SPAM anyone?

zoltanthegypsy · ‎01-13-2008

Hi all,

Good stuff here. Thanks for doing this.

Any thought of starting an "event" on the topic of SPAM, or my own personal nightmare - SPAM blowback?

Thanks again,

Z.

R40 XP Pro + Linux + Solaris, T43 XP Pro + Linux + Solaris, T61 XP Pro + Win 7 + VMs, T400 Win 7 Pro 64 + too many VMs to count, New T420 - a work in progress ... GeezBlog

Corrine · ‎11-03-2011

Hi, zoltanthegypsy.

I'm sure its ok to talk about spam during this event.

It seems to me that e-mail providers have improved spam filters over the years. In addition, efforts by Microsoft and others to take down botnets (i.e., R.I.P. Waledac: Undoing the damage of a botnet) have helped reduce spam sources.

Those efforts aside, when registering at a site or for a newsletter, you don't need to provide your primary e-mail address. You can use a plus address, allowed by both Hotmail and G-mail. (Yahoo! does not permit the use of plus addresses.)

The procedure is the same for both Hotmail and G-mail. For example, if your Hotmail address is spring123@live.com, to create a newsletter plus address, you would use spring123+newsletter@live.com when registering for newsletters.

Microsoft MVP, Consumer Security
Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!
Twitter: http://twitter.com/SecurityGarden
Security Information and Malware Removal @LandzDown Forum

zoltanthegypsy · ‎01-13-2008

Hi Corrine,

Thanks for the advice. The big problem here is spam and blowback on a business address that's had to be on the website in plain text for many years.

I have the filters cranked up at my ISP's servers, and locally. Even so, a fair bit of spam makes it through. I can manually deal with it, but the blowback is another thing. Sometimes 100s a day - sometimes 1000s a day

So we risk losing legit incoming email in the spam, and legit "unable to deliver" messages in the blowback. Filtering on "Facebook" helps...

Short of changing our business address, going form-mail, or just closing the shop and moving to Tahiti, I'm at a loss.

If I ran the interwebs, each email sent would cost $.01. That would stop the spammers in short order - or at least wake up the clueless botnet machine owners.

Z.

R40 XP Pro + Linux + Solaris, T43 XP Pro + Linux + Solaris, T61 XP Pro + Win 7 + VMs, T400 Win 7 Pro 64 + too many VMs to count, New T420 - a work in progress ... GeezBlog

Mark_Lenovo · ‎11-19-2007

Z,

Could you expand a bit more on the "blowback" for the benefit of those less technical who may not completely understand the impact of what you are dealing with?

Thanks!

____________________________________________

ThinkPads: S30, T43, X60t, X1, W700ds, IdeaPad Y710, IdeaCentre: A300, IdeaPad K1
Mark Hopkins
Program Manager, Lenovo Social Media (Services)
www.twitter.com/lenovoforums
www.facebook.com/lenovo

English English Community Deutsche Community Comunidad en Español

zoltanthegypsy · ‎01-13-2008

Hi Mark,

Sorry about that. I'll try to explain what I mean by "blowback" but here's a wikipedia link that will probably do a better job: Backscatter (email)

Spammers operate by sending ridiculous volumes of email to as many email addresses as possible. Some of those addresses may be derived from lists harvested from various places (including a hacked address book) or just generated "on the fly" aaa@....com, aab@....com, ...

Many, perhaps most, of those target addresses will either not exist, or will have spam filters that will reject the incoming spam. The receiving servers may return those emails as "undeliverable".

Whether spammers have actually hacked someone's email account and are using it to send spam, or are just "spoofing" a sender's emails address, all the "undeliverable" messages come back to the stolen/spoofed address.

Spoofing is what has happened to my business email address. The spammers haven't hacked my account, they are just using my address as the "sender". (As a side note, when your email address shows up as the "sender" in a spam mail, it doesn't necessarily mean you've been hacked. Probably, but not necessarily. OTOH, don't just assume your address has been spoofed.)

So when a spammer uses my address in the "sender" field and sends thousands of spam mails to non-existent accounts, many of those bounce back to my inbox. I've had days when multiple thousands of blowback emails have shown up. Not nice.

Z.

R40 XP Pro + Linux + Solaris, T43 XP Pro + Linux + Solaris, T61 XP Pro + Win 7 + VMs, T400 Win 7 Pro 64 + too many VMs to count, New T420 - a work in progress ... GeezBlog

Mark_Lenovo · ‎11-19-2007

Z,

Thanks for the follow up explaination. I can only imagine the volume you might be getting back from undeliverable notifications, plus complaints from valid IDs that you were spamming them.

How do you prove to someone you didn't sent an email, that you were spoofed? I'm just imagining the potential liabilities that could occur depending on the content of the email and to whom it was sent.

Mark

____________________________________________

ThinkPads: S30, T43, X60t, X1, W700ds, IdeaPad Y710, IdeaCentre: A300, IdeaPad K1
Mark Hopkins
Program Manager, Lenovo Social Media (Services)
www.twitter.com/lenovoforums
www.facebook.com/lenovo

English English Community Deutsche Community Comunidad en Español

CyrusR · ‎11-29-2011

Hello Z,

What you need is an email protection/filtering that has a directory management feature. This will help prevent backscatter (or blowback spams) by using the information from the LDAP directories. By importing the LDAP directories, that email protection/filtering should be able to recognize legitimate email addresses and domains in your organization.

Regards,
Cyrus

SPAM anyone?

Re: SPAM anyone?

Re: SPAM anyone?

Re: SPAM anyone?

Re: SPAM anyone?

Re: SPAM anyone?

Re: SPAM anyone?