On 4/2/05 7:58 PM, Scott Haneda at [EMAIL PROTECTED] wrote:
> on 4/2/05 2:15 PM, sequoia at [EMAIL PROTECTED] wrote:
>
>> I�m curious if any of you longtime Entourage users have ever heard of, or
>> use,
>> [EMAIL PROTECTED]
>>
>> http://www.hendricom.com/spamcontrol.htm
>>
>> I saw it on VersionTracker, and it looks pretty interesting. I�d love to
>> start
>> smacking these spammers, and this could be a way to do it.
>
> My thoughts are it is garbage. Since so much of spam is spoofed, the a
> spoofed postamster@ a spoofed domain will get spam reports. We have as a
> matter of fact, blocked those reports from spamX, even Apple has done the
> exact same.
Seriously, stay away from this. Unless it has been greatly improved, using
it could cause YOU to be considered the source of a DoS attack. As I
understand it, it sends abuse reports to every domain it finds in the
headers including ones that have nothing to do with mail delivery as well as
once that could be faked.
The following was posted in January in another forum I frequent back:
A new spam product has now surfaced: [EMAIL PROTECTED]
It does not detect what is spam, instead it is used on what other spam
filters detect to be spam.
What it does, is scan through a user's spam, and sends notifications
to the contact names for any domain name found in the message or the
headers, even for those domain names that are obviously forged.
This is flooding abuse e-mail addresses all over, and the programmer
instead of fixing the flaws is now puting in a list of domains to never
send reports to consisting of the major DNSbls that are used by
other spam filters. Everyone else will still get the reports to the
forged addresses.
If you are registered as the owner of a domain name, the next time
that a spammer or a virus forges it, be prepared for a flood of
reports.
There are now 2 aggressive DNSbls, AHBL and http://exspam.surriel.com/
that are now listing I.P. addresses of users of [EMAIL PROTECTED] Note
that since
these are going through ISP mail servers, absolute blocking will cause
a lot of collateral damage.
The following site documents this and giving http://www.google a group
search of [EMAIL PROTECTED] and abuse quickly locates the other information.
I have posted en excerpt below the link.
http://www.versiontracker.com/php/feedback/article.php?story=200501082230501
40
[quote]
A few days ago operators of several popular DNSBLs noticied
a large wave of mis-directed spam complaints from various
places of world. The complaints are all titled like
"EMail Abuse Complaint D/M/YY H:MI:SS" (with a real date),
contains original spam samples, with from being the spam
recipient, and are being sent to a large number of various
addresses, obviously using whois data (sample is at the end
of this post). The site is http://www.hendricom.com/, looks
promising. There's a support forum too, at
http://www.hendricom.com/forums/index.php?act=SF&f=3 --
users are saying good and thankful words about the
software. So far so good.
But there's a problem (note the first sentence of this
post): the software sends a complain about every URL
it finds in body and headers of the original spam.
*Including* the text added by eg SpamAssassin --
X-Spam: listed in dsbl, http://dsbl.org/listing?127.0.0.2
So, now dsbl.org, cbl.abuseat.org, spamhaus.org, sorbs.net,
spamcop.net and so on and the like are all spamvertisied
sites, snd the software complains to both the "site owner"
and its upstream, using the whois information. Voila,
go figure, all great spammer.
But that's not all the story obviously, or else the Subject
will be different. Simply fix the bug and be done with it,
not a big deal really. But the author isn't that "simple".
Several people notified him using email. Several posts has
been made on the support forum. Guess what?
He just deletes the "bad" posts in the support forum, continues
making new versions without fixing the problem, and leaves
only "thank you" messags on his forum. There where several
posts by me, by Rik van Riel (several attemts), by others --
all gone in a few minutes...
[quote]
-- Larry Stone
[EMAIL PROTECTED]
http://www.stonejongleux.com/
--
To unsubscribe:
<mailto:[EMAIL PROTECTED]>
archives:
<http://www.mail-archive.com/entourage-talk%40lists.letterrip.com/>
old-archive:
<http://www.mail-archive.com/entourage-talk%40lists.boingo.com/>
