Oh soo fed up of spam

Non-computer-related chit-chat

Moderators: ChrisThornett, LXF moderators

Has it a hope of working?

Poll ended at Mon Mar 06, 2006 1:12 am

Yes
0
No votes
Possibly
0
No votes
No you've gone nuts to even think it
5
100%
 
Total votes : 5

Postby godofthedevil » Mon Mar 27, 2006 11:54 am

ive tried emailing isps before but the trouble is that some ips are from places that dont speak or understand english for they know or care your offering them a naked woman and to assissinate their leader and help the freedom fighters.

the spam for software i get is in my yahoo box and it says what is 0em (zero em) and whats it about from about 20 diffrent email addresses. but if i took the time to look at the headers they would come more or less from the same geographic locatation
www.stewfisher.co.uk


LinuxMint, The loveable Grandchild of Debian/GNU Linux
User avatar
godofthedevil
LXF regular
 
Posts: 150
Joined: Mon May 09, 2005 5:00 pm
Location: Oxford

Postby TheDoctor » Mon Mar 27, 2006 8:35 pm

wyliecoyoteuk wrote:Some that bother me are ones sent to hxxxxxxx@blueyonder.co.uk
where xxxxxxx is a nonsense string, eg ham3fxdy, but still gets to my email address (hxxxxxx2@blueyonder.co.uk, name changed to protect the guilty)


That's because they put your actual address (and those of other victms) in the BCC: field.

BTW I've got SpamBayes running and, while I get a lot of spam to my PC, I hardly ever see any of it. A marvellous product and much better than letting some third party decide what I can or can't receive.
TheDoctor
LXF regular
 
Posts: 325
Joined: Mon Jan 02, 2006 9:02 pm

Postby CJLL » Tue Mar 28, 2006 6:05 pm

TheDoctor wrote:
wyliecoyoteuk wrote:Some that bother me are ones sent to hxxxxxxx@blueyonder.co.uk
where xxxxxxx is a nonsense string, eg ham3fxdy, but still gets to my email address (hxxxxxx2@blueyonder.co.uk, name changed to protect the guilty)


That's because they put your actual address (and those of other victms) in the BCC: field.


Nope, this is because the actual receipients and the headers you see in your e-mail client are set differently.

This is an example of a SMTP conversation with sendmail:

Code: Select all
 telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 localhost.localdomain ESMTP Sendmail 8.13.4/8.13.4/Debian-3sarge1; Tue, 28 Mar 2006 18:46:07 +0100; (No UCE/UBE) logging access from: localhost.localdomain(OK)-localhost.localdomain [127.0.0.1]
HELO localhost


first of all, introduce yourself using the HELO command

Code: Select all
250 localhost.localdomain Hello localhost.localdomain [127.0.0.1], pleased to meet you
MAIL FROM: test@localhost


Then tell the MTA who you really are. Ok spammers lie at this stage, but a well configured mail server will check that the domain exists.

Code: Select all
250 2.1.0 test@localhost... Sender ok
RCPT TO: cjll@localhost
250 2.1.5 cjll@localhost... Recipient ok


Now tell it, who you are sending it to using RCPT TO. You can do a whole bunch of e-mail addresses here.

Next comes the information that your mail client will actually look at, after the data command:
Code: Select all
DATA
354 Enter mail, end with "." on a line by itself
To: Fred Bloggs <freedy@bloggs.com>
From: Leet Haxor <leet@example.com>
Subject: This is fun


The MTA will add some data about the route the mail message has taken to be delivered, but usually most of the info will be untrustworthy.

Your mail client will treat everything before Subject: as a header, so you add as many wierd and wonderful headers as you like. The MTA doesn't care.

Code: Select all
Hi

This haxoring is fun!

.
250 2.0.0 k2SHk7m8005877 Message accepted for delivery
QUIT
221 2.0.0 localhost.localdomain closing connection
Connection closed by foreign host.


Finally, send a full stop on it's own to indicate that the message is finished and say goodbye.
CJLL
LXF regular
 
Posts: 193
Joined: Sat Jul 09, 2005 9:22 pm

Postby TheDoctor » Tue Mar 28, 2006 10:24 pm

CJLL, that's interesting. It explains some puzzles I've had about the headers in spam I've received. They've not made sense, and your explanation shows how this can happen.

Of course, our explanations are not mutually exclusive, although I can see how a serious spammer could cover his/her tracks much more thoroughly by your method.
TheDoctor
LXF regular
 
Posts: 325
Joined: Mon Jan 02, 2006 9:02 pm

Postby nelz » Tue Mar 28, 2006 11:45 pm

Limnits on the lengths of headers mean Bcc: can only be used to send to a fairly small number of addresses, whereas listing then in the SMTP envelope is limited only by the mail server (some have limits to prevent their being used for spam). Spam is basically mailing lists without you needing to take the trouble to subscribe, the same distribution methods are used for both.
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8552
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby TheDoctor » Wed Mar 29, 2006 12:10 am

Spam is basically mailing lists without you needing to take the trouble to subscribe


lol

Like being mugged is basically a money transfer without you needing to contact your bank...
TheDoctor
LXF regular
 
Posts: 325
Joined: Mon Jan 02, 2006 9:02 pm

Postby nelz » Wed Mar 29, 2006 8:29 am

The techniques used are somewhat different in that case. Try replying to a few phishing mails for a more compatible form of mugging...
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8552
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby CJLL » Wed Mar 29, 2006 5:11 pm

nelz wrote:Limnits on the lengths of headers mean Bcc: can only be used to send to a fairly small number of addresses, whereas listing then in the SMTP envelope is limited only by the mail server (some have limits to prevent their being used for spam).


BCC is an e-mail client convenience, and not a SMTP feature. Your e-mail client still issues a RCPT TO: command regardless of whether the address is in the To: Cc: or Bcc: header.

It it up to the receiving mail server or client to be discrete and remove the other recepients. Not all of them do, so be aware.
CJLL
LXF regular
 
Posts: 193
Joined: Sat Jul 09, 2005 9:22 pm

Postby nelz » Wed Mar 29, 2006 9:11 pm

I know, I was merely pointing out why it is not suitable for sending out mass mailings.
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8552
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby Blåtann » Tue Jul 04, 2006 6:33 pm

I may flag something aready written in this thread but has anyone mentioned viruses?
As a lot of modern viruses is designed to make zobies out of pc´s so that they can be abused by some hacker.

I once read something on the net about a hacker renting out hes botnet of about 100.000 pc´s (zombies) for about $100.-/hour
A spammer will gladly pay to use these machines as a cluster of spam machines.

Thereby there is actualy a risk sending an email to a friend with a possible vulnerable machine.
If the machine is compromised your message may be picked up and inkluded in a spammers list.

Acording to "How stuff works" the mail lists is sold on cd´s as "spam free" addresses, that is people that have agreed to receive spam(!)

It does not matter how good you hide your address, the virus or spyware compromised pc´s of your friends will give it away.

Viruses or spyware often runs it´s own smpt server and may send messages in the background.
Thereby, neither IP or the senders address is caracteristic of a spam message.
Blåtann
 
Posts: 15
Joined: Sat Jun 24, 2006 11:07 am

Previous

Return to Off Topic

Who is online

Users browsing this forum: No registered users and 0 guests