Re: Pishing mails on the increase? [OT]
From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 11/14/05
- Next message: John Wingate: "Re: copy server to server retaining chmod and ownership?"
- Previous message: Robert M. Riches Jr.: "Re: Stats comp.os.linux.misc (last 7 days)"
- In reply to: Michael Heiming: "Re: Pishing mails on the increase? [OT]"
- Next in thread: Michael Heiming: "Re: Pishing mails on the increase? [OT]"
- Reply: Michael Heiming: "Re: Pishing mails on the increase? [OT]"
- Reply: Shmuel (Seymour J.) Metz: "Re: Pishing mails on the increase? [OT]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 14 Nov 2005 13:51:52 -0600
In the Usenet newsgroup comp.os.linux.misc, in article
<fvnk43-07k.ln1@news.heiming.de>, Michael Heiming wrote:
>Only have a very few mail addresses, mostly use the one supplied
>here (a little munged), iirc I'm using this mail address since a
>decade or more. Likely because it's easy to remember. Spam wasn't
>a problem as I begun to explore usenet with it, so it wasn't
>munged and is certainly contained on any spammer DVD starting
>kit.
After I posted, I finally pulled the thumb out, and did a google
search - one hit on the search term "Millions CD" (which might be some
spammer's trademark - I dunno) returned a site selling 15 million "Fresh"
addresses on a CD for US$249. I imagine the price is justified by the
'de-munging' (really, anyone who knows 'sed' can eliminate a lot of
the common stuff), checking domain validity, and then removing addresses
of those anti-spam activists - whatever that might mean. Thus, it
appears that these harvesting services might be ignoring old, but unused
names. But yes, I remember the "good old days" - when things like Rob
Clark's 'Winmodems' web page (referenced in the Modem-HOWTO) used to have
working addresses so you could contact someone who had actually gotten
some particular model of modem to work. I was listed on about 8 models,
and used to get a couple of mails a week asking how I got this or that
modem to work. That was a useful service the spammers killed.
>At one point disabled a default catch all account for my domain,
>which was a nice thing, but spammer started hammering me with
>thousands of messages daily and it began to be mentionable even
>with ADSL.
The only catch-all accounts I still have are 'abuse', 'hostmaster', noc'
and 'postmaster' (per RFC2142), and even they are filtered - postmaster
less so, but still.
>In the last 10 month not a single spam mail was able to pass SA,
>which defeated about 50000 x spam during this time, with not a
>single false positive I'm aware of.
Like you, I haven't heard of any false positives, but I don't bother to
keep track of numbers. I don't even turn on the logging that often.
>It doesn't get beyond SA here, had to check a cron zerod spam
>file to mentione them. There was some rather stupid article about
>the matter, which made me curious and yep there are about 5 of
>them from the last 22h.
There was a very interesting post to news.admin.net-abuse.blocklisting
in a thread titled 'Effectiveness of DNSBLs declining?' from Matthias Leisi
on Saturday evening (Message-ID: <d6oh43-b2r.ln1@msgid.astrum.ch>) with a
pointer to a paper he wrote analyzing a spam run. Some of the conclusions
are not new, but the insights are quite interesting.
>My bank gives a hint on the entrance URL to online banking,
>they'd never ever send a mail asking for passwords/etc
I still can't imagine why people think that might be ordinary. Likewise
the crap claiming to come from eBay, PayPal, or "my" ISP.
>and provides a free call number for questions. Their mails are signed
>in addition.
Mine originally was even signing the advertising and information bulletins
they were sending out - then they wised up and provided an 'opt-out' to
that stuff, shifting it to 'standard' mail (the definition now used by
the US Post Office for what used to be "bulk mail"), or 'first class'
mail if it's important. Using snail-mail costs real money, so they are a
lot more selective of what they send out.
>The real stupidity beyond the matter, why on earth should they ask
>me for my password on their server?
If they can't get the hash off the backup tapes... (you can tell the
plishers have no central authentication system experience - wonder if
their windoze box is using one of those passwords the 'deloder' worm was
testing for in March of 2003)
Old guy
- Next message: John Wingate: "Re: copy server to server retaining chmod and ownership?"
- Previous message: Robert M. Riches Jr.: "Re: Stats comp.os.linux.misc (last 7 days)"
- In reply to: Michael Heiming: "Re: Pishing mails on the increase? [OT]"
- Next in thread: Michael Heiming: "Re: Pishing mails on the increase? [OT]"
- Reply: Michael Heiming: "Re: Pishing mails on the increase? [OT]"
- Reply: Shmuel (Seymour J.) Metz: "Re: Pishing mails on the increase? [OT]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
