Jump to content

Amazing reduction in Spam


MikeJT

Recommended Posts

jrssystemsnet:

Talk about a lot of to do about a lot of to do about nothing.

It's good to see it all in one place (more or less), but I don't see that you have actually added anything to what has already been settled; but a cogent summary is always appreciated... by me anyway.

The only lingering 'nothing' has to do what Miss Betsy mentioned in a couple of other threads about new "wanna be spammers" picking up spam kits off the internet and trying their hand at it. Some of these kits are years behind the times, some of the 'wanna-be's" are not overly bright or well-informed, and therefore susceptible to doing something as dumb as intruding a "Return Receipt" or some variation of it.

The Major League spammers behave the way you describe, but I for one got that made quite clear thanks to David T's patient tutelege. I hope I also made it clear that my apprehension was based on spam characterists that existed a couple of years ago that I picked up from reviewing W98 newgroups that were pertinent back then.

Link to comment
Share on other sites

  • Replies 172
  • Created
  • Last Reply

jrssystemsnet:

Talk about a lot of to do about a lot of to do about nothing.

It's good to see it all in one place (more or less), but I don't see that you have actually added anything to what has already been settled; but a cogent summary is always appreciated... by me anyway.

The only lingering 'nothing' has to do what Miss Betsy mentioned in a couple of other threads about new "wanna be spammers" picking up spam kits off the internet and trying their hand at it. Some of these kits are years behind the times, some of the 'wanna-be's" are not overly bright or well-informed, and therefore susceptible to doing something as dumb as intruding a "Return Receipt" or some variation of it.

The Major League spammers behave the way you describe, but I for one got that made quite clear thanks to David T's patient tutelege. I hope I also made it clear that my apprehension was based on spam characterists that existed a couple of years ago that I picked up from reviewing W98 newgroups that were pertinent back then.

The 'wannabe' spammers probably are getting blocked at the server level, now, except by those who use tagged email spam systems. They were the ones responsible for empty spam and various other quirky things like actually seeing <insert random words> instead of random words.

I don't think that I have ever seen a 'return receipt' used by a spammer. It is the tracking code in the message that identifies you to the spammer if you are dumb enough to open the spam.

I have forgotten what has been discussed in this whole thread, but one point made by the admin who posted is that end users can't detect spam trends because they don't control the server and don't know what has already been handled. Except that an increase means that whatever control is being used needs tweaking. For instance, hotmail is very aggressive in spam blocking (and I am beginning to think that they use the scbl), but every so often I will get three or four spam they missed. That doesn't last long.

I think it started as whether reporting increased the amount of tagged spam. In previous discussions, there were people who stated reporting decreased spam (probably because of listwashing), there were people who thought that addresses being sold seemed to balance listwashing, and few that saw a continued increase in the amount of spam - the amount of spam seeming to fluctuate without any relation to others' experiences or published trends. IMHO, reporting does probably increase spam due to spammers adding any addresses they can find to their lists (including those in the spam reports - not only the reporter's but also all the internal relays), but levels off after a while. It can also be due to the other frequently stated reason that when you have finally had it up to here with spam, it is because your name has been added to the 'millions' lists and is being sold to lots of people so you will be getting spam from many more sources. IMHO, a lot of money is made by selling the lists - perhaps even more than is made from purchases.

Miss Betsy

Link to comment
Share on other sites

And for a viewpoint from the other side of the Subject line;

From: Kenneth Brody

Newsgroups: spamcop

Subject: Huge increase in spam

Date: Fri, 10 Nov 2006 09:27:16 -0500

Message-ID: <45548C44.C3CCD957[at]spamcop.net>

I know that there has been a huge increase in spam worldwide in the

past few weeks. Well, I received 10,000 spams in a mere 8 days.

(And this doesn't include the dozens of spams that I receive every

day that make it through the filters into my inbox.)

Link to comment
Share on other sites

Miss Betsy;

I don't think that I have ever seen a 'return receipt' used by a spammer. It is the tracking code in the message that identifies you to the spammer if you are dumb enough to open the spam

It’s amazing how one confused person (e.g. me = c) can get a group of knowledgeable and otherwise competent people into a tangle. [Z <=> Z^2 + C] comes to mind; where Z is the group that either collapses to zero (out of frustration or ennui), or expands indefinitely (or until W^z jumps in).

All I needed to untangle my misunderstanding came from DavidT’s Post #62 . I hadn’t learned to appreciate the difference between “Return Receipts” (et. al.) and “Web Bugs”. I had learned from W98 newsgroups that it is folly to open spam; I was just attributing the reason to the wrong characteristic. You see; I was under the mistaken impression that “Web Bugs” was a general term that included “Return Receipts”, not as a specific and unique technique for tracking “hits”.

Nevertheless, I did get 10-11 spams from someone using Thunderbird who did have the D-N-T: header inserted. I haven’t seen any since.

From - Thu Oct 05 22:36:23 2006

X-Account-Key: account4

X-UIDL: 1160100644.6132_2477836.mx4

X-Mozilla-Status: 0004

X-Mozilla-Status2: 08010000

Received-SPF: none (No spf1 record for (micnik.com) ) client-ip=60.2.77.102; envelope-from=<stafordcad[at]micnik.com>;

X-Default-Received-SPF: fail (Last token {-all} (res=FAIL)) client-ip=60.2.77.102; envelope-from=<stafordcad[at]micnik.com>;

Received: from cengh (unverified [60.2.77.102])

by mx.dccnet.com (DCCNet Email Cluster4) with ESMTP id 29407369

for <x>; Thu, 05 Oct 2006 19:10:42 -0700

Return-Path: <stafordcad[at]micnik.com>

Message-ID: 005701c6e8e5.57831100.c45fc0a8[at]rey

Disposition-Notification-To: phelia gennifer <stafordcad[at]micnik.com>

Date: Fri, 06 Oct 2006 01:18:34 +0000

From: phelia gennifer <stafordcad[at]micnik.com>

User-Agent: Thunderbird 1.5.0.5 (Windows/20060719)

MIME-Version: 1.0

To: leoline garnet <x>

Subject: Sweeter tasting sperm

Content-Type: multipart/alternative;

boundary="---------00000042.01C6E8E5"

X-ORBS-Stamp: Spamcop, http://spamcop.net/w3m?action=checkblock&ip=60.2.77.102

X-Rcpt-To: <x>

X-SpamDetect: *****: 5.000000 Poly=1.0,SPF Default Fail=1.0,Sender's IP was on Spamcop RBL=3.0

X-NotAscii: charset=us-ascii

X-IP-stats: Incoming Last 0, First 0, in=2, out=0, spam=0

X-External-IP: 60.2.77.102

Status: U

X-UIDL: 1160100644.6132_2477836.mx4

This is a multi-part message in MIME format.

-----------00000042.01C6E8E5

Content-Type: text/plain; charset=us-ascii

Content-Transfer-Encoding: 7bit

Wanna see your wife happy?

Make a miracles in bed!

ht tp://gak rop d. com/w c/

are dominant they

hair, Inspector Garland said. Okay.

Moderator Edit: spamvertised URL broken

Link to comment
Share on other sites

OK, the numbers are in, crunched, and concluded.

The original question was "Is there a correlation between spam received and reporting?" I reported earlier that it appeared that spam increased while reporting, decreased when not reporting.

Now I am not presenting this as a scientific study (I am actually a scientist, PhD qualified, 30+ years experience globally as scientist and academic, etc.), but I do have a nose for cause-effect etc. As many have said, there are ups and downs in numbers, and what my figures show in the end that there is not a correlation between reporting/not reporting and number of spam daily!! What appears to have happened earlier is that my reporting/non-reporting coincided with peaks and troughs. With more data, this became obvious.

Will I continue reporting? Would I recommend others to report? NO. NO.

Basically, from my view the entire exercise is a waste of time, and actually adds to the amount of crap flying around the net... spam in, reports out. Perhaps I am wrong, but as a busy professional I do not have a lot of spare time, and searching through this rather "unfriendly" website I have not seen anything that convinces me that reporting is having any effect.

Put the website into the hands of people who can make it more user friendly and easier to navigate for people who are not geeks, then perhaps some good can be done.

In fact, a buck could be made. I would gladly hand over $$$ if I could see some evidence of spammers being nailed, even if the amount of spam was not significantly reduced.

My approach now.... have set my Eudora to filter out spam. I can still check the Junk folder just to make sure mistakes not made. With 200 clients worldwide I cannot afford mistakes therefore would not put this task into the hands of any external filtering mechanism.

OK..... now I stand back for the barrage of wisecracks, criticism from the geeks!!!

Link to comment
Share on other sites

OK, the numbers are in, crunched, and concluded.

<snip>

OK..... now I stand back for the barrage of wisecracks, criticism from the geeks!!!

No worries about barrages, "mate".

After plotting your coordinates with my theodolite, triangulating and "crunching the numbers", 'scientific-like', I reckon your "nose for cause-effect etc." to be safely out of reach of conventional ordinance.

This isn't a wisecrack. It's just a community service announcement.

rooster, BSc., MBA., Ph6.5

Link to comment
Share on other sites

Unless you use the scbl to filter spam (either to tag or to reject), then there is no point in reporting spam to spamcop.

The only good it does for the general public, is that, sometimes, a whitehat admin is alerted to a problem (or in other cases, clueless admins) and both of them correct the problems.

The point that you are missing is that blocklists that are programmed to reject at the server level with a message to the sender that the message has been rejected are infinitely better than tagging email and then looking for false positives. In addition, if the average end user demanded blocklists that reject as the preferred form of filtering, then, in a very short time, the average end user would have no problems with email being rejected, blackholed, or shunted to Junk Mail folders because the average end user would select ISPs who reject spam with blocklists at the server level (and if the blocklist was rejecting them, they would select a better email service provider) and pretty soon real email users would have reliable email service with all the good email going straight to their inbox and all the suspect mail either rejected or dropped because it didn't come from an IP address which accepts incoming email.

It is really very simple and doesn't require a PHD to understand. You can search your tagged email and I will bet that you will miss many more false positives than would be caught by a blocklist that returned at message at the server level. The *sender* is the one who has to be responsible for email integrity. Nothing else will work.

Miss Betsy

PS I am not a geek. I am technically non-fluent.

Link to comment
Share on other sites

The point that you are missing is that blocklists that are programmed to reject at the server level with a message to the sender that the message has been rejected are infinitely better than tagging email and then looking for false positives. In addition, if the average end user demanded blocklists that reject as the preferred form of filtering, then, in a very short time, the average end user would have no problems with email being rejected, blackholed, or shunted to Junk Mail folders because the average end user would select ISPs who reject spam with blocklists at the server level (and if the blocklist was rejecting them, they would select a better email service provider) and pretty soon real email users would have reliable email service with all the good email going straight to their inbox and all the suspect mail either rejected or dropped because it didn't come from an IP address which accepts incoming email.

I agree, but who has the luxury of shopping for ISPs. With hundreds of clients globally, business cards, invoices, etc. etc., every time I change ISP means changing all of these.

Link to comment
Share on other sites

As many have said, there are ups and downs in numbers, and what my figures show in the end that there is not a correlation between reporting/not reporting and number of spam daily!!

Thanks for confirming a conclusion many of us have reached using common sense... Neither the cause/effect logic, nor even Occam Rasor applies to spam...Trust me, I am a scientist.. There are however large trends that many of us have noted, like the recent increase in spam... Probably correlates more with increase in computer usage worldwide and newly discovered vulnerabilities by spammers. Most of them (spammers) would rather hide in the darkest corners of internet and keep a low profile as they carry out their criminal activities...

Dr A, PhD.

Link to comment
Share on other sites

... As many have said, there are ups and downs in numbers, and what my figures show in the end that there is not a correlation between reporting/not reporting and number of spam daily!! What appears to have happened earlier is that my reporting/non-reporting coincided with peaks and troughs. With more data, this became obvious. ...

... Put the website into the hands of people who can make it more user friendly and easier to navigate for people who are not geeks, then perhaps some good can be done.

Thanks for seeing this through MikeJT, a useful contribution to understanding.

Geeks! Who, us? Maaate you must be thinking of the newsgroups. About the only people who come here and post are those with problems and those who want to help them. Those with "an enquiring mind" like yourself are fewer and made of stuff too stern to be readily discouraged. But the problem of creating something suitable for those most in need? A lot of work has gone into that but the most encouraging thing is that the work continues. You don't have a lot of time yourself, that speaks for most of "us" too so it is useful for a fresh set of eyes to give a dispassionate assessment from time to time. The more specific the better. Of course the major impediment is that the SC website ain't "us", just these forums.

Link to comment
Share on other sites

I agree, but who has the luxury of shopping for ISPs. With hundreds of clients globally, business cards, invoices, etc. etc., every time I change ISP means changing all of these.

At some point, the time spent hunting for false positives or contacting correspondents is going to outweigh the inconvenience of changing ISPs or demanding reliable service. Already this month I have missed several emails because of the aggressive blocking of my email service(s) and don't how many of my outgoing emails have been dropped. Email has gotten to be very unreliable for me and incovenient for me.

If the consumer wants reliable service, then blocklists that return an error message when email is rejected is the only way to go.

Miss Betsy

Link to comment
Share on other sites

At some point, the time spent hunting for false positives or contacting correspondents is going to outweigh the inconvenience of changing ISPs or demanding reliable service. Already this month I have missed several emails because of the aggressive blocking of my email service(s) and don't how many of my outgoing emails have been dropped. Email has gotten to be very unreliable for me and incovenient for me.

If the consumer wants reliable service, then blocklists that return an error message when email is rejected is the only way to go.

Seems like you need to change ISP!!!!

None of the above has occured with me, I use the KIS (keep it simple) approach, the "smarter" one gets, the more problems that seem to arise. I have somewhere between 200-300 clients globally in all sorts of countries (developed/developing), and the ONLY problem I have EVER had is AOL rejecting my mails. My email address is .au but I regularly buy ISP accounts in various countries around the world where I am located at a particular time. I do not use web based accounts (Yahoo, Hotmail etc.) or bother to log onto my Oz ISP website to access emails (just too slow).... everything downloaded quickly and efficiently through my Eudora. Again, using the KIS approach, Eudora is simple, straightforward and what I call "transparent" the way I have it set up, nothing going on that I am not aware of.

Link to comment
Share on other sites

Seems like you need to change ISP!!!!

None of the above has occured with me, I use the KIS (keep it simple) approach, the "smarter" one gets, the more problems that seem to arise. I have somewhere between 200-300 clients globally in all sorts of countries (developed/developing), and the ONLY problem I have EVER had is AOL rejecting my mails. My email address is .au but I regularly buy ISP accounts in various countries around the world where I am located at a particular time. I do not use web based accounts (Yahoo, Hotmail etc.) or bother to log onto my Oz ISP website to access emails (just too slow).... everything downloaded quickly and efficiently through my Eudora. Again, using the KIS approach, Eudora is simple, straightforward and what I call "transparent" the way I have it set up, nothing going on that I am not aware of.

Well, I probably do need to change, but I can't believe that among all those clients you haven't had some whose ISP did some peculiar filtering. Maybe it is only a matter of time. it has only been since the huge increase in spam has been reported that I have noticed some peculiar filtering.

It is not your Eudora that would be doing things you don't know about - it is the ISP who may be filtering without your knowledge.

Miss Betsy

Link to comment
Share on other sites

I agree, but who has the luxury of shopping for ISPs. With hundreds of clients globally, business cards, invoices, etc. etc., every time I change ISP means changing all of these.

Well if you get your own domain, you don't have to change any of the etc. when you change ISP. Besides, having your own domain will make your "business" look better. I always wonder about the businesses that have email like, me[at]aol.com or bestbuy[at]yahoo.com

Link to comment
Share on other sites

  • 2 weeks later...
You must have been secunded [sic] to US Military Intelligence.

Re: Virginia class submarine .... The SSN 774 was christened on August 16, 2003, and is undergoing dockside outfitting and testing. Virginia will start builder’s trials in 2004 ...

A bit over a decade after I 'retired' ..... almost two decades after that joint-service assigment that had me looking under the surface .... That's why it didn't ring a bell .....

Link to comment
Share on other sites

Re: Virginia class submarine .... The SSN 774 was christened on August 16, 2003, and is undergoing dockside outfitting and testing. Virginia will start builder’s trials in 2004 ...

A bit over a decade after I 'retired' ..... almost two decades after that joint-service assigment that had me looking under the surface .... That's why it didn't ring a bell .....

Well; I admit: I found the "Class" by googling. I remember the "Tridents" (Ohio?) well enough... I just wanted to create the impression I was up to date.

Our Canadian subs (got from the Brits, on eBay) are a source of not immoderate emabarrassment to us. They have a propensity for catching fire. This raises a rather peculiar conundrum. What do you pour on a submarine that's on fire?

Link to comment
Share on other sites

  • 2 weeks later...

The level of spam mail coming into my inbox has seen a dramatic increase of late. (By inbox I mean everything coming into my email address; Spamcop does a wonderful jub of getting rid of 98% into my Held Mail folder). For example, I received around 1000 spam emails this weekend, and less than 20 reached my real inbox.

Why am I telling you this? Well my ISP doesn't use any spam filter, and so I believe these figures give an idea of real spam traffic. This time last year, there would have been just (just!) 100 spam messages over a weekend.

What concerns me is, if the level of spam continues to rise at this rate, how long before the internet becomes "clogged" with spam traffic, and also how long before Spamcops servers start to fall over. I just hope a way can be found to pass the cost of the real damage being done onto these Spammers!!

Regards, David

Link to comment
Share on other sites

The level of spam mail coming into my inbox has seen a dramatic increase of late.

<snip>

What concerns me is, if the level of spam continues to rise at this rate, how long before the internet becomes "clogged" with spam traffic, and also how long before Spamcops servers start to fall over. I just hope a way can be found to pass the cost of the real damage being done onto these Spammers!!

One of the nice things about being a dilettante when it comes to spam and being just barely acquainted with the myriad of skill sets necessary for a practical and applicable understanding as to just how email really gets around, is that it leaves the mind free to contemplate solutions on the basis of sheer genius alone. It is much the same principle at work when we meet a 45 year old bachelor "savant" who seems possessed of all the reasons why you are raising your kids wrong and who 'volunteers' inspired answers to what you really should be doing if you had a lick of sense... as if having kids didn't preclude all possibility of having the time to think about it.

My latest trip to serendip has me contemplating what might happen if all the efforts to maintain and administer block lists, black lists, spam filtering by MTAs and ISPs, bit bucketing, black holing and all other agent sponsored impediments to spam were to cease overnite? A kind of one-day, day of protest or revolt by all those trying their d**ndest to thwart and mitigate against the sludge in the email pipelines. I think it would be safe to say the immediate results would be significant and, in some instances, at least arguably, catastrophic.

How long would it take business and government to get together to legislate enforceable policy concerning the licensing and operation of Internet Service Providers? It would surely get the Media involved... they couldn't function without email; which is not to say they function particularly well with it.

The thing of it is, is: those who are in the best position to actually do something are in many instances the ones who would be most affected by the action.

It's never gonna' happen of course. But at least the contemplation of what might come of it can give a few moments idyll about what life would be like if all this (our) time wasn't being wasted playing "whack-a-mole" with a handful of rodents; ... might even free up some time to spend with the kids; or find a way to deal with that annoying "genius";... and get away with it.

Link to comment
Share on other sites

How long would it take business and government to get together to legislate enforceable policy concerning the licensing and operation of Internet Service Providers? It would surely get the Media involved... they couldn't function without email; which is not to say they function particularly well with it.

The thing of it is, is: those who are in the best position to actually do something are in many instances the ones who would be most affected by the action.

Most of the people dealing with the spam problem do not want government intervention, IMHO (because of their personality type). It is more or less impossible to 'legislate' for the Internet because of the internationality factor.

However, the people most affected (the server admins) should really consider trying to get the end user on board for blocklists (which are most effective and also make false positives - real email from an infected server - work for spam cessation since the sender is notified and can *do* something about it).

There is a book about the 'Tipping Point' which contends that when you get a certain percentage of people wanting something, things start to change. In order to get the tipping point, the server admins need to enlist the end users.

Miss Betsy

Link to comment
Share on other sites

It is more or less impossible to 'legislate' for the Internet because of the internationality factor.

But that is exactly why internet ought to be legislated across borders as it affects everyone that is part of a Global Community.. Although less reinforceable, international laws are based on a consensus that hopefully has universal values less tied to ideologies governing individual regions or countries.

If there were an international body that legislated internet conduct and business practicess, treaties between countries and regions can develop enforcement policies across borders that would make the laws more effective and uniform and far reaching. The real problem we are facing now are countries as China and the like which become heaven for Internet Crime, precisely because there is no international norm of conduct.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.


×
×
  • Create New...