| LED Digest 1934: Antispam Companies Rake It In |
|
|
|
================================================== The LED Digest Moderated Discussion List "Effective Online Advertising, Since 1997" pair Networks: The LED's Web Host Hosting and Domain Reg. from a Trusted Leader pair.com for Hosting | pairNIC.com for Domains ================================================== List Moderator: Published by: Adam Audette LED Digest adam,led-digest.com http://www.led-digest.com ............................................... February 17, 2005 Issue #1934 ............................................... .....IN THIS DIGEST..... ==== CONTINUING ================= --== Curing Spam ==-- ~ John Barendrecht "...MCI earns upwards of US$5,000,000 a year from selling service knowingly to known spam gangs ..." --== RSS Feeds ==-- ~ Derek Andrews "I think the best way to understand RSS is to use it." ~ Kathryn Martyn "I'd be very interested to know how one turns an actual web page into an RSS feed?" --== Sacking SpamCop ==-- ~ Sheryl Coppenger "...it's the spammers that caused the whole mess." ==== BILLBOARD =================== --== New SE: Clusty.com ==-- ~ Jim Berry <Moderator Comment> --== CGI Forms & Scammers ==-- ~ Will Bontrager ~ Joe Halbrook ===== CONTINUING ================================= From: John Barendrecht Subject: Curing spam > Barnum's Law. And as long as the anti-spam activists > promote the idea of spammers as people getting rich > off the rest of us, it will continue. - Deke Hammel, LED 1932 We estimate that MCI earns upwards of US$5,000,000 a year from selling service knowingly to known spam gangs ... http://www.spamhaus.org/news.lasso?article=158 Firms selling antispam products and services stand to make up to $2.4 billion by 2007. http://www.wired.com/news/business/0,1367,60327,00.html If you are prepared to break the law and lie about your product, you can make huge profits... When the company was busted by the State Attorney General, the seized profits included nearly $3 million in cash; a large amount of expensive jewelry; more than $20 million in bank accounts; 12 luxury imported automobiles; an office building; and assorted luxury real estate in Paradise Valley and Scottsdale. Companies profiting (indirectly) from spam - Ameriquest, Quicken Loans, and LoanWeb, Bell South, Cable & Wireless, AT&T and PSINet according to this article http://www.msnbc.msn.com/id/3078642/ As for congress passing more laws, I don't care. I have no US bank account, no US assets, I'm not a US citizen. I don't send out spams but I think you get my point. How do you sue a spammer from Russia in US small claims court? Suing a spammer only works after the fact, I'm interested in a solution that stops spams before they are sent. Spamhaus has a nice article on spam filtering - Effective Spam Filtering http://www.spamhaus.org/effective_filtering.html John Barendrecht ------- new post - new topic -------- From: Derek Andrews Subject: RSS > Can anyone suggest a really good primer on RSS > - I prefer a book form (paper and ink) .... - Tom Anson, LED 1932 If you really want to read about RSS, try this article and follow the related links at the bottom. http://www.cuttings.me.uk/AW/reference/rss-intro.html Actually, I think the best way to understand RSS is to use it. I would recommend that Tom goes to http://www.bloglines.com/ and opens an account. Its free. Its easy. Then just add some feeds and see what happens. There is an RSS directory at http://www.syndic8.com/ if you need help finding feeds. Login periodically and see what is new, much like you would your email. That should give you an idea of how RSS is used by others. Then, if you think it will help your business, you can start looking at ways to publish your own feeds. Easily done from a blog, or you can try one of the online services that let you publish a feed, such as http://www.rapidfeeds.com/ Derek Andrews, woodturner http://www.seafoamwoodturning.com ------- new post - same topic -------- From: Kathryn Martyn Subject: RSS I use Blogger.com for a couple blogs, one being The Slimming Pool, http://slimming.onemorebite.com which of course relates to weight loss and scams in the dieting industry (of which there is no lack, BTW), and the other is a daily post giving the morning's outlook for day traders in the S&P market, http://www.daytradersbulletin.com/open Both are updated regularly, yet I'm uncertain of how busy they are or whether anyone reads them at all. I can find lots of links to The Slimming Pool in google, if I do a link search though. I've collected various bits and pieces of info about RSS but haven't the time to go back and look through it all, so I'd greatly appreciate an information resource with actual information, not just links to various software. I'm not opposed to opinions about software solutions, but I need someone to do the legwork, check it out, and then say what worked and what didn't. I'd also be very interested to know how one turns an actual web page into an RSS feed? I've seen the templates and I seriously doubt people are typing it all by hand into a text editor. Does anyone know of editorial, opinions, and other information or gurus on this subject? Kathryn Martyn, M.NLP Ending Emotional Eating, One Bite at a Time http://www.onemorebite-weightloss.com ------- new post - new topic -------- From: Sheryl Coppenger Subject: SpamCop > I send out a cleaning tips newsletter twice a month and have on > two occasions received over a hundred blocks from Spam Cop. - Mary Moppins, LED 1933 Could the target have been your email provider rather than you? I think they block IP rather than "from" address. If you're sending email through a shared server, they may not be after you personally. > My opt outs are prominent on my newsletter yet I'm > getting blocked... Spam Cop needs to contact the > provider before blocking an email address. The blacklist services don't read the email for opt outs, and there are two very good reasons. First, it's too labor-intensive. Second, spammers lie. Contacting the provider has such a low success rate that after years of doing so I don't even do it anymore before I block servers with my own homegrown list (unless I know from past experience it's an ISP that gets serious about spammers). > Now I'm finding that some people email me cleaning > questions from my website then use my email address > after I answer to send out their spam. Unfortunately, email forgery is very easy and common. I own a few dozen domains, and spammers have used a couple of the domains in spam. Also, some addresses at my work site have been used for this purpose, probably as payback for reporting spammers to ISPs. Unfortunately, some ISPs pass the complaints to the spammers and in some cases the owner of what looks like an ISP actually is the spammer. > Somehow the gods of the internet underworld > have figured out a way to send out mass spam > mailings to websites with link pages... Yes, there are some programs out there that are specialized "crawlers" that look for link pages and mass-mail even sites that don't have link pages. > I also have to restrict the opt in email addresses > for my newsletters that look strange... people who > want my newsletter could be getting rejected... It > doesn't help either when Spam Cop pulls the > stunts it pulls. It doesn't help, but let's be very clear that it's the spammers that caused the whole mess. If it hadn't been for spamming slimeballs, there never would have been a SpamCop or RBL, or any of the other blocking services that people complain about. Sheryl Coppenger ==== BILLBOARD =================================== From: Jim Berry Subject: Outdated Link - Clusty Adam, I submitted this suggestion months ago, so I'm surprised to see it show up today, especially given that the link contained in this post is now dead, likely having been removed. Please revise or post a clarification so folks don't think we don't research our information beforehand. Thanks! Jim Berry, Director of Sales & Marketing www.bookkeepinghelp.com <Moderator Comment> Sorry about that, Jim. Your post actually came from a "mystery issue" of the LED (1879) that was finished but never distributed (lapse on my end). On Monday posting was slow, so I picked that post and another from Dianne Dennis to fill out the issue. Again, my apologies for the confusion. - Adam ------- new post - new topic ------- From: Will Bontrager Subject: Form scammers > I had a blast of about 500 of the Nigerian scam > e-mails come through a church web site... > I just happened to be watching the server just > after the exploit and was able to shut it down > within 15 minutes. - David S. Taylor, LED 1933 > It is best to write a custom script that cannot > be compromised. - Michael Martinez, LED 1933 David S. Taylor is fortunate that he noticed the exploit as early as he did. If he hadn't, tens of thousands or even hundreds of thousands or more spam emails could have been sent from his server, the spam being sent until he did notice and did do something to shut it off. I suspect the exploit was accomplished by the devious method of inserting line breaks into form fields to be used in email headers, followed by the spammer's "message." It's a common method, not unusual at all, and the likelihood is high that your server is in line to be probed for the vulnerability. The action to take immediately after you find your emailing programs are being exploited is to rename the exploited program files on your server (when renaming, also change the file name extension to something unusual, like ".abc"). Note that this action will disable your use of the programs, too. Then, take a deep breath, put some focus on research, and find out what you can do to resume operations with less vulnerability. It seems spammers are getting desperate to bypass filters blocking their spew. Virgin servers (meaning "not yet blocked" servers, in this sense) are targeted because email sent from these servers, yours and mine, is more likely to be delivered. Once a domain's IP address gets blocked, yours or mine, then the spammer simply moves on to the next virgin. Fortunately, there is a solution, as Michael Martinez pointed out. The article at the URL below presents a line of code you or your programmer may use when building a custom program or to sanitize email header lines in existing programs. The article also presents a ready-made form handling program, our own commercial title, that contains code to block that serious exploit. "Web Page Form Anti-Hijacking Considerations" is at http://BontragerCGI.com/antihijack It is somewhat alarmist. I tried to tone it down, but felt I needed to keep enough of it in there to suggest the serious harm you can come to, especially if you don't know about it and can't prevent it. Will Bontrager http://willmaster.com/ ------- new post - same topic ------- From: Joe Halbrook Subject: Form scammers > Did this scammer actually go to my site and > fill in my form manually or have scammers > figured out how to utilize mailto_cgi bins? - Diane Dennis, LED 1932 Hi Diane, Your question presents an opportunity to bring up an excellent application of RSS. Did you know that you can use a secure RSS feed to receive these communications, instead of using email? Only you and/or your designates would be the subscribers to this secure RSS feed. Instead of your back end CGI script sending you an email each time someone wants to contact you, the CGI script simply appends an item to your protected RSS feed, containing links that allow you to email or contact the person submitting your contact form. The spammers can't exploit your mail server, you can remove those mailto: tags from your web site (which means you'll cut down on incoming spam dramatically) and you continue to receive the communications you need to conduct your business. You can even tie the RSS feed into your Help Desk or Trouble Ticket system, in many cases. I'm working on such a script package now; it should be ready soon. Stay tuned to the LED, as always! Joe Halbrook, Permission Technologies http://www.info-for-life.com/2/ ------------------------------------------------------- The LED Digest is sponsored by pair Networks: pair.com for Hosting | pairNIC.com for Domains © Copyright 1995-2004 Adam Audette. All Rights Reserved. ----------------------------------------------------------------- "We have just enough religion to make us hate, but not enough to make us love on another." - Jonathan Swift |
