On Sun, 24 Dec 2006 16:32:33 +0000
Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> wrote:
> __/ [ ed ] on Sunday 24 December 2006 16:07 \__
>
> > On Sun, 24 Dec 2006 15:16:12 +0000
> > Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> wrote:
> >
> >> Cyber Crime Hits the Big Time in 2006
> >>
> >> ,----[ Quote ]
> >> | Spam volumes are often viewed as a barometer for the relative
> >> security | of the Internet community at large, in part because most
> >> spam is | relayed via "bots," a term used to describe home
> >> computers that | online criminals have compromised surreptitiously
> >> with a computer | virus or worm. The more compromised computers
> >> that the bad guys control | and link together in networks, or
> >> "botnets," the greater volume of spam | they can blast onto the
> >> Intenet. `----
> >>
> >>
> http://www.washingtonpost.com/wp-dyn/content/article/2006/12/22/AR2006122200367.html
> >
> > i've already been getting spam relating to office 2007. it's
> > killing me here. another great thing about open source is that
> > there's no reason to tout openoffice since the money is made
> > through contributions, there's no money from counter fitting
>
> True. I quite liked the "take the test drive, keep the car" parable
> that was popularised in why.openoffice.org and desktoplinux.com.
>
> They used to have that statement before they replaced their sales
> pitch with warning about Microsoft's scheme, which locks in people's
> data after a predefined trial period (Office 2007, similar to the
> rationale behind student discounts from Adobe and Autodesk). Prior to
> that they used FUD/scare tactics, arguing that many Office users are
> using it illegally and it's time to get legal. This raised concerns
> similar to those which rebut FSF's Bad Vista campaign
>
> I have been getting some of these fake Vista offers (SPAM)
> recently... just like the press, which remains tuned in to 86 billion
> (and climbing) spam per day, seems to suggest... I'm beginning to
> think about bouncing unrouted mail. Any thoughts...?
it's not a good idea to bounce the mail. just dont accept it. there are
two different things.
* bouncing mail
the mail is accepted, and then a new mail is created addressed to the
mail from envelope header. the new message contains the accepted
message with an additional text stating that the mail could not be
delivered for whatever reason
* denying mail
does not accept the message during the smtp converstation. the
connecting sender gets a 5xx message stating that your mailbox is
unavailable.
with bouncing the message, the spammer can in effect use your mail
server as a relay to bounce the spam message to an innocent party.
here is an example of denying message:
S: 200 mail.example.com
C: helo
S: 200 pleased to meet you
C: mail from: ed@xxxxxxxxxxx
S: 200 ed@xxxxxxxxxxx go ahead
C: rcpt to: roy@xxxxxxxxxxx
S: 551 mail box unavaialble
C: data
S: 300 no recipients
C: quit
S: 200 good bye
so during the conversation the message is blocked. this is the better
way to deal with it.
had the message been allowed, but delivery not possible, the bounce
would go to the mail from envelope above. this would then be delivered
to ed@xxxxxxxxxxx, no matter who actually was sending the message.
sometimes this is also referred to as backwash spam.
part of my job is to look after a large group of mail servers... i've
seen most tricks once or twice before... of late the backwash spam is
popular as many people have adapted to things...
they are getting clever, some times the spammers look for mail boxes in
a harvesting attempt and latch on to those that send backwash.
--
Regards, Ed :: http://s5h.net/u?l
proud bash hacker
Every day for breakfast, Mr. T punches a rhinocerous in the face. He
insists that this is the only way he can start his day.
|
|
