SPAM! SPAM! SPAM!

Links to articles, legislation, and more! But can’t I order anything WITHOUT spam?????

Spamku – Computer generated!

I came across this form spam, from this very forum. I don’t know what made me read insterad of delete it, but take out the link code, add line breaks, and you have it:

Our love,
so natural,
wait a minute,
jessica alba butt
no idea.

If the culmination of Man’s technology to date is this one written creation, it was worth it. 😀

Are YOU forget?

I found these spam titles while clearing out a client’s unused accounts today … my favorite:

LET:account,password,shop,did you forget?,are you forget?,why are are forget?,damn you forget}

And a bunch structured like these:

Drink Satellite Backpack Ship Cave Bee Sex
Jet fighter Baby Backpack Explosive Child Eyes Planet
Eyes Highway Bridge Telescope Monster Air Milk
Clown Baby Earth Surveyor Toilet Arm Man
Torch Box Coffee Butterfly Toilet Sex Crystal

I hope this year will mark some progress in the war against spam.

Spam – How much is too much?

Every now and then, clients voice their concerns about getting too much spam. The problem is twofold. First, spam isn’t going to disappear and there’s only so much to be done without hurting the medium of email. Secondly, people have extremes in opinion as to how much spam is “a lot”.

On one hand, before I adjusted Spam Assassin on the server to eliminate instead of just tag bad email, I received as many as 6000 spam emails per week through multiple addresses. When I weeded out unused addresses, it decreased to just under 3000 per week. Outlook filtered some of it — sometimes a little over half and sometimes more than 90%, leaving me with only one or two every time I turned around. So it’s hard for me to feel sorry for people who complain of finger cramps from hitting the delete key a dozen times a day.

On the other hand, any spam is annoying if you aren’t used to it. It’s offensive, obtrusive, and uncalled for.

And some addresses get more than others. That hardly seems fair, but the truth is that some addresses haven’t been found by spammers yet, or not passed around that much — yet. But eventually they find you and the war begins.

The main ways spammers get your address is by having their system search the web to “harvest” addresses found on web pages. Kentropolis currently uses “Spam Spoiler” code to ‘hide’ the address from bots while making it still usable by human users. The problem is that we have no way to test its effectiveness, except for a testimonial a while back that it never failed to work. But spammers may have ‘cracked the code’ since then.

This is why addresses used for business tend to get more spam than personal ones, unless you post it on a blog or elsewhere on the Net.

Other ways include giving out your address, such as subscribing or registering online, or even offline for a contest or mailing list. These addresses may be sold without your knowledge or blessing.

Worst of all, when you click the “unsubscribe” link, you are screwed. You just let the spammer know your address is valid and therefore worth more money to sell to the next guy … and the next … and the next.

And if you actually BUY anything from unsolicited email, then congratulations — you are part of the ultimate factor in making spam worthwhile for the bad guys. Please don’t ever admit in my presence you have ever done such a thing.

Lastly, you can get spam by luck — or rather a “dictionary attack” — where a spammer sends out randomly or bulk-sequence generated email addresses, hoping to hit a real address.

So we go back to the question “How much is too much?” The answer depends on the person and situation, but here’s a general rule:

You have too much spam if you are spending more than 1% of your time deleting unwanted messages to get to good ones. That’s about 5 minutes an average work day — about 60 to 300 emails.

When it reaches near that point, you are so popular (and cursed) that you have to explore hard-core options, such as installing paid software on the mail server in-house. Kentropolis offers Spam Assassin for free as a configurable option, and it is all most people would need, but anything more and spending big bucks becomes a serious and worthwhile consideration.

But if you only get a few here and there, take a deep breath and say a prayer of thanks to the deity of your choice. Complaining would be like being dissatisfied about the color of the wine with your fettuccine Alfredo, while sitting in the middle of a starving third-world village.

We can only hope things will change in the war against spam — where American corporations spend tens of billions of dollars a year in software, personnel and lost productivity — but we can expect it to sometimes be better, sometimes be worse, for at least the foreseeable future.

Êóïëþ Windows, Office,Server

Êóïëþ Windows Êóïëþ Office -2000/XP/2003 [email]mssoft@bk.ru[/email]? äðóãîå ËÈÖÅÍÇÈÎÍÍÎÅ ÏÎ Microsoftïðåäëî?åí?ÿ íà å-ìåéë [email]mssoft@bk.ru[/email]

Dictionary Attack

Here’s an example of someone trying to find valid email addresses on a particular domain. In this case, there ARE NO VALID ADDRESSES because the client doesn’t use any. It all gets wildcard forwarded to me.

Here are the addresses spammed, all sent from fictitious individuals …

Advertising@
Accounts@
Accounting@
Home@
Contact@
Support@
Mail@
Majordomo@
Sales@
Webmaster@
Billing@
Admin@
Help@
Info@

So you may want to think twice about using any of these, instead of JPeterson@ or salesdept@ or something more obscure.

SPAM and the Better Business Bureau

I got spam with a tagline for Benchmarkmail.Com:

[SIZE=2]
Hope to hear from you soon,
Alex Moore and International Traders LLC
P.S. It is not SPAM. It is legal advertising campaign, which is legally
working with users who agreed to receive paid advertisments. For more
information – please, refer to www.benchmarkemail.com

[/SIZE]
And when I went to their site, I see the familiar “BBB Reliability Seal” … hmmmph. So I clicked on it just for laughs and found on their report of this business the following.

Nature of Business:
This company’s nature of business is providing the sales of legal forms and agreements.

There seems to be a strong disparity between what the company does and what the BBB lists them as doing. Screenshots of both sites attached.

I’ve dealt with the BBB before, and therefore am not surprised.

Spam Getting Around the Blockade

From: easter ham [killianmcwilliams@net4gold.com]
Re: Your wealth., trowel bayonet

Need money?
Your credit doesn’t matter to us!
Want IMMEDIATE cash to spend ANY way you like, or simply wish to LOWER your monthly payments by a third or more?
Simply fill out this one-minute form…
http://zalmam.com/a62f/

flange joint muffle kiln interpretation clause
engine pilot skean dhu ingot lathe
state-provided high-lying pseudo educator
account rendered flea bug water-commanding
hackle fly large-handed core sand
palm squirrel tetradecyl alcohol turbine interrupter
saddle seam potassium bitartrate slop man
grass cold cylinder press world-informing

Getting around the Spam Blockade

There are many techniques to beat spam blockers, and some are obvious, such as add non-spam content to a message as well a misspell words associated with their product, such as

  • L0 se Weig ht now!
  • Buy C1alis Ch3ap
  • Refnance your mortgaqe today.

Here are some ex4mples that caught my eye.

Interactive Form Spam

I get a lot of spamming of this forum, interactive forms, and in particular guestbooks. It has gotten so bad that I have had to remove all guestbooks from my client’s sites. I will have to build a guestbook that screens by admin approval or by image recognition (human-only test, as most are automated bots).

Here are some examples.

Spam Wisdom and Wierd Names

From: Paddy Aguilar [Swanson@hendricks.net]

Subject: Half of analysis is anal.

Suicide is belated acquiescence in the opinion of one’s wife’s relatives.
He who can, does. He who cannot, teaches.

That’s all it said. Whoa .. I feel so enlightened now. I am the Buddha of cyberspace. 😡