ZDNet UK reported on Tuesday that spammers are latching on to the pope’s passing with a spam campaign pushing a bogus moneymaking scheme.
News.com: Spammers exploit pope’s death
And this surprises you?
I was wondering what took them so long.
According to the SpamHaus Project–a U.K.-based antispam compiler of blacklists that block 8 billion messages a day–a new piece of malicious software has been created that takes over a PC. This “zombie” computer is then used to send spam via the mail server of that PC’s Internet service provider. This means the junk mail appears to come from the ISP, making it very hard for an antispam blacklist to block it.
Zombie trick expected to send spam sky-high | CNET News.com
I was afraid something like this was going to happen.
Looks like authenticated mail relaying is going to be mandatory, even inside a network.
The only IP address that will be legitimate for unauthenticated relaying is 127.0.0.1 (localhost) and the mail servers own addresses.
This is a pretty cool idea … good idea to multi-task SpamAssassin.
IO ERROR � WordPress SpamAssassin Plugin
I’m going to have to give that a shot tonight.
Sigh
I’ve been getting hit with a lot of comment spam recently … pain in the a–.
I found a nifty plugin, however, that let’s me dump comment spam based on certian criteria. Pretty nice.
So far it has worked well … although I had some confusion when I was testing it … because I happened to get some new spam just before I implemented it. I thought the test spam had just been held for moderation instead of being dumped alltogether.
A bit of research, and another test, showed that the plugin was working fine.
As a mailing list operator, I found this item quite interesting …
Rolex wants spam removed from list archives.
It has come to Rolex’s attention that your company is the Bulletin
Board operator for http://lists.freeswan.org. Your Web Page enables the
following vendors to advertise and conduct sales of counterfeit and
infringing Rolex watches bearing the Rolex Trademarks:Vendor Exact Location of Counterfeit Rolex
Watch Posting on
http://lists.freeswan.org Web Site/
Bulletin Board
Now two things immediately come to mind about this…
Obviously this kind of thing isn’t going to effect me … as non-subscribers are not allowed to post on my lists. But the total lack of knowledge on the part of Rolex is disturbing.
The other day, while upgrading SpamAssassin, I was watching the maillog scroll past.
I noticed that AOL rejected some of my mail … indicating a URL that I should visit for information.
Turns out some AOL subscriber had reported mail from my server for TOS violations.
Obviously in the mail log there is not useful information about who did the reporting … so I visited the URL. There was information available on how to sign up to be whitelisted by the AOL mail servers and participate in the TOS ‘feedback’ loop. This is where AOL will send a specific email address (an abuse address, generally) messages that are reported as TOS violations.
So I signed up for this and got confirmation that my servers were accepted.
I figure that the person who is reporting the list messages to TOS just wants to get unsubscribed from the list (and can’t read enough english to notice that unsubscribe instructions are at the bottom of every list message).
So today I got my first feedback loop message.
Unfortunately, there’s no indication in the reported message as to WHO reported it to TOS.
Continue reading
DSLKnowItAll had a hillarious link in his blog to Cartoons inspired by spam contents.
Some of them are … disturbing … but most of them are funny.
Of course, with the recent release of SpamAssassin 3.0, I don’t get as much spam anymore. Even less than I got with the previous version of SpamAssassin.
Internet attacks can hit your pocketbook
Jim Carroll was stunned when Rogers Cable told him it had received a complaint that a hacker was using his Internet address.
Must be a mistake, he told Rogers, his Internet provider. Then a tech helper at the company walked him through his setup and discovered that indeed, he had inadvertently left his business Web server unprotected. It was what is called an “open relay. Someone found it, posted Mr. Carroll’s address on more than 100 Russian bulletin boards, and soon hundreds of people were using Mr. Carroll’s machine to surf anonymously.
Sorry, but I have no sympathy for so called ‘noted high-tech authority’ who leaves his mail server relay function open.
Ordinary users who inadvertatly get infected with spam bots I understand … but people who understand technology should know better.