Date: Fri, 19 Jul 2002 12:45:41 +0100 (GMT/BST)
From: Digby Tarvin [EMAIL PROTECTED]
Subject: Re: Re[2]: [LIB] A special powful tool
I know this doesn't help you *now* but may I recommend to you and others
that you use different email addresses for every place thats likely to be
picked up by spammers (easiest done by registering a domain then having
random something here@yourdomain ... yes it costs money but then so do
most decent email services now, besides think about the amount of time you
waste to spam anyway ... that's why the address I use for this list looks a
bit weird for instance) ... that way at least you know where they picked
your email address from (so you can take action) and you can disable that
account (or even better, get it to redirect back to the spammers ;-)
Actually I do do that to some extent. I use a forwarding service
to forward mail to a login account on my ISPs machine, which
in turn forwards it to a pop3 mailbox which my home machine polls
on connecting to the net. So I should expect most spam to come via
the same route if my address were harvested from my net activity.
Or alternatively try to route straight back to my machine if they
ignore the Reply-To line. But 80% of the spam goes to the
un-published and un-used (except by the forwarding service)
ISP addresses. This could imply the forwarders list was compromised,
but I also get spam direct to my pop3 account, which is only referenced
in the .forward on my IPS login account, so that suggests someone is
getting lists from ISPs
Most people seem to think setting up filters is the best way to handle
spammers, but that seems a bit irresponsible to me, as having all the
knowlegeable users hiding behind filters just leaves the
nieve net users at the mercy of the crooks.
I guess you could say that but you could also extend this to saying that
putting a burglar alarm on your house is irresponsible because it
encourages burglars to ignore your house and go for your neighbor. Now that
filters are so easy to set, filtering email clients so widely used and that
most ISPs have tutorials on the subject I think we could use filters with a
clear conscience ;-)
I don't think it is purely a knowledge/expertise issue. For those of us
on a dial up line that have to pay for connect time or amounts of data
transferred, there is no advantage in filtering out the spam once it
gets on our machines - we have already paid for the transfer by then.
And what is particularly annoying is the fact that while the proportion
of spam vs real mail is about 50/50, the spam messages are typically
about 10 times larger because they are filled with all the HTML dross
that so appeals to advertisers..
If I had an ADSL connection at home, this would not be such a problem,
but it would still irk me that so much of the nets bandwidth was being
soaked up by these bozos, and if nobody bothers to report the open relays,
there will be nothing to keep the bad guys in check..
As far a burglar alarms are concerned, I take your point, but I have
always felt that it is better to use a silent alarm designed to catch
the thief than simply trying to look like a less appealing target
than your neighbour.
Of course if I could get away with it, I would go for the bear trap
style of anti-burglary devices...
Besides, I think a better analogy would be putting in soundproofing
so you don't get disturbed by the screams of people being mugged
outside. Those that can setup filters are not in any danger of being
taken in by any of the scams - for them it is just an annoyance.
What I find incomprehensible is the pre-occupation of the authorities
with censoring the net to stop people having access to things that
it is demeed they shouldn't have access to, but there is no concern
about predators that actively practice fraud and deception.
I sometimes think it would be worth buying one of these email lists
that are constantly being advertised (obviously with my name on the
list, so that more people can spam me...), and using it to send details
of the spammer to everyone on the list. Given that the premise of
spam is that if you send a scam message to a large enough group
of people, even a small percentage of suckers out there to make you
some serious money - I think I could similarly count on the small
percentage that are homicidal psychotics so that the spammer would
make Osama Binladen look like a good insurance risk
Good idea but the problem is many spammers spoof their email addresses
(I've had that happen before when trying to report them myself) ... you end
up taking action against someone who had nothing to do with the spam and
THAT can get you into an awful lot of trouble. If what I hear is correct,
companies have been sued after retaliatory hack attacks that ended up at
the wrong place because of spoofing for instance.
Absolutely - that is why the purchase would be necessary. The e-mail
address is useless, as