Jump to content

Am I helping the spammers?


C2H5OH
 Share

Recommended Posts

I've recently changed my email host. The new provider uses Spamassassin to filter my mail, so I've read with interest the verbose checking/scoring header lines it inserts.

However, we know that sometimes a SpamCop complaint is forwarded to the spammer.

Am I providing them with free advice on what caught their email effluent? Could they look at the scoring to see where they did badly and try harder next time?

If this is a realistic likelihood I'll have to delete all those Spamassassin lines by hand (I'm assuming that's legitimate), or else find out whether I can change the Spamassassin configuration to suppress the output.

Any opinions? Am I worrying needlessly?

Link to comment
Share on other sites

Two thoughts:

I would check with Spamassassin

I also think you give spammers to much credit. Checking the scoring in a reported spam sounds about the same as a spammer washing their email list; more work/time consuming than they would bother with. As long as you (they) have a cooperative ISP AND get paid by the number of emails sent, why bother?

Link to comment
Share on other sites

SpamAssassin is free & open-source, so any spammer who wanted to try to minimise the scores that their messages get could simply run their own copy of it anyway, and so the scoring headers from the spam you receive won't be revealing much more.

Aside from the points on the SpamAssassin wiki (http://wiki.apache.org/spamassassin/PublicRules, for anyone interested), there's a simple functional observation: SpamAssassin has been freely available for years, giving spammers plenty of opportunity to try to take advantage of its openness. And yet it continues to be an effective tool, so optimising their spam to get around SA rules must either be too difficult or too niche for spammers to bother doing.

Link to comment
Share on other sites

  • 2 weeks later...

I have come to realize (some here would insist "suspect") that spammers aren't just sending you junk, or junk with malware attachments or malware links, (ho-hum...)(so boring)(and on gmail, so easy to get rid of) They are embeding your email addy and other info into the spam so than when you report it back through uce or spamcop, they will know whose cage they have 'rattled". - feedback for their process. I think there is a chunk of childish "needing attention", else they wouldn't take the time to insert this data, and we definitely give them attention via uce - uce doesn't mung at last check. There is the opportunity for "less-so" when using spamcop because we can modify the present (not just the headers which spamcop takes care of) we send back to them. I am assuming this IP automatically forwards it to the spammer and giggles. So I am essentially talking directly with the spammer (hi, how's the weather there?) I am assuming one or a couple IPs and one or a couple spammers. I think/have found that most IPs take a dim view of this and I never hear from them again - at least not for quite a while. Spamcop works very fine for that, given standard header munging. I am also learning that some spammers have worked a way around dealing with their IPs, that the IP may not necessarily like. Change the "present" and possibly that changes.

Remember, I'm just a little dweeb that's worked with computers since 1962 and know nothing. And I am very happy having them and everyone think that.

Just some random thoughts er presents... :D Huge thanks to all of you for your time and efforts.!!!!!

EDIT: One mistake we make is in not reporting the average run-of-the-mill spam that comes from wanabees and is not modified other than for header and malware (no report-source traceability) Routine reporting of non-source-traceable spam through spamcop will keep this to a dull roar. There will always be thousands of wanabees but this is minor.

"doc" Kris - resident psychologist. LOL

Edited by kris
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...