Re: Mudslicking to counter SPAM (was TARPIT)

To: Nigel Metheringham <Nigel.Metheringham@VData.co.uk>, debian-isp@lists.debian.org
Subject: Re: Mudslicking to counter SPAM (was TARPIT)
From: Michael Koehne <kraehe@copyleft.de>
Date: Thu, 2 Mar 2000 13:44:29 +0100
Message-id: <20000302134429.A16194@kropotkin.copyleft.de>
Reply-to: kraehe@copyleft.de
In-reply-to: <E12QS4B-000160-00@rioja.localnet>; from Nigel.Metheringham@VData.co.uk on Thu, Mar 02, 2000 at 09:38:43AM +0000
References: <E12QS4B-000160-00@rioja.localnet>

Moin Nigel Metheringham,

> The Teergrube solution is *not* in any way a solution to your problem - 
> don't even consider it.  Remember that the machines sending you these 
> bounces and complaints are probably innocently of any proper 
> involvement in this spam run.  There are also likely to be thousands of 
> them, so when you say...

  Relays are !NOT! innocent, they are so bad administrated, that they
  relay SPAM. Those sites deserve to become reinstalled.

> > This will cause the spaming host to go down, as any operating
> >   system has a limit on open sockets. 
> 
> the system it will take down is *your* system.

  no because, the tarpit has a limit on its open connections, and the
  used bandwidth is minimal. Currently there are to few tarpits to cause
  any system going down. But the main thing about a tarpit, that it effectivly
  stops SPAMs from online accounts. As the tarpit holds the SMTP connection
  open, you can eMail the SPAM provider the exact IP nummber/port combination,
  and be sure, that this IP still exists.

> Also DOSing the relays is likely to bring you into problems of legality.

  Well its effectivly impossible to sue some american from germany
  and vice versa. So problems of legality, are not my concern.

  The most drastic method is "mudslicking" providers of foreign countries.

  I've done that with a medium size US provider. One of his customers
  (Lifepicture.Com) send SPAM. I've eMailed this provider to disconnect
  his customer, but the provider did'nt react. As the customer who send
  the SPAM, also had a virtual website, I started a mudslicking campain.

  I've grepped DNS and RIPE information to gather serious customers of
  the provider and the address of a local newspaper in Atlanta to
  start the mudslicking campain. Means I informed his customers and the
  newspaper, that the provider is not only hosting dirty pictures, but
  also supporting SPAM to advertise this pictures. Pressure from his
  customers, and an article in the newspaper, caused that the provider
  reacted. They now have an abuse@ which is carefully read and react
  quick, when they encounter SPAM and dirty pictures.

  Of course this provider impend to sue me, as they had lost a dozen
  customers during this mudslicking campain. They had to realise,
  that it does'nt make any sense to sue some german. Especialy as I
  would never enter US because of "Project Equaliser".

  IMHO mudslicking is the most effective method to counter SPAM.

  Providers with badly adminstrated relays, will lose customers, and
  this will cause them to start to think about SPAM, in fear of
  subsquent mudslicking campains.

  The bad thing to tell about mudslicking is that its very time intensive,
  so perhaps "just ignore the SPAM" is still the most convenient method.

Bye Michael
-- 
  mailto:kraehe@copyleft.de             UNA:+.? 'CED+2+:::Linux:2.2:14'UNZ+1'
  http://www.xml-edifact.org/           CETERUM CENSEO MSDOS ESSE DELENDAM

Reply to:

Follow-Ups:
- Re: Mudslicking to counter SPAM (was TARPIT)
  - From: Nigel Metheringham <Nigel.Metheringham@VData.co.uk>

References:
- Re: [Exim] Tarpit SPAM trap
  - From: Nigel Metheringham <Nigel.Metheringham@VData.co.uk>

Prev by Date: RE: [Exim] Tarpit SPAM trap
Next by Date: Re: Mudslicking to counter SPAM (was TARPIT)
Previous by thread: Re: [Exim] Tarpit SPAM trap
Next by thread: Re: Mudslicking to counter SPAM (was TARPIT)
Index(es):
- Date
- Thread