[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Anti-Spam ideas for usenet/list harvested email addresses

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Sep 23, 2003 at 01:16:38PM -0600, Jacob Anawalt wrote:
> To me the big question is how do I avoid the spam in the first place,
> besides avoiding email all together?

Become an extremely hostile target.  Report all mail and news abuse
ASAP.  http://spamcop.net/ and http://www.abuse.net/ are both
excellent resources for getting ahold of admins.

If you run your own mail server, exim has excellent controls for
curbing spam.  exim4 and sa-exim work beautifully together.  I'd love
to know how to get clamav to work, maybe this would be a good feature
for sa-exim.

> We've all done or seen people do this: jacob at cachevalley dot com,
> jacob.nospam@cachevalley.com, jacob@cachevalley.nospam.com, etc.

Munging considered harmful.
http://www.interhack.net/pubs/munging-harmful

> I've already mentioned the web authorization idea and the rotate your
> email address on some schedule ideas in another thread. 

Challenge-response considered harmful, read the archives.  Rotating
your email address is another great way to lose legitimate email
without affecting the problem itself.

> I've even seen a web site go so far as to use a .js file function to
> put together the email address from a bunch of fragments when you
> click the mailto link. That would take more work to parse, but it is
> still possible by having an email grabbing webbot that can run
> javascript.

Not to mention break the functionality for people who do not have JS
capable browsers.

> The mail server would need to have access to my personal list of
> acceptable email addresses so it could give a 550 with the appropriate
> extended SMTP code for unauthorized/security and an appropriate error
> message after the HELO and MAIL FROM and RCPT TO: have been given. It
> should only do this for mail accounts that have entries in the safe list.
> If your list is empty, all email is valid. If you have one or  more
> entries, only those ones can send you email.

spamassassin does something similar with sa-exim.

> If you're sick of getting swamped (as a user or admin) wouldn't this setup
> be usefull? An ISP could encourage users to use username.lists@isp.com for
> email addresses that are going to be used on usenet or public mailing
> lists. The new email address could just dump into the real address after
> the mailing list rules were validated, or it could be it's own account and
> mailbox.

Variation on munging...

> The sad part is that I've already squandered my username at this email
> address by putting it where it can be harvested in mass by worm/virus and
> UCE/UBE collection scripts, and I had already read an article cautioning
> me against this. Oh well live and learn (someday I'll learn anyway.)

I've had this email address for about a year, and before that, I had
baloo@ursine.dyndns.org for about 6 years before a buddy bought me a
Canadian domain name for me.  Don't hide, *TAKE ACTION*.

- -- 
 .''`.     Paul Johnson <baloo@ursine.ca>
: :'  :    
`. `'`     proud Debian admin and user
  `-  Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/c/gmUzgNqloQMwcRApExAJ4xnFfHTu4F9M97qDL0Qqb5GCLQswCg2t2f
HTubkUQtstseTVZBUR955dk=
=r6Ev
-----END PGP SIGNATURE-----
Reply to: