TELECOM Digest OnLine - Sorted: Re: Trial Shows How Spammers Operate


Re: Trial Shows How Spammers Operate


Dan Lanciani (ddl@danlan.com)
Wed, 17 Nov 2004 03:12:34 EST

jdj@now.here (jdj) wrote:

> There is a stressed out twisted-knickers type on slashdot "suggesting"
> that spam be responded to, including spam sent to bad addresses, to cost
> spammers money.

> It's been suggested before and was instantly squelched without
> comment, except to accuse the poster of being a troll.

Interesting. I didn't realize that this was considered a bad thing.
My filters respond to every (seemingly) spam message with a note
indicating how to bypass the filter if in fact the mail is not spam.
(Actually they do this only once per sender per some months, but you
get the idea.) I really can't just dump (seeming) spam in the bucket
since there are a few false positives. But I get 1500+ spams per day
and I can't look at them all.

> Seems that spam service providers charge fees for everything, from
> using their address database to send spam to charging for each hit on
> the website they provide to their spamming clientele as well as
> getting a cut of each sale.

> It seems to follow that at least some spammers can be bankrupted if
> every single item from them were to get several responses in return.

> It's almost like sending back empty business-reply envelopes that come
> with annoying snailmail ads.

> There is an added benefit if spam to bad addresses were responded to:
> the bad addresses are confirmed valid and permanently taint the
> databases, which get sold around and the fun starts all over again.

Because of the way my filters are integrated into sendmail they
generate responses for spam sent to bad addresses. I always
considered this a bug (though at least I fixed it to send only one
response to envelopes with multiple bad to: addresses :) but I'm glad
to hear it may do some good. I've noticed lately that spammers will
make many simultaneous connections to my mail server and run through
huge lists of bogus recipients. This was overwhelming my system until
I added a semaphore for spamassassin use and queued most of the
responses. Do they think I'm an ISP or such?

> Should not be too difficult to set up a procmail script for servers to
> send a few http requests to a spammer's website instead of bouncing
> mail with bad addresses.

Hmm. Maybe just send a SYN to each http:// address that can be
extracted from the mail. Though I guess that might not count against
the correct spammer if they are sharing IP addresses.

Dan Lanciani
ddl@danlan.*com

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Tony P.: "Re: SBC to Announce VoIP Tests"
Go to Previous message: Lisa Hancock: "Smart ID Cards Track Students"
May be in reply to: Monty Solomon: "Trial Shows How Spammers Operate"
Next in thread: jdj: "Re: Trial Shows How Spammers Operate"
TELECOM Digest: Home Page