dslreports logo
site
spacer

spacer
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


view:
topics flat nest 
Comments on news posted 2002-02-17 01:13:38: A while ago, as an experiment, we buried a link in these web pages that would generate a unique email address on a blank page when visited. ..

page: 1 · 2 · next

nklb
Premium
join:2000-11-17
Ann Arbor, MI
kudos:2

Cool test

I should run something similar from my site. I get more probes from bots than from real people.

nklb
Premium
join:2000-11-17
Ann Arbor, MI
kudos:2

Re: Cool test

2001-12-15 01:21:45 Animals Like You Have Never Seen....... 12870

2001-12-15 14:06:42 Animals Like You Have Never Seen..... 31502

2001-11-25 11:16:25 5648 Would you like 822to lose weight while you sleep? 670617

2001-12-03 09:35:19 7368 Would you like to lose weight while you sleep? 3992134

Interesting, are they keeping tabs on the number of emails they send out?

inGearX
3.1415 9265

join:2000-06-11
New York

HOW!!! my hotmail.com mail was taken!!!

I opened a fresh new hotmail account and was extremely careful with it. Only a few of my friends had that e-mail address. And I never used it to register anywhere...

And then a few weeks afterwards I began receiving SPAM!!!

How could that be!? It might very well that someone working at hotmal.com sneaked it out!?

Thanks for helping...

nklb
Premium
join:2000-11-17
Ann Arbor, MI
kudos:2

Re: HOW!!! my hotmail.com mail was taken!!!

yeah, there are so many hotmail accounts that people (spammers) run programs that spam every hotmail account (a-z, aa-zz, aaa-zzz, etc...)

This could be an interesting test. create a 3-letter hotmail account and a 7 letter account. see how long it takes each to get spam.

zzaab1

@sympatico.ca

Re: HOW!!! my hotmail.com mail was taken!!!

I have a 14 character login at Hotmail that has never been spammed. The ones that are less that 7 characters have all received spam. I would attribute this to a sqequential attack as was described earlier.

nekote

join:2000-12-16
Hopkinton, MA

Alternative SPAM trap

FWIW:
An alternative method, *** IF ***, you own your own domain name that has email.

Provide a unique "name" (to each and every?) contact you provide an email name. Say, amazon@mydomain.com, dslreports@mydomain.com, cnn@mydomain.com, yahoo@mydomain.com ...

Then, if email arrives from other than the original contact, you will know where the leak was.
--
Democracy is the worst form of government, except for all other forms of government. - Winston Churchill

Copzilla$
Mmm... Donuts

join:2000-10-10
Friendswood, TX

Re: Alternative SPAM trap

I do this too. I currently have about 25 email addresses killed because of all the ass40L3 companies that sold the addresses. This would include nfl.com, mlb.com, many more. I do it exactly like you say.

The spam tips off who sold it, at which time I begin forwarding that entire email address to the CEO of the company that sold it, or the support email address.
--
"Free your mind and your behind will follow" - The iBrotha

nekote

join:2000-12-16
Hopkinton, MA

Re: Alternative SPAM trap

Ahh, forwarding it to the CEO.

Now That's Cool!

OTOH, "an eye for an eye and pretty soon the whole world will be blind" - an email for an email ... now where's that gonna' lead? ;(
--
Democracy is the worst form of government, except for all other forms of government. - Winston Churchill
gotacap

join:2001-12-22
Arlington, TX
I use this method too, every time I need to fill out an e-mail address I make up one on the spot, but I take it a step further, for my personal friends I also group my e-mail messages telling different groups of my personal friends and family different addresses as well, this way if I even get spammed at one of these for some unknown reason (like if one of them fw's me a message along with dozens of other people, I HATE it when that happens) I just kill that address too and only have to tell a few friends a new address. It's a great way to keep the spam down.

In response to the replies, hmm, I never thought about fwing it back to the company that sold my e-mail address, how clever.

Joe Z

@bbnow.net

Re: Cool test

Outlook/Exchange purportedly will send the subject of the email when you click on a link within the email, so perhaps this is a way of tying a click-through to an email address.
kitsune

join:2001-11-26
Sacramento, CA
one thing I did that kept me from getting spam for years was to begin my email account with a _. I opened it about 6 years ago and didn't start getting spam until about a year ago and I think that was my fault.. I accidentally used it to register somewhere without thinking about it... most email providers won't allow you to use that as a beginning character so they don't usually catch those ones.

Lyc360

join:2001-09-23
Davidsonville, MD
great idea.

AS an old timer, I used variations on my name for magazine subscriptions in the past to track this sort of thing. Now it's email addresses. Plus c'a change, plus c'a meme chose, as they say.
--
It's an engine, and it's loud.

sonofjay
Mission Accomplished - Bush May 1, 2003
Premium,MVM
join:2001-05-14
Malden, MA
kudos:1

I don't like Spam!

I wish there was some kind of enforcement to stop these a**holes. Sadly the only way it will ever happen is if they are forced to do it through legislation.

Nice experiment by the way!
[text was edited by author 2002-02-17 01:32:37]

dnoyeB
Ferrous Phallus

join:2000-10-09
Southfield, MI
kudos:1
Reviews:
·Comcast

Here's an idea

Close down open mail relays.

Thats a simple job. Just make the people with the open mail relay's responsible for anything which comes out of their relay, and I guarantee it will close. And if they dont take responsibility, close them to your network.

Is there a way I can set my main program to reject mail from a specific relay with a reply letter?

rchandra
Stargate Universe fan
Premium
join:2000-11-09
14225-2105

Re: Here's an idea

Maybe. That all depends on what you're talking about when you say "my main program."

The task you're talking about is exceptionally easy (comparatively) with Sendmail::Milter and Sendmail for instance, if you know Perl.
--
English is a difficult enough language to interpret correctly when its rules are followed, let alone when a writer doesn't follow those rules.

raw
War Eagle
Premium
join:2001-01-17
Madison, AL

Re: I don't like Spam!

downloadspam5.zip 24,060 bytes
(spam5.wav)
I don't like spam either.

sonofjay
Mission Accomplished - Bush May 1, 2003
Premium,MVM
join:2001-05-14
Malden, MA
kudos:1

Re: I don't like Spam!

What about Spam with Spam?

bigunk
Gort, Klattu Birada Nikto

join:2001-02-10
USA

Re: I don't like Spam!

I'd prefer spam spam spam spam spam baked beans spam spam and spam!!

sonofjay
Mission Accomplished - Bush May 1, 2003
Premium,MVM
join:2001-05-14
Malden, MA
kudos:1

Re: I don't like Spam!

LOL

fhole
The Devil's Hands Are Idle Playthings
Premium
join:2001-09-18
Clover, SC

Re: I don't like Spam!

Vikings like spam!

Ben Cisco
Embrace Intellect
Premium
join:2001-12-13
Wormhole
I hate them too, and think they should be branded with a giant "L" on the forehead and buttocks...

I make use of both Spamcop and Spamkiller, but the point is this: WE should not have to go through all this to keep the garbage out of our inboxes. Some of the porn stuff is the worst; some are actually including GRAPHIC images that show up in the preview pane, and could make for a most uncomfortable situation when the mail program is run with others in the room. I've taken more irate calls from spouses over this than I care to count. And I won't even get into the ones that promote ILLEGAL content.

Yes, they should be hunted down and shot on sight. But looking to the government for a solution is most likely a lost cause; these people will come up with enough $$ to either kill any meaningful legislation or neuter it just enough to make it useless. Damn them all!!!!
--
The avalanche has already started. It is too late for the pebbles to vote.

JustMe-

@mindspring.com
Encourage your ISP to block mail originating from open relays. Some, including Earthlink, already do. Report any that you find to your ISP to be added to that block list.

Also, if you only receive legitimate email from a set list of people, you can setup your email program to filter out anything that comes in from someone not on that list. It doesnt prevent it from getting sent to you, but it does make it easier to not have to look at.

GrandFunkRR$
Guitar Player Music Maker
Premium
join:2001-04-21
FunkU2
Spam sucks!! IMHO it's borderline harrassment. Shut em' down!!!!!!

azwoodman

join:2001-02-04
Gilbert, AZ

burn spamers burn

being on the net for over 6 years I never got spam......until now.
looks like earthlink sold everyones email names/addresses. I get 2-5 junk mails a day now and they are cc'ed to everyone with an "az***"@earthlink.net mail address. I'm sure everyone using earthlink is getting the same sh&%. I would complain but they sold me for money and I don't think they would care.
Too bad we can't sue. If you get faxed spam you can.
woody

felix4067

join:2000-10-11
Comstock Park, MI

Re: burn spamers burn

I don't think earthlink sold us...at least I don't get any more spam in my earthlink account than any other one. You must have just gotten on a list somehow. Here in Michigan they're about to pass (or did pass, I've been busy lately and haven't kept track) a law so we CAN sue for spam. It goes through the state Attorney General's office.
--
Errors have been made. Others will be blamed.
W5JGV

join:2001-02-03
Natchitoches, LA
Reviews:
·WildBlue

You had it easy!

You mean that's ALL the spam you got?!?!?? I wish I were so lucky! By actual count, since February 9, to date, I have logged 362 spam emails. That's an average of 45.6 per day! No doubt there are others who are doing even worse than I. In that total I have not counted any messages which came from any business with whom I ever had any sort of legitimate contact at all. And I haven't even counted the trash that gets bounced from my web server for non-existent users or those who have not been users for 5 years or more. Sheesh! What a stinking mess. Sadly, I feel that either legislation or execution will be required to eliminate this horrible waste of resources.

justin
..needs sleep
Australian
join:1999-05-28
kudos:15

Re: You had it easy!

oh no.. its just the spam that *one* of the randomly generated bait emails got - multiply this by 10 for the spam that all of them received ..

Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18

Too bad they did forge this guy's domain. :-)

Spammer's are scum and should be tarred and feathered in public.

This is an older Spam story, but a lot of you might find it an interesting read.

Behind Enemy Lines
A Spammer's Luck Runs Out When
She Forges The Wrong Domain

»belps.freewebsites.com/index.html

Regards,

Doctor Olds
--
Join SETI Team Starfire Now! Clarke's First Law: "Any sufficiently advanced technology is indistinguishable from magic."

mntlcase$
Premium
join:2000-07-06
Greensboro, NC

Re: Too bad they did forge this guy's domain. :-)

Incredibly AWESOME read Dr Olds!

juicelee
Premium
join:2000-12-04
Hacienda Heights, CA
Is that site for real?
If so, those private pics are a laugh riot

Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18

Re: Too bad they did forge this guy's domain. :-)

The site has been up for a long time and there have been several attempts to take it down and take it's mirrors down, too. It appears to be 100% legit. I found it years ago when I used to follow the net abuse newsgroups on Usenet.

Regards,

Doctor Olds
--
Join SETI Team Starfire Now! Clarke's First Law: "Any sufficiently advanced technology is indistinguishable from magic."
timt8

join:2001-05-20
Racine, WI
i really enjoyed that "behind enemy lines":).

to bad they can't take those kind of people and sentence them to life in front of a firing squad

rtcpenguin
Premium
join:2001-01-21
Fairfax, VA

Re: Too bad they did forge this guy's domain. :-)

very funny

sonofjay
Mission Accomplished - Bush May 1, 2003
Premium,MVM
join:2001-05-14
Malden, MA
kudos:1
Excellent reading there Doctor thanks for the post!

rklein
God Among Hogs

join:2001-01-18
Worcester, MA
What gets me is that this anti-spam website subjects you to WebSpam; pop-under ads.

Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18

Re: Too bad they did forge this guy's domain. :-)

Actually it's Freewebsites doing that and not the pages author (It's not a true anti-spam site, it's just a record of what one person did to a filthy spammer). I'm surprised it's still up for as long as it has been up. Don't get me wrong, but I hate those pop up and pop under windows as much as you might, but if you turn off Javascript they never open. Or use a pop up/under stopper. Practice Safe-Web. Right?

Regards,

Doctor Olds
--
Join SETI Team Starfire Now! Clarke's First Law: "Any sufficiently advanced technology is indistinguishable from magic."

[text was edited by author 2002-02-17 15:27:28]
BrickWeston

join:2001-02-20
Palisades Park, NJ
I think Rodona Garst would be considered "owned" by her fellow spammer bitchmates. Getting someones Social Security # and letting them know you have it will always send a well deserved chill up a pain in the a$$es spine, but posting it on the internet and its still up for 2 years?? What is this Rodona lady clueless? Seems so. Unless that webserver has no TOS. Man I really enjoyed the 2 hours I spent glossing over that website. There is nothing more satisfying than seeing that woman have her life made public. I bet she just cringes when she sees those love letters at the end. LOL

CitizenX9

join:2002-01-09
Longview, TX

Don't forget..

Legislation is being worked on to that requires people to use their REAL e-mail addresses. This may put services like hotmail out of service but oh well. If it rids the net of spammers, so be it. I have 8 e-mail accounts with my cable service and only use 2 for signing up for shit and 1 for REAL e-mail to friends ect and make sure NOBODY else gets it.

•••••••••

kcazzie
One Of Jerry's Kids
Premium
join:2000-08-13
Morton Grove, IL

Spam....

I have had the same web E addy for almost 6 years and it's got to the point that I miss important E's,,,I can't tell how many I may get...But way Too much...Actually, my problem...But nothing I can do...Actually, if I could have started again, I would never give out my e addy,,,If you want to un install they they know you have a real E addy...:(...Can't WIN
[text was edited by author 2002-02-17 03:09:20]

Starfish
Per Ardua Ad Astra
ExMod 2002-04
join:2000-12-28
Netherlands

Maybe interesting for you..

Is something I made a little while ago; it's my attempt at Spam-Proof Email Linking:

»Share code

Hope this can help some of you who have websites with a e-mailaddy on it

Mind you, I'm not saying it's perfect
--
~ Go ahead...make my day! ~

quientus
So Red Shoes
Premium
join:2000-08-11
San Jose, CA

Re: Maybe interesting for you..


in the source code it plainly states your email addy.. so bad for you dslr.com!

all a robot does it scan the html, am i right?

[text was edited by author 2002-02-17 08:54:02]

Starfish
Per Ardua Ad Astra
ExMod 2002-04
join:2000-12-28
Netherlands

Re: Maybe interesting for you..

said by user5412:

in the source code it plainly states your email addy.. so bad for you dslr.com!

all a robot does it scan the html, am i right?


The question is:

Are the current robots smart enough to paste Javascript variables??

Else you have 3 solutions:

1 - Break up your addy in more pieces by using more variables in that code

2 - Don't make anything clickable and show you mail in an image only

3 - Don't mention your addy at all..

EDIT: I see my mail addy is also in the <img> tag

Of course this can be easily altered in your own version!!

--
~ Go ahead...make my day! ~

[text was edited by author 2002-02-17 09:03:06]

quientus
So Red Shoes
Premium
join:2000-08-11
San Jose, CA

2002-01-09 14:16:05 Boost Your Windows Reliability

lol!!!!!!!

i want that.

•••••••
Recluse

join:2001-10-30
Randolph, NJ

The case of the Irate Spammer

When I maintained a personal web page, I had a full page of Spammer email addresses (including the addresses of the FTC, FBI etc..) as bait for spam bots so the spammers would be spammed (this was before the WIDESPREAD use of hijacked and falsified addresses) as well as blindly spamming law enforcement.

I got this list from a .sig that I found in a USENET posting, and had added some of the worse spammers to hit my mailbox.

One day, I get an IRATE email from one of the addresses on the list threatening me with legal action because of all the spam they got as a result of my posting their address. They vehemently denied they were spammers. I believe that I had indeed received spam from that address.

In the interests of harmony, I replied that I was SO SORRY, and would remove their address from my page. I also sent them the DejaNews link containing literally THOUSANDS of USENET messages which had also appropriated the Spammer blacklist as well as a short AltaVista search showing literally HUNDREDS of web pages that had posted the list in some form or other (including their address). LOL! I felt flattered to be singled out..

Recluse (user of SPAMCOP now!)

Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX

Re: The case of the Irate Spammer

I believe this is similar to the story of Bernard
Shifman, a Chicago computer consultant who
spammed his resume across the web and to an address
belonging to anti spam activist Neil Schwartzman. When
Neil reported this to his ISP, Bernie responded by
sending nasty replies and threatening legal action. He
committed barratry (inciting a lawsuit without following
up on it), and ruined any possible chance of him getting
a job in the IT industry. The full story of this is
evolving as Bernie is still at it - the page Neil put up
is here: »www.petemoss.com/spamflames/Shif···mer.html
BTW, this was first reported by someone here in the
Watercooler about 2 months ago. The story has taken on
a life of its own.
--
"The trouble with computers, of course, is that they're
very sophisticated idiots." -
Doctor Who
rfrenchu

join:2001-11-06
Carson City, NV

A More Proactive Approach

A while back I had two phone lines, and replied to spams, giving spammers my second phone line number. I let the computer answer the phone. Of course, you may or may not be dealing with the spammer himself, but you are dealing with the end user of the information. If enough people poisoned the well like this, they wouldn't be so keen to use spam as a way to harvest names.

Naturally, this is never gonna happen, so you can do it just for fun.

»www.geocities.com/drjosemariachi···unt.html

Techie2000
In Vertigo
Premium
join:2001-12-05

Cool!

That was a neat test. I think you should prosecute if Cox.net stops being an idiot. New idea for AOL You've got mail voice: You've got new spam!
--
My Website|Gamer's eNigma

nil
Java Geek
join:2000-11-27
kudos:2

Open relays

To minimize spam, you can subscribe to an open relay monitoring service like »www.ordb.org.

Filtering out known open relays should cut down on spam significantly..
--
Reality is a crutch for people who can't handle drugs.

ImFixingIt

join:2001-12-11
Providence, RI

This is easy.

1.) All American ISPs should be default reject email from all foreign domains unless a subscriber directly requests email from either a specific domain or a specific email address served on a foreign domain.

2.) Offer rewards to one ISP1 reporting another ISP2 for not address spamming issues originating from ISP2 that does not shutdown that spammer with 72 hours of operation. This would include a monetary fine (say $100K per episode) for the ISP, a fine agasint the spammer $10K per episode), and a listing of both parties (ISP2 and spammer) on a federal listing agency that a) removes the spammer's right to vote, get a federal or state job, receive snail mail from the USPS (my favorite ) etc.

3.) Re-invent the opt-out mechanism to an opt-in where by default domains are closed and an ISP1-sent email with a list of USA-only domains requesting to send email to subscriber must seek subscriber permission before doing so, and subscriber must officially make request to receive email from foreign domains.

4.) Any foreign nation not cracking down on open-relays immediately ceases to receive US foreign support. Period. Let them worry about their own people and how they country as a whole is affected by actions of individuals and their shoddy network security.

5.) Repeat offender in the USA get mandatory jail time breaking rocks into stones for 10 years. Hehe, they'll learn. Or maybe make them come mow our lawns for 10 years. "Thinking about spamming someone? Is it worth the indenturement?"

6.) Pass a law allowing the individual consumer to control their POP mail on their local end and not the ISP end.

Ok, I could go on, but why? We are lazy Americans and nothing will change.
--
With mistakes like me its any wonder anything gets fixed!

••••••••••••

phathead296
Got Slack?

join:2001-11-09
Charleston, SC

A REAL solution to Spam

I've been using this for about six months now, and I never get spam on legit e-mail addresses.

Sneakemail

Their servers are slow, but the service is free. What you do is create a new e-mail for everything you sign up for. I have about 60 e-mail addresses now. One for each web site I sign up for. If one of those address starts to produce spam, I have the choice of either filtering based on address, or removing the e-mail address. I've never had to do that. Plus, if you do start to get spam at an address, you can question the person you gave the address too since that's the only person who's ever had it. I'm not sure if it's had any effect yet, but people might start to respect @sneakemail.com addresses after they've been called on their sharing of addresses.

Anyway, check it out if you want to rid yourself of spam. Their web servers are slow, but they seem to have dealt with the e-mail delays I was seeing many months ago.

This doesn't really help you if you post an address for a harvesting robot to pick up, but I suppose you could create one even for that and when the spam gets unbearable, you can delete the address.

Phathead

Rxdoxx
Premium,Ex-Mod 2002-13
join:2000-11-03
Middle River, MD
kudos:11

So much to learn

Starfish - my head hurts bookmarked your post so I can read it over and over until I begin to understand.

nil- something else for me to study how/what it does.

Never used the @home addy, had problems from the start with it and my workaround was to rely on a hotmail account.
(Same with the new comcast) Ran into some brick walls that required a "real" e-mail, I just lived with it.

Then about August, started seeing a lot of diploma, college stuff and it has grown from there. I recognize a bunch of the list, from the HI There, to the make money....

MSN block sender is not being that effective (so it appears, but I can't really tell), Not an area I have given a lot of attention to, but an area that is getting more and more of my interest.

For people with my knowledge/skill/lack of skill, I wait and hope for (very honestly and openly) someone to create a program like AdAware, windowwasher, HDValet... that will do the job for me. My wallet is ready to open for whomever produces it. And looks like there is some money to be made by whoever does. Given the fact that posters in this thread and at DSLR seem to be the computer literate, and the general public has a growing need. A program that I can send to my e-mail account that cleans it before I get there for $29?? Where do I line up for it??
--
A word aptly spoken is like apples of gold

RAZ Black

join:2001-10-04
Mansfield, TX
Reviews:
·Charter

Re: So much to learn

Unfortunately, an 'after-the-fact' software program only prevents you from having to see or read the mail. The fact is that the mail is still being produced and distributed in far less than 'honorable' manners.

I'ld like to be educated on how this guy did this, and how DLSR created the page to track the abuser... This could be setup into a national 'tracking' system to quickly catch these people like 'premier services' and bust them as soon as they logon to the internet. I would consider their offenses to be just as bad as a hacker breaking into a bank and transfering money, they should be restricted from any internet and computer use. period.

eponymous

@nchrls01.sc.comcast.

killda spammers

What about a category for spam-friendliness in the ISP ratings? Maybe most people wouldn't know how to rate their ISP - maybe dslreports could do it with tricks like this. A little publicity might turn these guys around. I'm hoping comcast won't be as clueless about stopping this stuff as @home was.

RAZ Black

join:2001-10-04
Mansfield, TX
Reviews:
·Charter

Teach us how to stop these people.

Could DSLR post or document how they did this.

I'ld like to use the code to do the same for my websites... Maybe a national tracking system could be developed to help stop these types of activities and to catch these people in the act.

It would be cool to get funding from the CIA to set this up, a national 'spam' tracking system... with a task force like SWAT team to rush in, break down the door, and arrest these people. (like they did to the warez people)

That would scare the crap out of them!!!!!!

••••••

e144539

join:2000-11-02
San Angelo, TX

/.

HeeHee
This story has been slashdotted

Hall
Premium,MVM
join:2000-04-28
Germantown, OH
kudos:2

Re: /. (Hey Justin)

So, I wasn't around when the story hit slashdot or for a good while afterwards... How'd the site hold up ?? Can you show a 'chart' of site hits for today ?? Just curious.
--
-= Mindspring MaxDSL via Covad 1536/384 TeleSurfer Pro =-

Jumbojet

@cableinet.co.uk

Have a look here, if you're serious about antispam

»www.camram.org