[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Adrian Midgley wrote:
>
> If it can't economically be done - automated - then it is not
> useful, but it atracts me asa way of striking back, and at the
> business quality rather than just the volume of business.
"I'll drop a boulder from the sky".
Said owl "the ideas sound,
how will you lift it off the ground".
Poor Batty Bat just scratched his head,
"I hadn't thought of that" he said.
The mistake is to try and spoof, all you need do is catch and use the
emails sent to bad addresses, so they look like they are active
addresses, and thus remain in the spammers database.
All I need to do this is a short script, and to s!/dev/null!|
/usr/local/bin/followURLscript! in /etc/aliases
Some people may need to configure MTA to accept mail to non-existent
local addresses.
My concerns.
A) This is rather like painting a target on yourself and running across
the frontline of a virtual battle field.
B) I don't think that many spammers are using this technique, the worst
offenders are using other peoples open relays, and the marginal cost to
them of dead addresses is so small as to be meaningless. Whereas the
cost to me of dowloading all the likely URLs in spam I get each day is
non-trivial. Also it might affect innocent third parties, for some value
of innocent.
Which is why I try to slow them down in the search for open relays using
spamd.
As proof that spammers carry on using clearly dead addresses....
#grep "/dev/null" maillog* | wc -l
327
So that is 327 spam since start of June sent to addresses that go
straight to the bit bucket. Okay that is only a small proportion of the
total volume of spam received here ~3-5%, but then those "email
addresses" are mainly SMTP message ID's that appeared on the
DCLUG.ORG.UK website, so they hardly have the same exposure as some of
the other addresses that stop at wretched (srw, simon, simon.waters,
bug-gnu-chess, info-gnu-chess, eighth-layer mail etc etc).
Still it is worth a try where spammers use URLs with the recipients
"email address" in unencrypted, we could acknowledge, and or fake these,
with a spam trap account to see if it works. Who knows some might even
be valid unsubscribe URL's.
Simon
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/BCDmGFXfHI9FVgYRAvwDAKDHrKXVbYqlJvQrmApSZvDkrPnfngCgllzz
Y+8dPQcQk2wCfMrFLQirFGg=
=0E7O
-----END PGP SIGNATURE-----
--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.