Page 1 of 1

SPAM Reporting

Posted: Tue May 09, 2006 10:07 pm
by richardj
I'm trying this although I don't get alot of spam, it irritates me when I can't stop it.

BLUE FROG

CLICK MORE INFO

FREE :banana:

Archived topic from Iceteks, old topic ID:4324, old post ID:34888

SPAM Reporting

Posted: Wed May 10, 2006 7:59 am
by Red Squirrel
Hmm interesting. Wonder if it works with spam that's been filtered by spamasassin. I could automate this process on my main server. Mind you, they would be getting a large chunk of mail from my end. :bsod:

Archived topic from Iceteks, old topic ID:4324, old post ID:34897

SPAM Reporting

Posted: Wed May 10, 2006 9:43 am
by sintekk
Whaddya know, their logo seems to have ended up in my sig for the last couple days!

Their service is an interesting one and it seems to work, as a group of pissed off spammers recently tried to attack them (you can see this on a spammer forum, specialham.com). It should work with SpamAssasin and belive me, the more mail the better, as that means more complaints sent to spammers.

Archived topic from Iceteks, old topic ID:4324, old post ID:34898

SPAM Reporting

Posted: Wed May 10, 2006 10:27 am
by Red Squirrel
Yep I think I'm going to try it out. Think I'll even make an account that I post all over and pass it through my filter server to try and get as much spam through it as possible. A spam trap. :D

Archived topic from Iceteks, old topic ID:4324, old post ID:34899

SPAM Reporting

Posted: Wed May 10, 2006 10:38 am
by richardj


RED-----------------

Did you read


this--CLICK

it's for web site owners.

PLUS you get a cute blue frog head on your task bar-lol

Antispam firm says it was victim of attack

The CEO of an antispam firm whose service was knocked offline by a spammer claimed his company was the victim of a sophisticated attack carried out, in part, with the help of someone at a top-tier Internet Service Provider.
By Jaikumar Vijaya | Monday, 8 May, 2006

The CEO of an antispam firm whose service was knocked offline by a spammer claimed his company was the victim of a sophisticated attack carried out, in part, with the help of someone at a top-tier Internet Service Provider (ISP).

Eran Reshef, CEO of Blue Security, an Israeli antispam firm, said that his company was attacked by a major spammer named PharmaMaster who used a combination of methods to knock out the company's Web site and the servers hosting its services. He also hit back at criticism that the response by Blue Security to the attacks caused widespread problems to others.

Blue Security operates an antispam service designed to deter junk-mailers by spamming them back. Blue Security's Do Not Intrude program allows individuals to register their email addresses with the company and essentially flood spammers who send them email with automated opt-out requests.

The attacks that crippled Blue Service were preceded by PharmaMaster sending out threatening emails to subscribers of the Do Not Intrude Registry, warning them of even more spam if they did not withdraw their subscriptions.

PharmaMaster then appears to have gotten someone at a major ISP to block Blue Security's IP address on the Internet's backbone routers, most probably via a process called black-holing, Reshef claimed. With black-holing, an ISP essentially removes the advertised path to a particular Web site or IP address -- making it completely inaccessible to the outside world. According to Reshef, PharmaMaster informed Blue Security that he had gotten an ISP to agree to blackhole the company before the attacks started.

"Immediately, we started seeing our IP address getting blacklisted by other ISPs," Reshef said. As a result, traffic to the company's main Web site dropping from the usual 100 hits per minute to about two per minute in less than an hour -- and nothing at all from outside of Israel. At almost the same time, massive distributed denial of service (DDoS) attacks were launched against the dedicated servers that provide Blue Security's antispam service. The servers, located at five separate hosting provider sites, were bombarded with up to 2GB of traffic per second, rendering them inaccessible.

In what Reshef said was a bid to tell subscribers what was happening, Blue Security pointed the company's corporate Web server URL to its blog, which is hosted by Six Apart in San Francisco. PharmaMaster then launched a DDoS attack against the server hosting Blue Security's blog. That resulted in thousands of other blogs hosted by Six Apart to be knocked offline.

The DDoS attacks against the company's dedicated servers meanwhile resulted in service disruptions to five hosting providers and major DNS service provider Tucows, he said.

Pointing the company's main URL to the Blue Security blog site on Six Apart when it was under attack may not have been the best idea, Reshef said. But at the time, the company had little idea that the attacker would launch a separate denial of service attack on the blog site as well.

Todd Underwood, chief operations and security officer at Renesys, an Internet monitoring company, said that based on traffic analysis, Blue Security's main Web site appears to have been under a DDoS attack for at least two days before it redirected its URL to the blog.

"I do think if you are under attack it is your duty not to redirect it against someone else," Underwood said. "It is not a fair or an ethical decision," he said, adding that it is hard to imagine that Blue Security didn't know it was being hit with a DDoS attack when it pointed its URL to the blog site.

Underwood also said that it was unlikely that a spammer would have been able to get an individual at a major ISP to install a "no route" to Blue Security, as Reshef claimed. "These are not the kind of networks where people can sneak in and make routing configuration changes" without logging that change or discussing it with others, he said. "The suggestion that some Russian spammer could bribe someone to install a no-route" is hard to believe, he said.

John Levine, chairman of the Internet Anti-Spam Research Group, said that other antispam efforts have been similarly targeted as well. But they did not involve an ISP. And neither did those who were attacked respond like Blue Security did, he said. "If you know you are under a DoS attack, pointing your DNS at other parties is irresponsible," he said.

Archived topic from Iceteks, old topic ID:4324, old post ID:34900

SPAM Reporting

Posted: Wed May 10, 2006 12:21 pm
by Red Squirrel
Yeah crazy that spammers have the guts to actually fight back, even though they are in the wrong to begin with. Spammers are just as bad as virus writers in my book.


Nice to know about the do not include registry. Though all emails I send are opt in (news emails, or people registering) but if I ever started getting requests to stop I'd look into passing my outbond mail through that system to ensure none goes to those addresses.

I wonder if they also take forum spam, not just email spam, as I could setup a system to report spam that gets posted on forums.


Only thing with this system is it complains to remove YOU (as in, anyone who is registered with them) but it should be to complain to stop spamming period. But any email sent to the spammers is good, since it puts a load on their servers and uses up their bandwidth.

Archived topic from Iceteks, old topic ID:4324, old post ID:34901