Giving Your Greytrapping a Helping Hand 109
Peter N. M. Hansteen writes "Some spam houses have invested in real mail servers now, meaning that they are able to get past greylisting and even content filtering. Recently Peter Hansteen found himself resorting to active greytrapping to put some spammers in their place. The article also contains a list of spam houses' snail mail addresses in case you want to tour their sites."
Um, (Score:3, Interesting)
Dynamic Dolphin?? (Score:3, Interesting)
I seem to remember reading about a convicted spammer who created Dynamic Dolphin in Broomfield, Colorado. Does anyone else remember who this asshole was? I would not be surprised if he started the whole thing.
Re:Um, (Score:3, Interesting)
I've seen an increase in spam that has made it past my gmail spambox in the last week, but I get several thousand spams a day so it's not a big deal.
I used to allow any email that shows up to the domains that I have, and I'd get way more spam. It's weird that 3,000 spams a day is slow since it's not like I go out signing up for stuff but I also don't hide my email.
I still get actual email that gets filtered as spam which sucks, but I put up with it since gmail works about 99.5% of the time. I wonder how many legit emails I've had that people think I ignored since I didn't respond.
Re:Um, (Score:3, Interesting)
Re:Grey-trapping (Score:3, Interesting)
The problem is what happens when some reputable sender get's on the list.
I mentioned this to Mr. Hansteen a while back on usenet, warning him about putting his greytraps (and spamtraps) in public view on his webpages. All it takes for a legitimate sender to be listed with him, is one single newsletter signup with one of his traps.
Even though the trap will never respond, the sender will nevertheless have to send a message to the trap to attempt to verify the signup. Apparently, his list protects quite a lot of accounts, and he cannot whitelist everything ...
I never got a decent reply. I'm not sure what Mr. Hansteen's goal is, other than researching for its own sake and performing some good old sub-optimization of questionable value in the process.
Re:Couldn't you just blacklist those servers? (Score:4, Interesting)
Unlike the guy in TFA (who blocks the sender for 24 hours), I only assign some points in SpamAssassin.
Sounds familiar. (Score:3, Interesting)
I was using something similar. The trick is to identify the ISP mail servers. Usually by some naming convention of the ISP ... but in some cases you have to just wait for a complaint to come when they get blacklisted. I solved part of that by sending the rejection list to the recipients at times so they could check it.
Meanwhile, greylisting is completely different.
Greylisting means that any new "triplet" (recipient name + sender's name + sending IP address) is TEMPORARILY rejected for X minutes. This is because many spammers were using zombie machines that would not try to resend the message OR would keep trying with different sender's names. Legitimate senders and email servers would (MOST OF THE TIME) be able to handle the delay and the message would get through. All future messages with that "triplet" would be received without delay.
Content filtering? (Score:4, Interesting)
Re:Um, (Score:2, Interesting)
I guess that's like saying skateboarding should be your primary transportation vehicle. Some people do it I suppose, but is it the best idea?
Get your own infrastructure and access your emails as you wish, like for example mutt on a remote terminal, or webmail (squirrelmail), or in any mobile IMAP client (my iPhone works great).
What about backups? What if tomorrow they change the policy of old/archived message?
I do have a couple of gmail accounts, but those are mostly for redundancy and seldom used by me.
Re:Give your COCK-AND-BALLS a "hand" (Score:4, Interesting)
I did my best to resist the impulse to stop browsing these comments at -1 because I had too often found interesting comments that had been modded down for the wrong reasons.
I guess I won't be able to do that any more, because I get too sad when I see how much energy some people expend in hatred of gays and blacks. Say, maybe we could filter comments by more than just the number? I wouldn't mind being able to see "-1 Flamebait" because often you find insightful comments that have been modded down by committed astroturfers, but "-1 Offtopic" (which my own comment here is, by the way) could get filtered out. Or how about a "-1 Racist/Sexist Asshole" moderation choice?
Where's the suggestion box here at Slashdot, anyway?
Final Solution (Score:5, Interesting)
Can we "tour" those sites with molotov cocktails and pipe bombs?
Except it sucks (Score:3, Interesting)
IMAP is flaky and slow. It is a hack to map googles lack of folders onto IMAP's idea of folders.
It is a bitch for an administrator. There is no good way for an admin to setup email forwarding accounts--yeah, the user can do it, but you have to create an account for them and they have to do it, you cannot!. Their concept of distribution lists suck. You cannot change somebodies email address without creating a new account. I could go on but I wont.
Basically, for a business, using Google apps sucks. The only thing it has for it is the webmail interface. But integrating "real" mail programs with it sucks.
Bottom line is Google apps is 100% lock-in. It does thing in its own unique way and does not integrate with anything else worth a damn.
Pretty much my experiance as well (Score:4, Interesting)
Just switched a client to google mail for business (really, what is it called? Google Apps? Google Mail? huh) and have heard nothing but complaints. The "gmail" thing gets email that never shows up in their imap folder, their imap folder gets stuff that disappears from their gmail thing.
Attachments work funny.
If you delete message from a "thread" in gmail, it will delete every "send" and "reply" message in the whole damn thread and thus nukes all of it in Outlook. If you nuke a single message in IMAP, it fucks up how gmail handles the thread.
All kinds of things. Their thole thing is great, but the minute you want to use a "real" mail program on top of it (like most businesses I know), trouble brews and shit just doesn't work the way you'd expect. There was a reason Google took so long to add IMAP support--their whole damn system works like no other email program. I bet they had to basically hack the whole damn thing to work like a "real" mail system IMAP was designed for. Basically, using them is a horrible form of lock-in.
Now I have to move them back to a "real" mail system this coming week so their life can work as it always did.
Comment removed (Score:3, Interesting)
A proposal: Solicited Bulk Realtime List (SBRL) (Score:3, Interesting)
I've actually proposed something very similar to this before, called a Solicited Bulk Realtime List [khopesh.com], which would be an elaborate DNSBL-style spamtrap whose purpose is determining which lists play fair (no-unsubscribe vs opt-out vs opt-in vs confirmed-opt-in) regardless of solicitations. Such an index would enable users to safely unsubscribe, and perhaps more importantly, its widespread adoption would force all "list" emailers, be they spammers or not, to better implement subscription management.
SBRL would also enable the ability for a filter to set a threshold for new list mail. Let's say I completely block any "list" mail that the SBRL can't confirm unsusbscribe works, and then I count a day's incoming confirmed-opt-in emails plus twice the number of the remaining emails (opt-in/opt-out). Anything over my threshold gets digested just like a mailman list with the digest feature (a collection of all of them that came in over the day) rather than direct delivery.
An IT-grade implementation could have new addresses start at a high threshold (e.g. 10) and then lessen by one per business day until it hits the default threshold, e.g. 3.