Category Archives: Spam

Let’s spam spambots

Posted by Patrick Vande Walle on 31 July 2005 None comments

Many spammers use bots to read e-mail addresses from web sites. They usually identify the “mailto:” tags in HTML code. Over the years, some have suggested to replace these tags with litteral strings, use javascript to hide addresses, etc. This may all work to a point.

However, we should not forget that spammers are in the business because they want to make money. A database filled with good e-mail addrresses is worth a lot of money. On the contrary, a database filled with trash e-mail addresses is worth nothing. Based on this assumption, Nathan W. Lindstrom developed Spam-X . This Perl script will create a web page full of useless e-mail addresses generated using random strings.

I am not convinced it will work but I will give it a try. Ours is at http://patrick.vande-walle.eu/scripts/mail.pl. As you guessed it, the main reason for this article is to be catched by spambots. If I can help in spreading an anti-spammer tool, I am always glad.

Microsoft pushes Sender-ID

Posted by Patrick Vande Walle on 24 June 2005 None comments

Seems like Microsoft wishes to once again push forward its proprietary technologies.From next November its Hotmail and MSN e-mail services will start to tag messages with no Sender-ID as spam.

Sender-ID was proposed to the IETF Marid working group last year by Microsoft. However, the working group refused it because it is covered by a patent. MS was willing to give free access (for how long ?) to its technology to others but the open source community said they was no way they could incorporate this into open source software implementations. As a result, the Marid group disbanded with no agreement.

The Internet is based on open standards. Sender-ID is not. So, from next November, I intend to refuse all mail coming from Hotmail.* and MSN.* and suggest the poor owners of these e-mail addresses to go look elsewhere. After all, there are enough free services available, from Yahoo, Gmail and many others.

Update: it seems the IESG has approved Sender-ID on 24th June. It is not yet clear how the patent issue will be handled.

Spam and what can be done about it

Posted by Patrick Vande Walle on 18 June 2005 None comments

At WGIG this week, the ambassador of Syria made the observation that “There is no serious intention to stop this spam by those who are the transporters of the spam, because they benefit. The communication operators lose nothing in spreading this spam.
Developing countries, instead of benefitting from the internet, what they’re getting is spam, and has to pay for that spam.
And quite a lot of money.”

I could not agree more. My server statistics tell me that 70% of the mail we get is spam. Up to now, we have been using a combination of DNS blacklists and SpamAssassin. This works pretty well.
However, managing spam is stealing a lot of CPU resources.

So, since spammers are thiefs stealing bandwidth, CPU, memory, disk space and human time, it is more than legitimate to attack spammers the same way they attack us. This program called Spamcannibal does just that. It will query the DNS blacklists and if the remote server is a known spam operation will close TCP port 25 for that host on your firewall.

One of these days, responsible network operators will have to link their edge routers to these DNS blacklists. By dropping all packets from spammers on port 25, these pirates would have no connectivity. This would make the whole spam business useless. Well of course customers would suddenly notice that their bandwidth consumption would decrease by 20% and might be inclined to ask for a rebate from their ISP. Spammers would not be able to find a hosting company anymore. Operators would lose sales. So, the Syrian ambassador is right. Spam does benefit to network operators.