FAQ Entry: Insufficient Munging?

[Wazoo]

Stolen SpamCop newsgroup traffic;

Wrom: BOHMKHJYFMYXO

Newsgroups: spamcop

Subject: Re: munging not sufficient

Date: Tue, 4 Oct 2005 11:07:05 -0700

Anton Haumer wrote:

> Well I'm unsure abput mungeing ...

> I could also consider:

> "If a spammer sees enough reports sent by me (unmunged!)

>  he will avoid troubles and delete my address ..."

>

> Wrong?

There are spammers and there are spammers and then there are spammers.

Some spammers would like to believe that they have a legitimate mailing list which they bought and which they would like to improve by performing 'listwashing' - in which they /actually/ remove addresses which do not want that mail.

Some other spammers would like for you to confuse those listwashing spammers with the other forms of list management, which is to move names around from one list to another.  This class of spammer would consider list construction to be influenced by those who open their spam and read their spam and believe their spam and click on links in spam, including those links which are remove links.

The vast majority of spammers are very simple in their list managment -- they only add addies, they never remove them or manage them in any way. They don't care if addies bounce, they don't care if addies try to remove, they don't care about anything except spewing spam to as many addresses as possible.  They aren't paying postage.  There is no need to remove dead or unwilling or any other kind of address.

There are very very few spammers who go to the trouble of removing 'anti-s', but it occasionally does happen.  Some antispammers cause spammers enough 'trouble' one way or another that the spammer would rather that those anti-s be removed from the list so they won't cause as much problem.

There are even fewer spammers who would be inclined to try to retaliate against an anti- by some kind of revenge attack, which is another matter.

So, we have spammers and spammers and spammers -- then we have mungers and mungers and mungers.

There is no mungeing.  There is 'simple' spamcop mungeing.  Then there is uber-mungeing - in which there is additional mungeing beyond what SC performs - then uber-uber-mungeing which is beyond what SC permits -- then uber-alles-mungeing in which the mungeing is beyond all reason, rendering the 'evidence' relatively worthless to many abuse desks, some of whom won't even accept SC standard mungeing.

--

Mike Easter

kibitzer, not SC admin

Thanks Mike!

Edit: 2005/10/04 22:00 Jeff G. rewrapped the lines.

[Farelf]

Heh, sort of ironic (or maybe reinforcing the point or maybe contextualized elsewhere in the original thread), this topic recently referenced from another reminds me of the whole "Wrom:" thing again (as in the above NG quote and entirely relevant to munging/mungeing). For those who don't know or those blessed with a memory which makes every day one of fresh wonderment (I resemble that remark, as Groucho? said), a little further theft enlightens

FastMail.FM weblog

“From:” turned into “Wrom:” corruption?

Have you ever seen someone’s reply to an email, and instead of seeing something like:

From: Your Friend <theiremail [at] emailprovider.com>

It looks like:

Wrom: GMEPYOQKEDOTWFAOBU

Well, if you have, and you were totally stumped about what was causing it, I’ve finally found out. I did some searching and found this mention as well. I emailed that guy, and he got back to me with what he found:

>Its unrelated to your application. Its the client.

>The client has installed an antivirus program (I think it was norton) and turned on “privacy” option. That option causes the program to scramble any email address it sees before allowing it over the network.

>Whoever this is happening to - ask them to look into their computer and check the configuration of their “privacy” software.

So sounds like a anti-virus program issue!

More discussion in this forum thread.

[Wazoo]

Heh, sort of ironic (or maybe reinforcing the point or maybe contextualized elsewhere in the original thread), this topic recently referenced from another reminds me of the whole "Wrom:" thing again (as in the above NG quote and entirely relevant to munging/mungeing).

Wow! The "Wrom" ting totally missed by me at the time, and obviously ever since.

For those who don't know or those blessed with a memory which makes every day one of fresh wonderment (I resemble that remark, as Groucho? said), a little further theft enlightens

The few times that this has shown up in this Forum, it was that the e-mail address used for a Reporting address got hammered in all but one instance ... the other singular event was a wierd circumstance ... a combination of digits in a numeric string, the string used as a password/access-key somewhere was a match for a substring in a 'protected' credit card number (or something along that line) .. there was enough of a match that the output from that system ended up being a string of asterisks rather than the numeric string, which of course didn't fly at the receiving end.

[Farelf]

... the other singular event was a wierd circumstance ... a combination of digits in a numeric string, the string used as a password/access-key somewhere was a match for a substring in a 'protected' credit card number (or something along that line) ... there was enough of a match that the output from that system ended up being a string of asterisks rather than the numeric string, which of course didn't fly at the receiving end.

Wow, just imagine the odds on that! Even not knowing the number of digits it has to be somewhere "up there" with winning a major lottery. Excepting that el Gordo de la Primitiva (Spanish) one of course - I can't seem to stop winning that one and I don't even buy tickets.