Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Oh soo fed up of spam
Goto page Previous  1, 2, 3, 4
 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Off Topic
View previous topic :: View next topic  

Has it a hope of working?
Yes
0%
 0%  [ 0 ]
Possibly
0%
 0%  [ 0 ]
No you've gone nuts to even think it
100%
 100%  [ 5 ]
Total Votes : 5

Author Message
godofthedevil
LXF regular


Joined: Mon May 09, 2005 6:00 pm
Posts: 150
Location: Oxford

PostPosted: Mon Mar 27, 2006 12:54 pm    Post subject: Reply with quote

ive tried emailing isps before but the trouble is that some ips are from places that dont speak or understand english for they know or care your offering them a naked woman and to assissinate their leader and help the freedom fighters.

the spam for software i get is in my yahoo box and it says what is 0em (zero em) and whats it about from about 20 diffrent email addresses. but if i took the time to look at the headers they would come more or less from the same geographic locatation
_________________
www.stewfisher.co.uk


LinuxMint, The loveable Grandchild of Debian/GNU Linux
Back to top
View user's profile Send private message
TheDoctor
LXF regular


Joined: Mon Jan 02, 2006 9:02 pm
Posts: 325

PostPosted: Mon Mar 27, 2006 9:35 pm    Post subject: Reply with quote

wyliecoyoteuk wrote:
Some that bother me are ones sent to hxxxxxxx@blueyonder.co.uk
where xxxxxxx is a nonsense string, eg ham3fxdy, but still gets to my email address (hxxxxxx2@blueyonder.co.uk, name changed to protect the guilty)


That's because they put your actual address (and those of other victms) in the BCC: field.

BTW I've got SpamBayes running and, while I get a lot of spam to my PC, I hardly ever see any of it. A marvellous product and much better than letting some third party decide what I can or can't receive.
Back to top
View user's profile Send private message
CJLL
LXF regular


Joined: Sat Jul 09, 2005 10:22 pm
Posts: 193

PostPosted: Tue Mar 28, 2006 7:05 pm    Post subject: Reply with quote

TheDoctor wrote:
wyliecoyoteuk wrote:
Some that bother me are ones sent to hxxxxxxx@blueyonder.co.uk
where xxxxxxx is a nonsense string, eg ham3fxdy, but still gets to my email address (hxxxxxx2@blueyonder.co.uk, name changed to protect the guilty)


That's because they put your actual address (and those of other victms) in the BCC: field.


Nope, this is because the actual receipients and the headers you see in your e-mail client are set differently.

This is an example of a SMTP conversation with sendmail:

Code:

 telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 localhost.localdomain ESMTP Sendmail 8.13.4/8.13.4/Debian-3sarge1; Tue, 28 Mar 2006 18:46:07 +0100; (No UCE/UBE) logging access from: localhost.localdomain(OK)-localhost.localdomain [127.0.0.1]
HELO localhost


first of all, introduce yourself using the HELO command

Code:

250 localhost.localdomain Hello localhost.localdomain [127.0.0.1], pleased to meet you
MAIL FROM: test@localhost


Then tell the MTA who you really are. Ok spammers lie at this stage, but a well configured mail server will check that the domain exists.

Code:

250 2.1.0 test@localhost... Sender ok
RCPT TO: cjll@localhost
250 2.1.5 cjll@localhost... Recipient ok


Now tell it, who you are sending it to using RCPT TO. You can do a whole bunch of e-mail addresses here.

Next comes the information that your mail client will actually look at, after the data command:
Code:

DATA
354 Enter mail, end with "." on a line by itself
To: Fred Bloggs <freedy@bloggs.com>
From: Leet Haxor <leet@example.com>
Subject: This is fun


The MTA will add some data about the route the mail message has taken to be delivered, but usually most of the info will be untrustworthy.

Your mail client will treat everything before Subject: as a header, so you add as many wierd and wonderful headers as you like. The MTA doesn't care.

Code:

Hi

This haxoring is fun!

.
250 2.0.0 k2SHk7m8005877 Message accepted for delivery
QUIT
221 2.0.0 localhost.localdomain closing connection
Connection closed by foreign host.


Finally, send a full stop on it's own to indicate that the message is finished and say goodbye.
Back to top
View user's profile Send private message
TheDoctor
LXF regular


Joined: Mon Jan 02, 2006 9:02 pm
Posts: 325

PostPosted: Tue Mar 28, 2006 11:24 pm    Post subject: Reply with quote

CJLL, that's interesting. It explains some puzzles I've had about the headers in spam I've received. They've not made sense, and your explanation shows how this can happen.

Of course, our explanations are not mutually exclusive, although I can see how a serious spammer could cover his/her tracks much more thoroughly by your method.
Back to top
View user's profile Send private message
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8364
Location: Warrington, UK

PostPosted: Wed Mar 29, 2006 12:45 am    Post subject: Reply with quote

Limnits on the lengths of headers mean Bcc: can only be used to send to a fairly small number of addresses, whereas listing then in the SMTP envelope is limited only by the mail server (some have limits to prevent their being used for spam). Spam is basically mailing lists without you needing to take the trouble to subscribe, the same distribution methods are used for both.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
TheDoctor
LXF regular


Joined: Mon Jan 02, 2006 9:02 pm
Posts: 325

PostPosted: Wed Mar 29, 2006 1:10 am    Post subject: Reply with quote

Quote:
Spam is basically mailing lists without you needing to take the trouble to subscribe


lol

Like being mugged is basically a money transfer without you needing to contact your bank...
Back to top
View user's profile Send private message
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8364
Location: Warrington, UK

PostPosted: Wed Mar 29, 2006 9:29 am    Post subject: Reply with quote

The techniques used are somewhat different in that case. Try replying to a few phishing mails for a more compatible form of mugging...
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
CJLL
LXF regular


Joined: Sat Jul 09, 2005 10:22 pm
Posts: 193

PostPosted: Wed Mar 29, 2006 6:11 pm    Post subject: Reply with quote

nelz wrote:
Limnits on the lengths of headers mean Bcc: can only be used to send to a fairly small number of addresses, whereas listing then in the SMTP envelope is limited only by the mail server (some have limits to prevent their being used for spam).


BCC is an e-mail client convenience, and not a SMTP feature. Your e-mail client still issues a RCPT TO: command regardless of whether the address is in the To: Cc: or Bcc: header.

It it up to the receiving mail server or client to be discrete and remove the other recepients. Not all of them do, so be aware.
Back to top
View user's profile Send private message
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8364
Location: Warrington, UK

PostPosted: Wed Mar 29, 2006 10:11 pm    Post subject: Reply with quote

I know, I was merely pointing out why it is not suitable for sending out mass mailings.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
Bltann



Joined: Sat Jun 24, 2006 12:07 pm
Posts: 15

PostPosted: Tue Jul 04, 2006 7:33 pm    Post subject: Reply with quote

I may flag something aready written in this thread but has anyone mentioned viruses?
As a lot of modern viruses is designed to make zobies out of pcs so that they can be abused by some hacker.

I once read something on the net about a hacker renting out hes botnet of about 100.000 pcs (zombies) for about $100.-/hour
A spammer will gladly pay to use these machines as a cluster of spam machines.

Thereby there is actualy a risk sending an email to a friend with a possible vulnerable machine.
If the machine is compromised your message may be picked up and inkluded in a spammers list.

Acording to "How stuff works" the mail lists is sold on cds as "spam free" addresses, that is people that have agreed to receive spam(!)

It does not matter how good you hide your address, the virus or spyware compromised pcs of your friends will give it away.

Viruses or spyware often runs its own smpt server and may send messages in the background.
Thereby, neither IP or the senders address is caracteristic of a spam message.
Back to top
View user's profile Send private message
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Off Topic All times are GMT
Goto page Previous  1, 2, 3, 4
Page 4 of 4

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast