spam trapping (was Re: Double Irony! (was Re: [linux-elitists] ruben's stupid filter))

Dan Wilder dan@ssc.com
Mon Apr 8 23:32:42 PDT 2002


On Mon, Apr 08, 2002 at 01:42:22PM -0700, Don Marti wrote:

> Auto-reporting is only justified if it's done only for mail that
> comes to a dedicated spamtrap address, or other automatically
> answered address.  (Auto-reporting mail that your spamassassin
> thought was spam is dumb, because it's not known spam, just guessed
> spam.  If people wanted to filter based on SA guesses, they could
> run it themselves.  Duh.)

I'll buy that.

[ in which Don puts out a pot of honey then swats flies ]

> Anyone see problems with this?  I'd like to start encouraging
> everyone to run as many spamtrap addresses as they feel comfortable
> with -- since at the very least, the more spam ends up in a spamtrap
> the less effective spamming is, and hopefully, the presence of good
> 100% spam streams will help advance the state of filtering and spam
> protection science.
> 

We'll even chip in and operate a pot of honey. 

Not sure what you report, or to who, and with what effect.  

By far the greatest part of the spam I'm seeing these days has
bogus "from" addresses and originates from hosts either with no
DNS at all, or with DNS indicating they're a presumably short-lived
dialup or DSL account.  Blacklist the IP and you're as likely
to trouble its next occupant as the spammer who has moved on.

You can hardly report to the provider at the forged "from" address.  
Either they're an innocent victim, or maybe they're in cahoots with the 
spammers, in the business of providing MX records for hosts that exist but 
refuse all mail, to foil those among us who reject envelope-from hosts that 
don't have legit DNS records.

In either case a report directly to them does not much.

You can raise hell with the upstream providers of the actual origin
host.  Some care, most (I think) don't.  Look at all the years 
uu.net was (is?) a spam haven for its dialup customers.

Here in Washington State those with a ton of patience and some time on
their hands can sue at least some of the domestic spammers.  Not
sure how you go after, for example, the notorious netvigator.com.

No doubt there's something to be learned from it.

-- 
-----------------------------------------------------------------
 Dan Wilder <dan@ssc.com>   Technical Manager & Editor
 SSC, Inc. P.O. Box 55549   Phone:  206-782-8808
 Seattle, WA  98155-0549    URL http://embedded.linuxjournal.com/
-----------------------------------------------------------------



More information about the linux-elitists mailing list