| View previous topic :: View next topic |
| Author |
Message |
ggsearch
Special Response Team
Premium Member
Joined: Feb 09, 2004
Posts: 702
Location: Netherlands
|
|
| Back to top |
|
 |
Brendan
Lieutenant
Premium Member
Joined: Mar 29, 2004
Posts: 187
Location: UK
|
 Posted: Fri Jul 16, 2004 11:47 pm Post subject: |
|
|
Hi GG
Please excuse me for inadvertently missing this post. It's been a little manic of-late 
Spammers tend to munge-cycle all sorts of names in the header fields, and although they do not necessarily bear a relationship to the Email addresses on their hit-lists, it IS certainly quite possible (and even probable).
It would certainly be an interesting experiment to see if that is the case here, though naturally equally as-possible that those names are in-fact real and in use. The only way to find out is by attempting to raise Email addresses against them, and therefore you would be informed if they are already registered in someone else's name.
| Quote: | Should I give the already spam catchers a mailbox, set them up as spam-sink and send them to my spam portal address?
Ofcourse I will notify Spamforce about it so you can loop it |
What you suggest is the right thing to do, including letting us know the spam-sinks in question.
With very many thanks (and apologies for the late reply)
Brendan.
|
|
| Back to top |
|
|
Ikeb
Special Response Team
Forums Admin
Joined: Apr 20, 2003
Posts: 16542
|
| Posted: Sat Jul 17, 2004 5:02 am Post subject: |
|
|
| Brendan wrote: | It would certainly be an interesting experiment to see if that is the case here, though naturally equally as-possible that those names are in-fact real and in use. The only way to find out is by attempting to raise Email addresses against them, and therefore you would be informed if they are already registered in someone else's name.
|
??? But Pieter owns the domain. So how could they be real if he hasn't assigned them?
Actually aren't you assuming that the domain is owned by an ISP for example? When the domain is owned by someone willing to be complicit with SpamForce goals, aren't there in fact additional options available?
|
|
| Back to top |
|
|
Brendan
Lieutenant
Premium Member
Joined: Mar 29, 2004
Posts: 187
Location: UK
|
| Posted: Sat Jul 17, 2004 9:46 am Post subject: |
|
|
Hello Ike
| Quote: |
??? But Pieter owns the domain. So how could they be real if he hasn't assigned them?
|
Ahh... yes. Obviously the answer to the question here. I did indeed overlook the fact that the URL was privately owned and controlled.
The stated "to" or "From" addresses in the header are usually just munged tat, though would be confirmed by actually looking at the header in detail (e.g. FILE >>> PROPERTIES >>> DETAILS on Outlook Express, for example). The reason I say this is because where you have a "catchall" set up on your mail-server, then obviously you would receive all rubbish sent to <guessed_name>@frysianfools.com.
Now it would also be quite possible (and very effective) to use a catchall box to forward spam sent to any guessed addresses, either now or in the future, with the following note of caution...
First, be sure to set all published addresses as individual accounts, thereby ensuring that the catchall does not forward any intended Emails with spam going off to your portal.
Second, be sure that your declared return address(es) on your Email client are correct and that mailboxes exist on your web account - otherwise, if you were relying on catchall to collect all your Email then you may not have noticed a possible error before. For example, if in Outlook Express I have on Email account peter123@spamforce.com the return address (contained in all sent headers) mistakenly set to peter133@spamforce.com, then I would no longer receive Email from senders hitting the "reply" button to any messages I sent - as Peter133... would be picked up by the catchall and reported as spam.
It occurs to me that the above might well serve as a very powerful means for web-hosts in attracting spam sent to any guessed non-existent Email addresses, on proviso that abuse@... postmaster@... webmaster@... (etc) are first set up as real accounts and excluded from the catchall.
The other option however is to do precisely as Pieter suggests (i.e. specific known addresses sent to the spam portal), though in this case you'll need to set up a mailbox for every new guessed address that you receive through a catchall.
Brendan.
|
|
| Back to top |
|
|
vividere
Corporal
Joined: Oct 25, 2004
Posts: 54
Location: USA
|
| Posted: Mon Feb 07, 2005 6:26 am Post subject: |
|
|
It kinda seems the original point was missed. I am in the same boat...
I had published email addys for a list of clients but they were simply put online so people could write those clients but while those names were published they had a purpose, but now those email addys have no legit use and will never get legit mail. As a result right now those email addys are already forwarding the mail to the blackhole. Each of them (60-70) email addys are well established in the spammer's databases so they would get traffic immediately without waiting for a new email addy to get discovered.
So even though they were existing email addys, they had no real purpose before therefore are all available vs. creating new ones.
How else do you "seed" the spammer's databases? By inserting a new email address somewhere in the site for a future spider visit by the spammers?
|
|
| Back to top |
|
|
Brendan
Lieutenant
Premium Member
Joined: Mar 29, 2004
Posts: 187
Location: UK
|
| Posted: Mon Feb 07, 2005 9:42 am Post subject: |
|
|
Hello Vividere.
Thank you for your post.
There are a variety of ways to seed addresses, one common example being to "Unsubscribe" to spam by entering your spam-sink address in the box provided.
However, I had considered this and extended the possibilities for just such Email addresses that had been de-commissioned and therefore introduced portal extension codes. Please see http://www.spamforce.com/about.html which details this further in the examples given.
Hopefully this answers your enquiry - particularly if the Email addresses have been long-decommissioned. Experience would suggest that the majority of these will continue to be targetted for years to come
Brendan.
_________________
_________________
NEVER say "Never"!
_________________
|
|
| Back to top |
|
|
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2889
|
| Posted: Thu Feb 10, 2005 12:11 pm Post subject: |
|
|
Believe me, you don't have to recycle stuff that's already getting spam. If you own the domain, just make up some new addresses and start forwarding them to SpamForce. I have a page on my website that lists the spamsink addresses in the source code with a warning not to mail to them on pain of being reported as a spammer. The spammers of course extracted the email addresses within a few weeks and the flood gates are now open.
I don't know where Brendan seeded the email addresses, because they get much nastier spam than my other addresses. I don't go to that kind of website 
|
|
| Back to top |
|
|
robh
Trooper
Joined: Feb 28, 2004
Posts: 25
|
| Posted: Fri Nov 17, 2006 6:04 pm Post subject: Redirect catch-all |
|
|
I have a 10 year old domain that gets a spam every 10 seconds. I have a catch all address sending everything to a Gmail account where they get auto-moved to trash and hence auto deleted after 30 days. The account is usually full (about 2.7GB - 250,000 spams). This sounds like a useful respository for identifying current trends in spam. Would anyone like to take over from gmail as the lucky recipient? Would this help Spamforce?
I kept a couple of addresses separate but routed the bulk to gmail so I could rescue any I might need - but obviously that's impractical.
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
