=0; x < L; x++) {
thiscode = CodedArray[x];
thischar = String.fromCharCode( thiscode - L );
AddrDecoded += thischar;
}
atagattr = atagattr ? ' ' + atagattr : '';
if (!description) description = AddrDecoded; // if no description supplied, display email address
var strOutput = '<a href="mailto:'+AddrDecoded+'"' + atagattr+'>' + description + '</a>';
document.write(strOutput);
}
//-->
</SCRIPT>


If you don't use any link-text, leave the field open. If you put the emailaddress as link text, it will be displayed as is!

What the js-code would look like in the source:

Address only:
noSpam('136|131|118|118|121|130|84|135|138|125|130|121|135|137|130|120|66|131|134|123');
Address and link text:
noSpam('136|131|118|118|121|130|84|135|138|125|130|121|135|137|130|120|66|131|134|123', 'Send mail to Simplebart!');
Address, linktext and args:
noSpam('136|131|118|118|121|130|84|135|138|125|130|121|135|137|130|120|66|131|134|123', 'Send mail to Simplebart!', 'class=\"mailtolink\"');


And of course the noscript message.

All in all an easy way of protecting emails displayed on the web.
The routine shouldn't be too hard to write into existing scripts, just make the noSpam php-function available, and include the js in the head.

My little personal strike in the spam-battle *oink*

knutm :-)

* humans are always involved, but leave the boring stuff to be done by computers

Erm.. if you just have ONE email to protect, go here:

http://www.kenric.com/AntiSpambotMailto.html

And the script is used here:
http://www.redesign.no/index.php?cat=3&art=0&doCliniclist=sort_zhecounty&sort_bycounty=Oslo
(NB! Norwegian...)

knutm :-)

Better for emailaddresses with multiple dots after the @ ? :p

function noSpam($email, $mtext, $attr) {
$mparts = explode("@", $email);
$dom = explode(".", $mparts[1]);
if(sizeof($dom) > 2) {
for($i=0;$i<sizeof($dom);$i++) {
$dstr .= $dom[$i] . " dot ";
}
$dstr = substr(0, -5, $dtsr);
} else {
$dstr = $dom[0] ." dot " .$dom[1]
}
$thiscode = "";
$AddrEncoded = "";
$L = strlen($email);
for ($x=0; $x < $L; $x++) {
$thiscode = ord(substr($email, $x, 1)) + $L;
$AddrEncoded .= $thiscode;
if ($x < ($L - 1)) $AddrEncoded .= "|";
}
$str = "<script>noSpam('".$AddrEncoded."'";
if ($mtext != "" || $attr != "") $str .= ", '".$mtext."'";
if ($attr != "") $str .= ", '".$attr."'";
$str .= ")</script>\n<NOSCRIPT>$mparts[0] at $dstr</NOSCRIPT>";
return $str;
}


knutm :-)