FC: Spam and its defense: A system administrator's point of view

From: Declan McCullagh (declanat_private)
Date: Wed Jul 10 2002 - 08:45:16 PDT

  • Next message: Declan McCullagh: "FC: A defense of David Scott Anderson and resume spamming"

    Previous Politech message:
    
    "David Scott Anderson: An unapologetic resume spammer, and a twist"
    http://www.politechbot.com/p-03730.html
    
    ---
    
    Date: Tue, 9 Jul 2002 10:38:52 +0800
    From: Suresh Ramasubramanian <sureshat_private>
    To: Declan McCullagh <declanat_private>
    Subject: Re: FC: David Scott Anderson: An unapologetic resume spammer, and 
    a twist
    In-Reply-To: <5.1.1.6.0.20020708212540.02db2ae0at_private>
    
    Declan McCullagh [08/07/02 21:35 -0400]:
     > David Scott Anderson is not merely a resume spammer -- he's a singularly
     > unapologetic one.
    
    Hehehe.  He's better than Bernie Shifman
    (http://www.petemoss.com/spamflames/ShifmanIsAMoronSpammer.html)
    
     > He confidently predicted that he's "not afraid of Yahoo warning me about
     > spamming" and said "don't bother to respond, or if you do, respond to
     > Yahoo's SPAM Bot, I am sure they will be greatly moved by your whining."
    
    Yahoo does take a little time to respond - but they are overworked and
    understaffed I expect ...
    
     > OsriSoft.com, on the other hand, appears to have incorrectly listed my mail
     > server as a spam-site for a few days, preventing some list subscribers from
    
    osirusoft is a collection / catchall of several blocklists.  Which of them
    listed you?  Any idea?
    
     > >arg1=server1.cluebot.com, arg2=216.110.36.217, relay=server1.cluebot.com
    
    This IP has been whitelisted since the past several weeks from our servers
    here at outblaze (and we run the mail services for mail.com, email.com,
    operamail.com etc - so that's 30 million people whom politechbot can
    reach without any problems) :)
    
    As a freemail service, we have to block using a wide variety of blocklists
    though (see http://spamblock.outblaze.com/spamchk.html for more) so any list
    that is legitimate gets whitelisted on our servers, to prevent it getting
    accidentally blocked anywhere.  Politech was an obvious inclusion in our
    whitelist, as several people at work read it :)
    
     > The Politech mail server is no longer listed, but a policy of
     > add-first-and-check-later raises troubling questions about how reliable
     > blacklists can be. I like the concept in theory, but in practice they seem
     > to be far more problematic than smart (perhaps eventually collaborative)
     > end-user filtering. See:
    
    This will, unfortunately not scale without a great deal of work (far more
    than conventional blocklists).  Peer to peer bulkmail blockers like Vipul's
    Razor and Vernon Schryver's DCC do exist.  However, they take far more effort
    to implement, and scale far less than do blocklists (at least, initially).
    
     > Since last week, Anderson has variously (a) threatened to sue me, (b)
     > accused me of racism, and (c) announced that he had reported my server to
     > uceat_private, the U.S. Federal Trade Commission's report-spam-here address.
    
    Heh heh.  Thanks for helping me start the day with a belly laugh.
    
     > In other words, the current system isn't working. It's too user-hostile,
     > and (in the typical refrain) arose as a successor to the
     > postmaster@hostname system that, in turn, was developed when the Internet
    
    It still exists, and I am postmaster@ my domain ... the internet is larger,
    but can be just as friendly, as you know.
    
     > One obvious minor solution is not to reply to spammers and send mail only
     > to the abuse@ address. But in my experience, copying both addresses works
     > better: Some abuse admins aren't quick to respond, while spammers seem to
     > be more willing to delete you from their lists if they know they've already
     > been reported.
    
    I have not found all that much evidence of this, in my experience over the
    past few years being an abuse / postmaster admin at various ISPs.  Spammers
    don't really care what they send out and whether it bounces or not.  Nor have
    I found them honoring remove requests.
    
    For example, till recently, my CAUCE India mailbox (I happen to be one of the
    founder-members of CAUCE India) gets a lot of spam from the same gent - who
    does nothing but complain bitterly that I've got some kind of vendetta
    against him, and that his spam is 100% legal under HR 1618 "US Cyberlaw" ...
    when he happened to be in India :)
    
    What has happened before and can potentially happen again and again is that
    you run the risk of being DoS'd, mailbombed or joe jobbed (that is, have spam
    sent out forging your name into the from address) for reporting spammers.
    
    At work, we have a policy of reminding users not to reply to spammers, or try
    to unsubscribe from a list they never subscribed to in the first place.
    
    	-suresh
    
    
    -- 
    Suresh Ramasubramanian <<<--->>> sureshat_private
    EMail Sturmbannfuhrer  Lower Middle Class Sysadmin
    
    ps - those two tags in my .sig are both "titles" bestowed on me by spammers.
    
    The first one was a spammer who showed up on comp.mail.sendmail crying that
    sendmail admins were blocking him sending out his "legitimate business
    offers" to the net at large.  Then posted another article claiming I was an
    "Email Sturmbahnfuehrer" (sic) and that he'd reported me to the INS for
    "stealing office supplies" :)  Nice, trying to deport me from India to
    India...  See thread
    <http://groups.google.com/groups?th=77636f9eb7ffc4da&seekm=977169654967295%40devnull.com>
    
    The other was a spammer who asked me what she'd done wrong, that I was
    reporting her to her ISP.  I gave her a standard set of links etc on why spam
    is bad, and took time to explain this to her.  She then asked me what I did
    for a living.  When I replied that I was a unix admin at an ISP, she blew up.
    "I thought you were a successful businessman and marketer, but you are only a
    lower middle class unix sysadmin.  Dont dare talk to me like this!!!".
    
    Each time, once I stopped ROFLMAO, I added these titles to my .sig :)
    
    
    
    
    -------------------------------------------------------------------------
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    -------------------------------------------------------------------------
    Like Politech? Make a donation here: http://www.politechbot.com/donate/
    -------------------------------------------------------------------------
    



    This archive was generated by hypermail 2b30 : Wed Jul 10 2002 - 11:18:24 PDT