washmail Posted February 9, 2008 Share Posted February 9, 2008 Please bear with me - there is much info to share here. For those unaware, the worldâ€™s worst spammer (occasionally dropping to second worst) for many years according to spamhaus.org has been one Leo Kuvayev (of both Russian and American origin) otherwise known as â€˜Bad Cowâ€™. Along with his associates heâ€™s responsible for much of our collective â€˜unsolvableâ€™ spam which a number of people have referred to here and elsewhere, including the wares of whatâ€™s known as â€˜the .pdf spammerâ€™ and â€˜the stock exchange spammerâ€™. After much research, â€˜signatureâ€™ identification (e.g.: â€˜Canadian Pharmacyâ€™ â€“ not the real company of course) etc., my colleague and I determined that he was responsible for ALL the cyclic spam we were still receiving (after essentially eliminating all other concerns, mostly through the SpamCop service). His wide â€˜tradeâ€™ also includes 419 scams, offering sexual aids, phishing, â€˜loveâ€™ message links delivering zombie bot generating viruses, and replicas, employment, software and fashion offers. My colleague supplies domain and email services, so this has been a fairly extensive problem for us and the clients concerned. We tried everything we could think of to deal with this, some of which led to volatile, denial of service type reactions. (And we believe heâ€™s capable of far worse!) Until recently our best success was when we supplied detailed, undeniable info on every SpamCop report (and where possible IN THE ISPâ€™S GEOGRAPHIC LANGUAGE!) in the hope of forcing those ISPs that willingly or otherwise cooperate with him to face the grim realities. This was exhausting, and later resulted in him only sending us spam from sources involving his â€˜most preferredâ€™ ISPs. Then I noticed that my email serviceâ€™s spam filters were getting much better at the job (the best threshold and aggression settings need to be determined first), no doubt due to cooperative ISP partnerships. But still one has to monitor oneâ€™s spambucket constantlyâ€¦ Then I got the idea to try the following project (the best ideas are always the simple ones): * Iâ€™ve had my â€˜Domains Service Providerâ€™ create a pop access type spambucket (essentially itâ€™s just another mailbox), so offering a wider range of control options. * This will shortly have its auto-reply feature working, allowing one to feedback to all â€˜false positiveâ€™ sources (normal mail misidentified as spam) which are potential new clients, and among other options the opportunity to communicate politely with innocents whoâ€™s email addresses have been hijacked and who must now unfortunately also receive such auto-replies. * A period-adjustable auto-delete option will then also be added to such spambucket. * An elaborate setup and regular updating of oneâ€™s Whitelist is essential to keep the false positives to a minimum. And even in this experimental stage it can be seen quite clearly that THIS WORKS!!! No doubt there will be good days and bad ones, but a few weeks of work have resulted in a mere one or two false negatives (spam getting through) a day maximum, with only a couple of false positives who will in time be so advised automatically! This is on an account which until recently suffered up to 100 spams a day. And shortly I wonâ€™t have to look at any of it!! Of course this solution wonâ€™t work for every individual need, but is highly flexible and has much potential. As we know, most knowledgeable reporters discourage the use of auto-responders altogether, but perhaps itâ€™s got new potential values here. One thing Iâ€™ve noticed â€“ this wonâ€™t work well for those who are overly aggressive in the marketplace â€“ good! One last discovery; Thereâ€™s nothing new under the sun â€“ Iâ€™ve just discovered a commercial version of â€˜myâ€™ idea at http:// www.mailporter.com/about.asp I can assure everyone that I am in no way connected with them. I donâ€™t even know if theyâ€™re reliable or notâ€¦ Hoping this can help many of you (Due to commitments I will not be monitoring this post for some time, so no replies can be offered. Also, please donâ€™t write to my forum mailbox â€“ itâ€™s not monitored.) <Moderator Edit> Since you are not affiliated with them, you will not mind me breaking the link so that the searchbots do not get a hold of it. Also, I am going to merge your 2 topics into one to keep all discussion about the merits (or not) of your "plan" in one location. Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.