i can't figure out just where i should ask this question, so i'll give it a shot here...

i'm trying to minimize spam and i have a number of email accounts i'm going to delete from my server...

is it better to have emails that go to non-existing email accounts be returned to sender (the spammer) or just go to a blackhole where they simply disappear?

any ideas?

thanks...v

I've had the same sort of problem over the last 6 months or so. The company that I work for gets one hell of a lot of spam.

We have anti-spam software that gives us the choice of whether to send a Non-Delivery Report (NDR) or not, although we still keep a copy of the email (useful because not every anti-spam software is perfect). However, I had to switch off the NDR-sending function because a lot of the spam came from fake addresses and so the outgoing queue was becoming incredibly full and nothing was going out.

IMO, don't bother with NDRs. They just use up valuable resources.

I'd say don't send, however, keep copies of the emails and then whenever you have nothing better to do have a flick through some of them, pull out the ip's of ones which are definately spam and contact the isp. If an isp gets enough complaints about a spammer they will generally ban them. It's a tiresome job, I know, but if we, the public, don't stand up to the spam, who will?
Bubble

Originally posted by piersk
However, I had to switch off the NDR-sending function because a lot of the spam came from fake addresses and so the outgoing queue was becoming incredibly full and nothing was going out.


lol. I know that feeling. My mail server went down a few months ago because the maillogs were eating up the space. It was a 1 gig /var partition, so I ended up moving it to a 5 gig. :(

vaska, if you're sure everyone has your new addresses, don't worry about it. I'm sure the old ones are still being sold and they aren't going to take them out of the loop because of an NDR.

I have an account that I haven't used since 2000, and it's the biggest source of bounces on my machine.

thanks for the thoughts...

yep, i'm just having the stuff go to the blackhole instead of a return to sender type thing...

i thought maybe by returning things those email addresses might be taken off some spam list but realistically that's a pipe dream...

i've noticed very recently that spammers are breaking through both spamassassin and http://www.knowspam.com (or is it org?)...which isn't a good thing...

:)

for the love of the net, don't send a reply to spam.

our sysadmin here got flooded with thousands of replies because a spammer used his email address as the reply to address. replying to each spam actually causes more useless packets flying around out there and hurts everyone so just don't reply. please.

- keith

What a pity tarpits are becoming illegal in the U.S...

I keep coming back to this spam-issue :p
Tar pits sounds like a good idea..

I've been thinking about how the spammers get their addresses, and how to prevent them from getting hold of real, valid emails.
Posted some on it here a month ago or something, on how to protect the mails on webpages.

As it seem, there are several methods in use:

1. Good ole webcrawling.
Wicked robots traverse the net collecting addresses by identifying syntax, then (maybe) "washing" it for validation.
The idea is based on bulk, and the syntax-checking must be simple - that is, if you screw up the syntax, the address will be discarded as a flunkie.
One must presume that measures as robots.txt and other NOINDEX-statements is set to be overrided by these robots. These measures are recommendations anyway, not prohibitions.

2. Domain spamming.
Find a domain, generate a few million combinations of letters (based on common nicknames from lists?), then "bruteforce" by sending all. Possibly there is some sort of validation based on wether or not the mail returns a daemon?
Anyway, who cares if two million mail flunks if 50 arrive?
It's all about computing power, and the "costs" are low.

3. Public ****lists.
Oh yes, they exist ;-)
I once reported a norw. guy posting child-porn at usenet, to abuse @ his provider. Stupid me felt that I should somehow inform him about this, and sent a copy to his emailaddress.
One week later the spamflow increased by 1500% ...
Wether or not it is a public ****list: one must presume that there's some lists circulating among the spammers, lists worth gold because they contain checked, valid addresses.

4. Usenet.
Usenet was the origination of spam, and the spamflow, virus-spread and of course the long and grueling flame-wars has made usenet useless IMHO.
Especially the erm.. binary-groups are bad.
Anyway, posting to usenet requires a fake mailaddress in the user agent. NO_SPAM-statements and other obfuscation doesn't work, because of the protocol, which specifies fields like X-sender, From, Return-Path and so on. Actually there's no limit to what data the spammers may glean from posts, because each message has a full header containing loads of "personal" data.

What to do about it?
Well, one thing is legislation, but there's no real political will to do anything - especially in the US, where 90% of the spam originates.
One wonders if the emails of US senators and government are removed from the spammers lists, so they don't see it as a problem? :p

I've started thinking about striking back at these ****bags (the spammers - not the US. govt ;) ), and provide some info on how to protect the address on the web.
Basically it all comes down to information: to fool the current generation of robots isn't difficult, just disturb the syntax, and they'll be off to somewhere else.

Here's one method:
http://www.boomdesign.no/files/zip/nospam_php_js_v1.zip

That's all about protection, but is there other ways to disturb their routine? Well, have a look at all my friends emails:
http://home.no.net/dorian/emails.php

This script generates 500 fake emails on load, designed to give them robots some fodder, heehheeh. I've put it in the root folder of all our domains.
Q: is this gonna help?
A: Haven't got a clue

It was fun to make, though. And just the picture of the little robots yelping happily over finding such an goldmine, then feeling snubbed when they all flunks on sending, well... :D
Here it is for dld, anyway:
http://www.boomdesign.no/files/zip/email_faker.zip

Possibly this is gonna increase the spam-traffic on the net even further, and is a bad thing.

Opinions?

knutm :-)

While writing the above I received 5 spam emails...

knutm ;-)

what's a tar pit? i did a google for it and didn't really come up with much...

about creating a page with fake email addresses...what's the point? as was previously stated, creating more packets of useless stuff is just going to make things worse...

i was kind of naive to think that if i sent info back to spammers i would get off the list...but that really doesn't make sense...

i fear everything windows...all the viruses that can self-install and such is crazy...how can people live with that...why is there not a class action suit of the biggest magnitude directed and m$ for this issue?

v

ps: i know...the outcome of any class action suit would be eaten up by attorneys and everybody would get one free upgrade to longhorn...yipppeee...

As in tar pit (http://www.engineering.ucsb.edu/~rcmyers/myweb3/lebrea%20tar%20pit.jpg). It's not some software term.

D'OH.

I just got hit with a bounceback from Verio's mail servers. Apparently someone is sending viagra spam using my work email address. Verio's spam filters marked it as spam and returned it to ME.

- keith

Ahhh, so you're the one!!

Seek 'im boys!!

crimony...weedpacket got me on that one...now i get it...

duhhh...v

Originally posted by piersk
As in tar pit (http://www.engineering.ucsb.edu/~rcmyers/myweb3/lebrea%20tar%20pit.jpg). It's not some software term. Oh, but it is (http://labrea.sourceforge.net/).
(edit: realised it's usually German: teergrube (http://catb.org/~esr/jargon/html/T/teergrube.html)).

I do apologise mi amigo. That looks pretty cool! hmm....