Results 1 to 16 of 16

Thread: Spam - how would you deal with it?

  1. #1
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber

    Question Spam - how would you deal with it?

    It seems that last month, of all the emails passed through MessageLabs, more than 2 in 3 were spam.

    The Register article.

    Different legislations around the world mean that spammers can set themselves up somewhere and operate without fear of reprisal.

    Only very recently have the big companies started to consider revamping the very basic nature of SMTP email to do validation on senders of emails, but this will take a long time to get ratified and even longer to be enforced globally.

    What would you do to combat the problem of spam - either implementing a system to stop it being possible, or legal proceedings to fine/jail the biggest contributors?

    Or is it a lost cause?
    Should we all set our email accounts to only accept email from people on a white list which we have to maintain ourselves?

    Or has spam not really had an impact for you, so do you not see it as a major problem?
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

  2. #2
    0iD
    0iD is offline
    M*I*A 0iD's Avatar
    Join Date
    Jul 2003
    Location
    Happy Llama Land
    Posts
    13,247
    Thanks
    1,435
    Thanked
    1,209 times in 757 posts
    • 0iD's system
      • Motherboard:
      • Leave my mother out of it!
      • CPU:
      • If I knew what it meant?
      • Memory:
      • Wah?
      • Storage:
      • Cupboards and drawers
      • Graphics card(s):
      • Slate & chalk
      • PSU:
      • meh
      • Case:
      • Suit or Brief?
      • Operating System:
      • Brain
      • Monitor(s):
      • I was 1 at skool
      • Internet:
      • 28k Dialup
    I don't think you will ever stop it, no more than you can stop getting junkmail through the post. Mind you, is there not an opt-out list for junkmail? Maybe there could be an e-mail equivalent. Is that at all feasible?
    [
    Quote Originally Posted by Blitzen
    When I say go, both walk in the opposite direction for 10 paces, draw handbags, then bitch-slap each other!

  3. #3
    Senior Member
    Join Date
    Aug 2003
    Posts
    705
    Thanks
    0
    Thanked
    0 times in 0 posts
    I dealt with spam 3 years ago when I bought my first domain which had POP3 boxes included.

    I set up individual addresses for things like onine shopping, forums etc etc I havent had one single bit of spam on any of my domains yet. If I did I would just close that email address off and change the address


    Fun Not Frags - www.gsvgaming.net

  4. #4
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber
    Quote Originally Posted by 0iD
    I don't think you will ever stop it, no more than you can stop getting junkmail through the post. Mind you, is there not an opt-out list for junkmail? Maybe there could be an e-mail equivalent. Is that at all feasible?
    The main difference when it comes to email is its global presence - if you send a spam email from a country where it is not illegal to a country where it is illegal, what happens?

    Junk post is unlikely to be international, and a lot more costly when it misses the target audience.

    The 3 main subjects for spam are (I think):
    financial (loan, credit card offers, etc.)
    pharmaceutical (cheap viagra! increase the size of your manhood! and so on)
    porn ('nuff said)

    They know that they are just bombarding email systems across the world with emails designed to try and get past Bayesian spam filters (this is why they contain random words in the subject line and at the bottom of the body), and they know it's not appreciated by most people, but don't care.

    The domains they send from are often spoofed, and the ISP accounts they use are meant to be temporary ones as they fully expect complaints and will be shut down - they just use a credit card to open a new ISP account, rinse & repeat.

    Different countries have adopted different approaches to combat (rather than pro-actively prevent) spam - but if there is no common global law regarding it, there are always places that the current system can be abused.


    Quote Originally Posted by Richie
    I dealt with spam 3 years ago when I bought my first domain which had POP3 boxes included.
    This is exactly what I do too, but it is still a solution that is for tech-savvy people only, and if your personal email address gets onto a harvested email list then you have to inform all your contact of a change of address every time.
    This is why businesses are impacted more than individuals - they can't just chop & change their addresses and must rely on software to block spam.
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

  5. #5
    0iD
    0iD is offline
    M*I*A 0iD's Avatar
    Join Date
    Jul 2003
    Location
    Happy Llama Land
    Posts
    13,247
    Thanks
    1,435
    Thanked
    1,209 times in 757 posts
    • 0iD's system
      • Motherboard:
      • Leave my mother out of it!
      • CPU:
      • If I knew what it meant?
      • Memory:
      • Wah?
      • Storage:
      • Cupboards and drawers
      • Graphics card(s):
      • Slate & chalk
      • PSU:
      • meh
      • Case:
      • Suit or Brief?
      • Operating System:
      • Brain
      • Monitor(s):
      • I was 1 at skool
      • Internet:
      • 28k Dialup
    Any solution, be it filtering, legislation of otherwise is going to be hard to enforce on such a vast scale. But something does indeed need to be done before the internet becomes choked with the stuff.
    Programs like Mail Washer & the like are good at what they do, but I agree that something needs to be done closer to the source of the problem.
    [
    Quote Originally Posted by Blitzen
    When I say go, both walk in the opposite direction for 10 paces, draw handbags, then bitch-slap each other!

  6. #6
    Oh no!I've re-dorkalated! Jiff Lemon's Avatar
    Join Date
    Jul 2003
    Location
    Sunny MK
    Posts
    2,504
    Thanks
    80
    Thanked
    44 times in 41 posts
    ISP's need to get more heavy handed. People who send spam or virus's from their network should be ring-fenced ASAP. The only net that that machine then sees is a "you have a problem with your machine, contact the ISP on xxxxx". It's not that hard to implement, just requires initiative.

    If ISP's were then forced to comply to act with 24 hours of report, or face having their entire domain blacklisted, it may force a few to get their act together. As a customer you wouldn't be impressed that you couldn't send mail cos you're ISP couldn't manage it's network, so would look to go elsewhere.

  7. #7
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,664
    Thanks
    53
    Thanked
    385 times in 314 posts
    We have our antispam via messagelabs

    I see no spam
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  8. #8
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber
    Quote Originally Posted by Jiff Lemon
    ISP's need to get more heavy handed. People who send spam or virus's from their network should be ring-fenced ASAP. The only net that that machine then sees is a "you have a problem with your machine, contact the ISP on xxxxx". It's not that hard to implement, just requires initiative.

    If ISP's were then forced to comply to act with 24 hours of report, or face having their entire domain blacklisted, it may force a few to get their act together. As a customer you wouldn't be impressed that you couldn't send mail cos you're ISP couldn't manage it's network, so would look to go elsewhere.
    Interesting approach - actually it's something I have thought for a while, given all the virtual ISPs operating as 2-man outfits that popped up and disappared overnight when the flat-rate dial-up access was common.

    At times I've even thought of a really OTT policy to have computer users require a "licence" to show they are capable of operating a computer, after a week full of talking to complete idiots

    In the event of a user unknowingly acquiring a virus or a spam-trojan and getting cut off and told to contact the ISP, how do they get the problem resolved?
    Especially if it requires downloading some tool to clean the machine?

    I guess they could have a "walled garden" phone number which allows them to connect to a specific set of sites to get the tools?

    Personally, I'd like to protect users from themselves by blocking all inbound service ports unless they explicitly ask for them to be opened (and had good reason), that could help a bit.
    (Okay, not so much against trojans as they'll use high ports, but for OS vulnerabilities and people services they weren't aware of it would help.)


    Quote Originally Posted by Moby Dick
    We have our antispam via messagelabs

    I see no spam
    Ah, as do we - but as a matter of interest, as our mail provider vendor was offering it for free, we implemented a second layer of spam filtering in March.
    It almost doubled the number of trapped spam emails, showing that MessageLabs, while being really good, is still letting junk through.
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

  9. #9
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,664
    Thanks
    53
    Thanked
    385 times in 314 posts
    what ML settings have you got ?

    put their heuritics on and it should trapp the vast majority
    if you really want belt & braces , combine it with GI mail essentials
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  10. #10
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber
    Quote Originally Posted by Moby-Dick
    what ML settings have you got ?

    put their heuritics on and it should trapp the vast majority
    if you really want belt & braces , combine it with GI mail essentials
    ORDB
    RBL
    RSS
    DUL
    Custom IP Blacklist
    Custom Domain Blacklist
    Heuristics

    All enabled, appending a header and redirecting to a single spam mailbox to check for any false positives and get an idea of the volume being blocked.

    Stats:
    Jan - 2165
    Feb - 2388
    Mar - 4187 (the second layer of spam filtering enabled around 10th March)
    Apr - 4923

    I was kind of surprised and thought the in-house filtering solution must have been throwing out tons of false positives, but we've only identified 3 LOL.
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

  11. #11
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,664
    Thanks
    53
    Thanked
    385 times in 314 posts
    not bad at all - I'm not convinced that the ML antispam is as advanced as their skeptic engine for Anti-Virus to be honest.
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  12. #12
    Oh no!I've re-dorkalated! Jiff Lemon's Avatar
    Join Date
    Jul 2003
    Location
    Sunny MK
    Posts
    2,504
    Thanks
    80
    Thanked
    44 times in 41 posts
    Quote Originally Posted by Paul Adams
    In the event of a user unknowingly acquiring a virus or a spam-trojan and getting cut off and told to contact the ISP, how do they get the problem resolved?
    Especially if it requires downloading some tool to clean the machine?

    I guess they could have a "walled garden" phone number which allows them to connect to a specific set of sites to get the tools?
    Exactley. Don't get me wrong, it's not a perfect solution - I'm sure you'll get someone saying "but I don't run XYZ's software" or "but the software doesn't run on my obscure out of date OS", and frankly I'd put that in the big box labelled "Not my problem". You want access to my network, you sort your machine out.

    I've lost count of the number of machines that I've seen with out of date (6months +) virus definitions, or missing patches ("but it said it'd take 15 minutes to download"). The tools are out there - people winge about having to pay £50 for AV software but you don't hear them complaining about the £240+ a year they pay for their net connection? It's YOUR computer, and therefore YOUR responsibility to look after it. If you drive an unroadworthy car, the police will pull you over, fine your a$$ and not let your vehicle back on the road until it was made roadworthy.

    Rant over - maybe I need to go easy on the new coffee machine!

  13. #13
    Senior Member RVF500's Avatar
    Join Date
    Apr 2004
    Location
    Back in Sunny UK...and it is sunny too :D...pleasant surprise.
    Posts
    1,063
    Thanks
    0
    Thanked
    0 times in 0 posts
    Would love to have an application that did something like a reverse telnet session back to the spammer and then fried their drives. Inconvenience those annoying tw*ts for a change.

    Meanwhile.....back in the real world......
    "You want loyalty? ......get a dog!"

  14. #14
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber
    Quote Originally Posted by RVF500
    Would love to have an application that did something like a reverse telnet session back to the spammer and then fried their drives. Inconvenience those annoying tw*ts for a change.

    Meanwhile.....back in the real world......
    Someone once wrote an application to attempt to connect back to the source of a port scan and attempt to hack them back... they were absolutely crucified by the security world.

    Sounds great in principle, get your own back on the guys probing you for trojans... only it's not illegal to do port scans, but it is to attempt vigilante justice like that - plus you cannot be certain that it's not a man-in-the-middle attack, and you end up hosing some innocent's "owned" PC.

    Even if you go after the company that the spam appears to be advertising, they claim that it's a competitor trying to ruin their image.

    It truly is a crappy situation to find ourselves in
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

  15. #15
    Common Sense Advocate Rabs's Avatar
    Join Date
    Jul 2003
    Location
    Preston
    Posts
    760
    Thanks
    1
    Thanked
    5 times in 4 posts
    • Rabs's system
      • Motherboard:
      • Gigabyte Z170X Gaming 7
      • CPU:
      • Intel Core i7 6700K
      • Memory:
      • 2 x 8GB Corsair Vengeance Red
      • Storage:
      • 256GB Samsung 950 Pro Nvme, 1TB Seagate HD
      • Graphics card(s):
      • EVGA Nvidia 970OC
      • PSU:
      • Coolermaster Ethusiast 850W
      • Case:
      • Coolermaster Stacker STC 101
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Benq GW2760 27"
      • Internet:
      • Virgin Cable 200/12
    ISP's could introduce a send limit on home based accounts to 50 emails every 10 minutes.

    Users could request an upgrade on this if their needs are greater. ISP's could then monitor users which request an upgrade, they could also write something in the AUP that they will pass on details of spammers to law enforcement agencies or something along those lines.

  16. #16
    Ex-MSFT Paul Adams's Avatar
    Join Date
    Jul 2003
    Location
    %systemroot%
    Posts
    1,926
    Thanks
    29
    Thanked
    77 times in 59 posts
    • Paul Adams's system
      • Motherboard:
      • Asus Maximus VIII
      • CPU:
      • Intel Core i7-6700K
      • Memory:
      • 16GB
      • Storage:
      • 2x250GB SSD / 500GB SSD / 2TB HDD
      • Graphics card(s):
      • nVidia GeForce GTX1080
      • Operating System:
      • Windows 10 x64 Pro
      • Monitor(s):
      • Philips 40" 4K
      • Internet:
      • 500Mbps fiber
    Quote Originally Posted by Rabs
    ISP's could introduce a send limit on home based accounts to 50 emails every 10 minutes.

    Users could request an upgrade on this if their needs are greater. ISP's could then monitor users which request an upgrade, they could also write something in the AUP that they will pass on details of spammers to law enforcement agencies or something along those lines.
    Not a bad idea, I also like the idea of blacklisting ISPs' SMTP servers that are known to be "spam friendly" - if customers weren't able to send email they'd soon kick up a fuss


    Looks like there might be a little bit of action going on finally...
    http://www.theregister.co.uk/2004/05...us_china_opens
    ~ I have CDO. It's like OCD except the letters are in alphabetical order, as they should be. ~
    PC: Win10 x64 | Asus Maximus VIII | Core i7-6700K | 16GB DDR3 | 2x250GB SSD | 500GB SSD | 2TB SATA-300 | GeForce GTX1080
    Camera: Canon 60D | Sigma 10-20/4.0-5.6 | Canon 100/2.8 | Tamron 18-270/3.5-6.3

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. 200,000 posts!
    By DaBeeeenster in forum General Discussion
    Replies: 25
    Last Post: 18-05-2004, 10:00 PM
  2. Gone wrong radeon eBay deal, opinions wanted
    By prehensile in forum Graphics Cards
    Replies: 7
    Last Post: 29-04-2004, 01:32 PM
  3. E-Mail client software and spam
    By Aaron in forum Software
    Replies: 4
    Last Post: 19-11-2003, 11:34 PM
  4. PowerColor. What's the deal exactly?
    By Stewart in forum Graphics Cards
    Replies: 11
    Last Post: 17-11-2003, 09:28 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •