Category Archives: Spam

IGF meeting blacklisted

Posted by Patrick Vande Walle on 17 September 2008 5 comments
Share

I just got an e-mail from someone currently attending the IGF meeting in Geneva . The e-mail ended up in my spam folder because the IP address used for the WLAN at the meeting is on a spambot/virusbot blacklist, namely cbl.abuseat.org. Apparently some guy there has his computer infected by a spambot or a virusbot. Because the local host uses a NAT, all the computers share the same public IP address. This means that all the attendees to the meeting risk seeing their e-mails blacklisted somewhere.

Funny this comes from the very people who would like to set up strategies to fight cybercrime …

Lesson to be learned:

One: NATs are a nuisance. They are responsible for collateral damage.

Two: In a hostile networking environment, never ever trust the local network and fire up your ssh or IPsec tunnel to a machine you can trust.

Three: give us IPv6 as soon as possible to get rid of NATs

Missing Firefox, badly

Posted by Patrick Vande Walle on 17 May 2008 None comments
Share

I recently switched to a new position in my day job. I moved to another campus and office, where I found on my desk a computer with the default standard configuration. The default browser in this configuration is Internet Explorer 6.

I am still in a state of shock. Over the last four years in my previous position, I had been using Firefox as my main browser, mostly because of AdblockPlus, a remarkably efficient advertisement blocker.

With IE6, I have rediscovered how advertising on web sites can be distracting and invading. Suddenly, the pop-up windows, Flash animations and other nasties are there again. Unlike a paper magazine, when you only need to turn the page to ignore them, advertisements on web sites really prevent you to work until you close the pop-up window, stop the animation, turn off the volume, etc.

I guess one could say that Wladimir Palant, the developer of Adblock Plus, is one of the greatest benefactors to computer productivity over the last few years. Thanks, mate. Great job. I am forever grateful.

Greylisting and IPv6

Posted by Patrick Vande Walle on 15 April 2008 None comments
Share

Greylisting is a technology deployed on mail servers that has proved to be effective against spam. I use it here. However, I have yet to find a greylisting daemon for Postfix that works well with IPv6. This morning again, a message from an IPv6 SMTP host came in and the greylisting daemon did not know what to do, until I white listed the host in question.

I have tried both SQLGrey and Policyd. They work, to a degree, but are not yet as smart as they are on the IPv4 side.

Typically, it should automatically white list entire /64s for IPv6, just like it white lists /24s on IPv4. If they support either PostgreSQL or MySQL, it is even better.

Any suggestions welcome.

A collection of spam-fighting techniques

Posted by Patrick Vande Walle on 20 January 2006 None comments
Share

I added a page to this blog, detailing some of the tricks I use to keep spam at a minimum level. The first part talks about Sendmail tricks I found here and there on maling lists and web sites. I take this opportunity to thank the authors.

It seems to me it is more efficient to fight spam at the SMTP session level. This saves CPU cycles, bandwidth and disk space. Spam filtering at a later stage, typically at the delivery agent or at the mail reader is less efficient. From the spammer’s point of view, if the message got past your SMTP gateway, then there is a chance that someone will read it.

I will add and/or detail these tricks in the coming weeks.

Until we have ISPs really commited to eliminate spammers from their network, either on their own initiative or being forced to by governments, the best thing we can do is to frustate the spammers as much as possible so as to make their business unprofitable.

Spam and Internet Governance Forum

Posted by Patrick Vande Walle on 12 January 2006 None comments
Share

I have often argued both on this blog and in live discussions that spam is a non-issue, which could be addressed by the ISP industry if it really wanted to. All the tools are there. A free software like SpamCannibal could do the job for low traffic operations. For ISPs, they could link their routers to DNS backlists and drop packets on port 25 from rogue ISP IP addresses or AS’es. Once the legitimate customer of ISP X will start complaining that their e-mail are being rejected on a massive scale and threaten to switch providers, be sure that ISP X will effectively stop hosting spam operations.

Only the political/economical willingness is missing. Right now, ISPs are just making lots of $$$ out of spam. That’s selling bandwidth after all. This is what you get when an industry focuses on short term profits rather than societal/ethical behaviour. Or customers could begin to sue their connectivity provider and ask for compensation for damage. After all, spam is costing billions of dollars each year to individuals and companies, in terms of lost time and resources. Saying that the carrier is neutral and is not responsible for carrying spam is unresponsible.
If the industry does not want to auto-regulate itself and really enforce its AUPs, one day or another governemnts will have to threaten them with fines is they continue to carry spammers on their network. So, spam issues, in the WSIS context, is just a smoke screen to divert us from real issues, ie unilateral political control on key Internet resources. But spam is a popular subject, as everyone is facing it. It makes good headlines in the popular press.