• Jan Knepper (6/6) Nov 27 2003 Any one interested in some real bad statistics?!
• Walter (3/9) Nov 27 2003 What's reverse DNS blocking?
• Jan Knepper (31/47) Nov 28 2003 Reverse DNS blocking is the first level of SPAM blocking. It prevents
• Walter (8/55) Nov 28 2003 Ok, I understand. I had thought that very little spam came from a valid
• Jan Knepper (18/24) Nov 28 2003 The trick is that spammers these days use domains like yahoo.com for
• John Reimer (13/47) Nov 28 2003 This is so insidious! I was talking to my brother the other day, and we...
• KarL (7/14) Nov 30 2003 Because some people believe this is "working from home". Helping a
• KarL (3/6) Nov 30 2003 Oops, forgot the URL:
• Matthew Wilson (5/15) Nov 30 2003 I wish there was some way we could get in a room with them. I really do!
• roland (9/31) Dec 01 2003 Hi,
• KarL (18/24) Dec 01 2003 The problem is simply the fault of SMTP!
• Walter (7/11) Dec 01 2003 The problem caused by spam is characterized by economists as "the traged...
• roland (30/37) Dec 02 2003 That's a smart text and IMO the best solution. The trouble is that it
• Walter (9/22) Dec 02 2003 tragedy of
• Walter (3/6) Nov 28 2003 I don't understand why some of this isn't blocked at the backbone level.
• Cesar Rabak (6/17) Nov 28 2003 While the backbone gets paid by the otherwise 'wasted' bandwidth. . .

Jan Knepper <jan smartsoft.us> writes:

Any one interested in some real bad statistics?!
Check this!!!
http://www.digitaldaemon.com/Internet%20Services/blocked_email.html

-- 
ManiaC++
Jan Knepper

"Walter" <walter digitalmars.com> writes:

What's reverse DNS blocking?

"Jan Knepper" <jan smartsoft.us> wrote in message
news:bq5muh$21lk$1 digitaldaemon.com...
 Any one interested in some real bad statistics?!
 Check this!!!
 http://www.digitaldaemon.com/Internet%20Services/blocked_email.html

 --
 ManiaC++
 Jan Knepper

Jan Knepper <jan smartsoft.us> writes:

Reverse DNS blocking is the first level of SPAM blocking. It prevents 
the SPAM from actually being sent to the SMTP server(s)

1. Reporting/Registration:
- Some one report SPAM at www.spamcop.net for instance.
- Spamcop.net analyses the email and finds out where it comes from (IP 
address).
- The IP address is than added to bl.spamcop.net 
(http://www.spamcop.net/bl.shtml)

2. Using:
- The SMTP server(s) here are wrapped in rblsmtpd.
- When a connection is made to smtp.digitalmars.com:25 (for delivery of 
email) rblsmtpd is being activated and rblsmtpd check with 
bl.spamcop.net, list.dsbl.org and relays.ordb.org if the connecting IP 
address is reported as SPAMMER.
- If the connecting IP address is reported as SPAMMER the SMTP 
connection is denied, otherwise the connecting is accepted and the 
actual email is being received my the SMTP server.

CHKUSR is the second level of SPAM blocking. It prevents email to 
non-existent email addresses from making it to webmaster  or postmaster  
the domains.

Once rblsmtpd fires up qmail-smtpd (the actual SMTP) server, qmail-smtpd 
checks the email headers for valid "From:" and "To:" headers. The 
"From:" domain has to exist and accept email. The "To:" email address 
has to exist. If there is something wrong with either an error is 
returned to the sender.

Thanks!
Jan



Walter wrote:
 What's reverse DNS blocking?
 
 "Jan Knepper" <jan smartsoft.us> wrote in message
 news:bq5muh$21lk$1 digitaldaemon.com...
 
Any one interested in some real bad statistics?!
Check this!!!
http://www.digitaldaemon.com/Internet%20Services/blocked_email.html

--
ManiaC++
Jan Knepper

 
 
 


-- 
ManiaC++
Jan Knepper

"Walter" <walter digitalmars.com> writes:

Ok, I understand. I had thought that very little spam came from a valid
domain, so by checking to see if the domain existed or not, one could block
spam without needing blacklists. That's what I thought reverse DNS lookup
was. That looks like what chkusr is, though.

From the volumes being blocked, it's pretty clear that email is getting to
be unusuable without some sort of blocking.

"Jan Knepper" <jan smartsoft.us> wrote in message
news:bq7ot7$2470$1 digitaldaemon.com...
 Reverse DNS blocking is the first level of SPAM blocking. It prevents
 the SPAM from actually being sent to the SMTP server(s)

 1. Reporting/Registration:
 - Some one report SPAM at www.spamcop.net for instance.
 - Spamcop.net analyses the email and finds out where it comes from (IP
 address).
 - The IP address is than added to bl.spamcop.net
 (http://www.spamcop.net/bl.shtml)

 2. Using:
 - The SMTP server(s) here are wrapped in rblsmtpd.
 - When a connection is made to smtp.digitalmars.com:25 (for delivery of
 email) rblsmtpd is being activated and rblsmtpd check with
 bl.spamcop.net, list.dsbl.org and relays.ordb.org if the connecting IP
 address is reported as SPAMMER.
 - If the connecting IP address is reported as SPAMMER the SMTP
 connection is denied, otherwise the connecting is accepted and the
 actual email is being received my the SMTP server.

 CHKUSR is the second level of SPAM blocking. It prevents email to
 non-existent email addresses from making it to webmaster  or postmaster 
 the domains.

 Once rblsmtpd fires up qmail-smtpd (the actual SMTP) server, qmail-smtpd
 checks the email headers for valid "From:" and "To:" headers. The
 "From:" domain has to exist and accept email. The "To:" email address
 has to exist. If there is something wrong with either an error is
 returned to the sender.

 Thanks!
 Jan



 Walter wrote:
 What's reverse DNS blocking?

 "Jan Knepper" <jan smartsoft.us> wrote in message
 news:bq5muh$21lk$1 digitaldaemon.com...

Any one interested in some real bad statistics?!
Check this!!!
http://www.digitaldaemon.com/Internet%20Services/blocked_email.html

--
ManiaC++
Jan Knepper



 --
 ManiaC++
 Jan Knepper

Jan Knepper <jan smartsoft.us> writes:

Walter wrote:
 Ok, I understand. I had thought that very little spam came from a valid
 domain, so by checking to see if the domain existed or not, one could block
 spam without needing blacklists. That's what I thought reverse DNS lookup
 was. That looks like what chkusr is, though.

The trick is that spammers these days use domains like yahoo.com for 
instance as 'fake' "From:" domain. Although the account  yahoo.com does 
not exist, this SPAM would still come through the system, yet reverse 
DNS indeed might block these once reported as they most likely would not 
come from an IP address associated with yahoo.com.

Than they also setup domains, just for the purpose of spamming... 
Domains that for the period of the SPAM being processed are actually on 
the internet... <sigh>

chkusr only checks for existence of *local* email addresses, i.e. "To:" 
email addresses  digitalmars.com,  smartsoft.us, etc.

 From the volumes being blocked, it's pretty clear that email is getting to
 be unusuable without some sort of blocking.

Yes, it's definitely becomming unusuable. Blocking helps some, but 
realized that the bandwith required for the email and for the blocking 
to work is becoming serious.

Jan


-- 
ManiaC++
Jan Knepper

John Reimer <jjreimer telus.net> writes:

Jan Knepper wrote:

 Walter wrote:
 
 Ok, I understand. I had thought that very little spam came from a valid
 domain, so by checking to see if the domain existed or not, one could 
 block
 spam without needing blacklists. That's what I thought reverse DNS lookup
 was. That looks like what chkusr is, though.

 
 
 The trick is that spammers these days use domains like yahoo.com for 
 instance as 'fake' "From:" domain. Although the account  yahoo.com does 
 not exist, this SPAM would still come through the system, yet reverse 
 DNS indeed might block these once reported as they most likely would not 
 come from an IP address associated with yahoo.com.
 
 Than they also setup domains, just for the purpose of spamming... 
 Domains that for the period of the SPAM being processed are actually on 
 the internet... <sigh>
 
 chkusr only checks for existence of *local* email addresses, i.e. "To:" 
 email addresses  digitalmars.com,  smartsoft.us, etc.
 
 From the volumes being blocked, it's pretty clear that email is 
 getting to
 be unusuable without some sort of blocking.

 
 
 Yes, it's definitely becomming unusuable. Blocking helps some, but 
 realized that the bandwith required for the email and for the blocking 
 to work is becoming serious.
 
 Jan
 
 


This is so insidious!  I was talking to my brother the other day, and we 
just couldn't fathom how spammers could be so tenaciously pushy.  They 
are sending spam to millions of people who wouldn't in a million years 
buy their products.  But they'll do anything to force these people get 
the mail.  I jsut don't understand this. It must be a virus-makers 
mentality or something.  I REALLY wish these people could be held 
accountable for their actions.

Excuse my rant! But I can't stand it! :-)

Oh and thanks Jan.  That was informative.  You're doing a great job 
protecting us from that insanity.

Later,

John

"KarL" <karl kimay.net> writes:

 This is so insidious!  I was talking to my brother the other day, and we
 just couldn't fathom how spammers could be so tenaciously pushy.  They
 are sending spam to millions of people who wouldn't in a million years
 buy their products.  But they'll do anything to force these people get
 the mail.  I jsut don't understand this. It must be a virus-makers
 mentality or something.  I REALLY wish these people could be held
 accountable for their actions.

Because some people believe this is "working from home".  Helping a
"genuine" company in their promotion.  This way, they (housewives,
mentally challenged unemployed) effective become spammers and the
real crook can get away.

Just like in Australia - one guy who just got caught by "Give $14,500
and I will teach you how to become rich by buying a $400,000
apartment from me".  Go figure.

"KarL" <karl kimay.net> writes:

"KarL" <karl kimay.net> wrote in message news:bqdub7$1mdi$1 digitaldaemon.com...
 Just like in Australia - one guy who just got caught by "Give $14,500
 and I will teach you how to become rich by buying a $400,000
 apartment from me".  Go figure.

Oops, forgot the URL:
http://www.smh.com.au/articles/2003/11/28/1069825986592.html?from=storyrhs

"Matthew Wilson" <matthew.hat stlsoft.dot.org> writes:

 This is so insidious!  I was talking to my brother the other day, and we
 just couldn't fathom how spammers could be so tenaciously pushy.  They
 are sending spam to millions of people who wouldn't in a million years
 buy their products.  But they'll do anything to force these people get
 the mail.  I jsut don't understand this. It must be a virus-makers
 mentality or something.  I REALLY wish these people could be held
 accountable for their actions.

 Excuse my rant! But I can't stand it! :-)

 Oh and thanks Jan.  That was informative.  You're doing a great job
 protecting us from that insanity.

I wish there was some way we could get in a room with them. I really do!

(I can't say what I'd really like to happen, as it'll no doubt be used in
some court case in the future when I totally lose it and write some abusive
email to the spammers, and then end up in the US supreme court guilty of
everything you could shake a stick at.)

roland <--rv ronetech.com> writes:

Matthew Wilson a écrit :
This is so insidious!  I was talking to my brother the other day, and we
just couldn't fathom how spammers could be so tenaciously pushy.  They
are sending spam to millions of people who wouldn't in a million years
buy their products.  But they'll do anything to force these people get
the mail.  I jsut don't understand this. It must be a virus-makers
mentality or something.  I REALLY wish these people could be held
accountable for their actions.

Excuse my rant! But I can't stand it! :-)

Oh and thanks Jan.  That was informative.  You're doing a great job
protecting us from that insanity.

 
 
 I wish there was some way we could get in a room with them. I really do!
 
 (I can't say what I'd really like to happen, as it'll no doubt be used in
 some court case in the future when I totally lose it and write some abusive
 email to the spammers, and then end up in the US supreme court guilty of
 everything you could shake a stick at.)
 
 

Hi,

There was an interesting discussion here last June called "interesting 
spam trap".
It ended with the conclusion that the way that was sugested to fight 
spam doesn't work unless the whole internet melt down ...
Well IMO measure will be taken before it completely melt down and may be 
it could be interesting to have a new look in this discussion ?

roland

"KarL" <karl kimay.net> writes:

"roland" <--rv ronetech.com> wrote in message
news:bqf1sn$7o4$1 digitaldaemon.com...
 There was an interesting discussion here last June called "interesting
 spam trap".
 It ended with the conclusion that the way that was sugested to fight
 spam doesn't work unless the whole internet melt down ...
 Well IMO measure will be taken before it completely melt down and may be
 it could be interesting to have a new look in this discussion ?

The problem is simply the fault of SMTP!

If the mail transport protocol is enhanced (yes, they did, but....) to
prevent SPAM, then OK.  However, SMTP is like your own
mailbox at home.  Everyman and his dog can stuff thing into it
if you don't stay watch over it.  Hence this is the situation.

The only difference is the post office can only "relay" if you attach
a stamp.  Junk "mail" does not have stamp - only poor suckers who
will "work" for $5 for to stuff 1000 junk mail into letter boxes will do
it.  Similarly, you will always have poor suckers who think that
they can "work at home" emailing 100,000 people and get paid
$5 for the work, so they repeatedly SPAM people.

Real spammer don't spam themselves. They find some poor soul
to do it - or sell CD's of email addresses.  You and I who owns
a domain or two need a legitimate contact which can be collected
by whois!  I tried that - registered a new domain with a new email
address and only one day later, that email starts getting SPAM!

My $0.05

"Walter" <walter digitalmars.com> writes:

"KarL" <karl kimay.net> wrote in message
news:bqgi5j$2g5v$1 digitaldaemon.com...
 If the mail transport protocol is enhanced (yes, they did, but....) to
 prevent SPAM, then OK.  However, SMTP is like your own
 mailbox at home.  Everyman and his dog can stuff thing into it
 if you don't stay watch over it.  Hence this is the situation.

The problem caused by spam is characterized by economists as "the tragedy of
the commons." Essentially, the cost of spam is not born by the sender, so it
is abused. The only solution that has a prayer of working is to make sending
emails cost money. I wrote a brief essay on it:

www.walterbright.com/spam.html

roland <--rv ronetech.com> writes:

Walter a écrit :
 The problem caused by spam is characterized by economists as "the tragedy of
 the commons." Essentially, the cost of spam is not born by the sender, so it
 is abused. The only solution that has a prayer of working is to make sending
 emails cost money. I wrote a brief essay on it:
 
 www.walterbright.com/spam.html
 

That's a smart text and IMO the best solution. The trouble is that it 
doesn't come "naturally" and need a kind of political will to be 
implemented.
May be for that there must be some intermediate step so that everybody 
realize the need of it.
Here is a sumarize of the "interesting spam trap" thread at least as I 
understood it.
There

http://www.unclebobsuncle.com/antispam.html

they suggest a way that if interesting, according to Jan does not work 
because the crawlers check the validity of the e-mail adresses they 
collect digging a DNS server.
The dig command is very fast but still. We come to the conclusion that 
if for example 10000 web pages have 100000 invalid e-mail adresse (=10E9 
adrresses), the internet could melt down.
So what ? isn't e-mail going almost unusable already ?
Let's imagine a program that creates random e-mail adresses and make the 
insertion of those adresses on existing web site very easy. Even those 
pages can be dynamic and chane all the time.
Imagine a lot of web site owners accept to put one or two big pages of 
those adresses all over the world. What will appen ? The crawlers are 
going to crawl, check huge amount of adresses to DNS servers. The 
internet will become slower, slower, even some DNS server could crash. 
That's the goal: make the internet completely unusable for a few days. 
Because of who ? because of the spammers. Be sure then, the people, the 
companies, then the politicans are going to be very very angry.
Then your solution has a chance to be implemented.

just some thinking

roland

"Walter" <walter digitalmars.com> writes:

"roland" <--rv ronetech.com> wrote in message
news:bqhk31$10pt$1 digitaldaemon.com...
 Walter a écrit :
 The problem caused by spam is characterized by economists as "the


tragedy of
 the commons." Essentially, the cost of spam is not born by the sender,


so it
 is abused. The only solution that has a prayer of working is to make


sending
 emails cost money. I wrote a brief essay on it:

 www.walterbright.com/spam.html

 That's a smart text and IMO the best solution. The trouble is that it
 doesn't come "naturally" and need a kind of political will to be
 implemented.
 May be for that there must be some intermediate step so that everybody
 realize the need of it.

I think the intermediate step is just one ISP implementing this. Right now,
many people accept mail only from whitelists. It's only a small step from
there to accepting email only from those willing to pay a penny to send it
to you.

"Walter" <walter digitalmars.com> writes:

"Jan Knepper" <jan smartsoft.us> wrote in message
news:bq81mf$2hgv$1 digitaldaemon.com...
 Yes, it's definitely becomming unusuable. Blocking helps some, but
 realized that the bandwith required for the email and for the blocking
 to work is becoming serious.

I don't understand why some of this isn't blocked at the backbone level.

Cesar Rabak <csrabak ig.com.br> writes:

Walter escreveu:
 "Jan Knepper" <jan smartsoft.us> wrote in message
 news:bq81mf$2hgv$1 digitaldaemon.com...
 
Yes, it's definitely becomming unusuable. Blocking helps some, but
realized that the bandwith required for the email and for the blocking
to work is becoming serious.

 
 
 I don't understand why some of this isn't blocked at the backbone level.
 
 

While the backbone gets paid by the otherwise 'wasted' bandwidth. . .

-- 
Cesar Rabak
GNU/Linux User 52247.
Get counted: http://counter.li.org/