"Guy - the way around your Exim hack is simply to spam with a username that exists on your systems. The effect of this is that the user who's spoofed gets deluged in bounces..."
Paul, that's gonna be a pretty good trick seeing the server also won't relay without a valid username and password on the system ;).
Actually spammers can be tracked down and are on occasions fined and prosecuted under existing legislations, some people in this comment thread are seriously overdramatizing: http://www.theregister.co.uk/2004/11/17/icstis_fine/
"Another New York-based company - BW Telecom - was also fined £100,000 for continuing to run its online adult entertainment service even though it was barred last year. The US company had been fined £75,000 ($139,000) for spamming punters with porn emails that led to users racking up whopping phone bills. The spam sent by BW Telecom contained peak-rate dialler software which disconnected users from their ISP before reconnecting them to a service that charged them £1.50 a minute for Net access."
Yes ICSTIS took interest in these comapnies this time over dialers, not spam, but spam represents a significant portion of their dialer distribution methodology to begin with.
As regards solutions, there isn't one single solution to spam, the answer has to come from a combination of several new technologies as well as significant improvements to existing tech. As regards e-mail, one particularly potent factor in the propagation of spam is the ease with which spammers can completely falsify their e-mail address and other headers. The means to resolve this issue reside in the global implementation of a better mail protocol, our most common current protocols do not make any outstanding attempts to verify the validity of outgoing e-mail addresses simply because no one at the time thought that sort of verification would be necessary, many modern mailer services are now trying to compensate for this flaw, for example the verion of exim our server runs will refuse to send mail if the outgoing address specified doesn't correspond to an address already existing on said server, this is a restrictive measure but it serves as an excellent stopgap measure to prevent intruders or unscrupulous customers from sending spam directly off our servers. More advanced projects are looking into ways of implementing two way address authentication methods throughout all e-mail servers out there, in time one of these solutions will be implemented, it's just a matter of being patient.
This is a tragedy of global proportions and the biggest blow yet to everything decent and good left in America. I'm in terror at what Bush will do now that his ego has been informed that God has just re-affirmed his mandate of power :/. (Oh come on, you KNOW that's what's going through his head, well that and Homer Simpson in an infinite "Woohoo!" loop :P)
"Ooo, these guys sound ripe for the "scam the scammer" technique used by that very creative gent in the UK, who actually got one of those "Nigerian prince" scammers to send him money."
That'll be a reference to Shiver Metimbers from 419eater.com, a good man, and I highly recommend the site for some light entertainment and useful information on 419 scams and their spinoffs.
"Better Business Bureau. Though, the last time I called them investigating/reporting someone, the chap I spoke to said my best bet was to file complaints with the BBB in the state of incorporation/license for that company. Not that it hurts to file a complaint in whatever state I was in receiving the call as a 'mark'."
The Better Business Bureau deals with unethical and unlawful practices undertaken by properly registered business entities that actually exist. These calls originate from small teams of criminals (both independant and part of organized crime) trying to con money out of people, they do not originate from any kind of real business. As such the BBB has neither jurisdiction nor even the ability to identify or contact the individuals in question. They're fobbing you off by telling you to call a BBB bureau you can't possibly identify (no idea where in the US, if at all, the call originated), because they don't want to deal with this type of issue.
Consumer protection agencies may be interested in knowing about these incidents so as to improve the quality of information they offer the public regarding scams, they are not however qualified to take any kind of action insofar as investigating or aprehending the people responsible goes.
Your local DA and the FBI are good places to start with a complaint. Local police won't be interested unless you have reason to believe a particular scam is physically operating out of their jurisdiction.
Brenda's analysis regarding famous names is accurate, that's a very common tactic amongst foreign nationals unfamiliar with local names and trying to sound as though they're from the right country.
"If it is a botnet, it's not a garden variety moron but an actual criminal."
Have to disagree somewhat there as nowadays a garden variety moron with a minimum of motivation can easily acquire access to a botnet or build one up from scratch. A few months back we had a security incident on our server, some Brazillians used a web server vulnerability to kill off our IRC server and replace it with their own, they then redirected a domains of their choosing to our server's address and parked a botnet of +-750 clients on the hijacked IRC server to wait for commands. Now at first glance you might think these guys were pretty good to pull all that off, they weren't, here's the facts about what they did:
1. They never rooted the server (i.e. never gained admin rights), everything they did was under a single user's limited priviliges.
2. They couldn't shut down our server, they just got lucky that theirs loaded before ours at the next reboot, causing ours to fail as the ports were in use.
3. They only ever had any control on the server at all because one of our clients installed PHPNuke, a package with massive security flaws in its design.
4. Once the offending package was removed the intruders lost ALL ability to affect the server, they couldn't think of any other way to get in nor had they even tried to provide themselves with alternate means of access whilst they did have control.
5. The intruders failed to realize their botnet was still being allowed to log in to OUR IRC server after I dumped theirs, and was as of that moment being actively observed by the police.
6. The intruders were unable to keep up with me switching IP addresses to avoid their DDoS attack on me when I did finally confront them head on and dump em off the server for good. One individual vs 4 allegedly experienced hackers and a 750 client botnet, they couldn't touch me.
In short, they were very well equipped for spamming, DDoSing, and generally causing chaos, but they were baseline idiots following pre-written instructions to get anything done and completely incapable of improvising a response when the scenario turned on them.
As regards "Actual criminal", keep in mind it doesn't matter whether one is insane enough to spam by hand or are using a botnet (owned or hired), the individual in question IS a criminal when he starts spamming. Even without cybercrime legislations the sort of activity seen here and elsewhere constitutes harassment, disruption of business, and a number of other criminal activities. Hiring or building a botnet just means the spammer's commited MORE crimes above and beyond the spamming.
and so it came to pass, under a blood moon, the curse met its final demise.
Well since the games take place in the genral vicinity of 1 AM onward here I've started taking a couple weeks off work to watch the world series live. Last year was very rewarding, and it's looking as though this year won't dissapoint either. Couple thoughts..
Kate Nepveu:
>As-you-know-Bob, Stephen King _is_ writing a book with Stewart O'Nan, about the Red Sox's season from a fan's perspective.
Well I guess that explains the look of intense concentration he seemed to be wearing throughout game 7, was wondering what had him that focused.
Nomie:
>If the Sox win the Series I am taking a vacation. To Canada.
Dunno, I don't think that'll be too effective, if the Red Sox do win I suggest you duck or risk getting hit by fireworks being shot off the ISS, hiding up north won't help.
(ok I have NO idea what happened in the previous comment.. it looked ok when previewed :( )
Well since the games take place in the genral vicinity of 1 AM onward here I've started taking a couple weeks off work to watch the world series live. Last year was very rewarding, and it's looking as though this year won't dissapoint either. Couple thoughts..
Kate Nepveu:
>As-you-know-Bob, Stephen King _is_ writing a book with Stewart O'Nan, about the Red Sox's season from a fan's perspective.If the Sox win the Series I am taking a vacation. To Canada.
TNH writes: "Ol' Todd's modified his Tips article since I first wrote about it, demonstrably incorporating a good deal of information from my post and the comment thread following it. He hasn't acknowledged this. Instead, he's threatened me with legal action."
Well, since our good man does so love litigation, it might be worth mentioning there's potential for a pretty hairy lawsuit right there. He's taken large amounts of constructive feedback and hard work from yourself, John, and others in this community, and used it all to improve his own published advice. As he's not credited any of it to you he's clearly claiming your ideas as his own, tisk... tisk... TISK. :)
| Year | Number of comments posted |
|---|---|
| 2004 | 10 |
Total: 10 comments. View all these comments on a single page.
The most recent 20 comments posted to Making Light by Guy Matthews:
Show all comments by Guy Matthews.