On Mon, 18 Sep 2000 21:38:56 -0500, Samuel W. Heywood wrote:
> Sending the spam back to the spammer's email address is
> not an effective countermeasure, IMHO.
Don't forget that we not talking about our regular email
addresses, but about "spam trap" forwarding addresses:
Accounts specially created for just a single subscription
(read again my initial post ;-), could be either:
* Website membership subscription
* Response to previous spam's unsubscribe address
* Announcement list/Newsletter/e-zine subscription
Note: Not recommended for discussion lists, since any lurkers
could harvesting posters's email addresses, leaving the list
owners as scapegoat. See alt.spam FAQ:
http://digital.net/~gandalf/spamfaq.html
Since you create an *unique* email address for each
subscriptions, and also maintain an associative list (which
e-address belongs to which subscription), you know exactly
to who's email address you'll change the forwarding target
if you get any spam, even *before* receiving your first
spam.
I said nasty, because sometimes this "tactic" could causing
severe email loop, dragging both your forwarding ISP's and
the spammer's mail servers down to their knees. For example,
a few spam "company" actually known installing anti-spam
filter on their mail server. Whenever a victim sending an
email to the spammer's address trying to complain,
threatening, etc., these emails will be bounced back with
"your email detected as spam" error. If you redirect spams
to this kind of spammer address, all of them will be sent
back to your "spam trap" address, which will forward them
back to the spammer's address, and so on: creating "loop of
death". Since the spammer's mail server stripping all
"receive headers", and replace them with its own to send
the error message, the loop will be forever (both end doesn't
know when to discard "exceeding hop count limit" messages).
The traffic keep increasing everytime a new spam sent by the
spammer. Eventually, either one (the weakest), or both mail
servers will be overloaded, and committed suicide (killed
its own process, game over ;-).
> Anybody can put anyone else's email address in the "From:"
> line.
Sad but true. An example of such victim:
http://www.kilman.com/spam.html
However, any email addresses listed in a spam could safely
assumed as "heavily infested" with spams. These already in
"public domain". Since some (smarter) spambots immediately
deleting email addresses with fake domains (i.e. badspammer
sample page: http://survpc.virtualave.net/spambot.html),
*IMHO* it could be considered "safe" to use such addresses
in website anti-spambot scripts (especially spam's
"unsubscribe" addresses).
> Even if you have correctly identified the spammer's
> email address, sending the spam back to him will serve
> the purpose only of contributing more junk mail to the
> bandwidth, thereby choking up everybody's mail servers
> with even more junk traffic.
Actually there's a good reason why you want to do this ;-)
Clogging mail servers with spams eventually will force the
admin to install a form of anti-spam mechanism. This could
range from the most common "domain banning" system like
ORBs or MAPS RBL, to the more advanced counter-measures
such as "smart filters", robots that will peek all incoming
emails for inspection, and rejects any emails that contain
blatant "sales pitch" wordings in it, before ever reach your
POP3 server. The later already used by a few large ISPs,
including (AFAIK) std.com; altough its been reported as
falsely accused eGroups lists's ads as spams <g>
> If this action fails to produce favorable results, then
> you can take the problem to the legal authorities.
I though spaming is not illegal (yet) ?
> Another thing you can do is to support politicians who are
> concerned enough to use their power and influence and to
> enact laws to help stop the problem.
Which politicians? Any examples? There was a spam which
include a .gov URL, (claimed) belongs to an US politician
who trying to legalize spam. But the URL returning a 404
(file not found). Guess just another lie...
Well, ain't spams delicious? (see http://spam.com/ ;-)
--Eko
http://www.survpc.net/ - Older PC and DOS Internet
http://survpc.virtualave.net/ (noframe)
To unsubscribe from SURVPC send a message to [EMAIL PROTECTED] with
unsubscribe SURVPC in the body of the message.
Also, trim this footer from any quoted replies.
More info can be found at;
http://www.softcon.com/archives/SURVPC.html
