November 03, 2004
Jurors who convicted Jeremy D. Jaynes, 30, and Jessica DeGroot, 28, later sentenced Jaynes to a nine-year prison term and fined DeGroot $7,500 for three convictions each of sending e-mails with fraudulent and untraceable routing information.It's refreshing to hear that a spammer has finally received jail time.
September 22, 2003
July 07, 2003
An interesting question was proposed on my LUG mailing list. Is there a technical term for spam that tries to lure people in to giving away their passwords?
I remember the term "password fishing" from a story I read about a famous spammer named Rodona Garst. Apparently she was sending spam to aol users that stated they needed to provide their logon information using her "aol looking" web form. This web form would push the stolen account information back to Rodona Garst and her company Premier Services.
I tried google and everything2 for "password fishing" without any results.
June 30, 2003
Helpful Spam Prevention Tips
On November 19, 2002, I was getting 10-20 TCP connections per second from around 300 different IP networks to my machine at a colocation facility. I checked the source IPs and they were coming from all over the globe. The destination email addresses all conformed to a simple pattern; this indicated that something was performing a simple algorithmic attack. My computer was really sluggish from queuing all of the bounce messages. My qmail queue was over 13,500 messages at that point. In fact, I couldn't even send out email through the machine's localhost interface. The load caused all sorts of timeouts for other systems on the machine.
My worst spam problem was being the recipient of a joe job. I received around 200 bounce messages to one of my email accounts. After doing some searching on Google, I learned this is a very common problem.
I despise spammers.
June 11, 2003
I read an interesting article in Network World Fusion on spam. Two authors get the chance to argue for technology or law to combat the spam epidemic. Paul Grahm, best known for his paper,"A Plan for Spam,"advocates using filtering technology to fight spam. Jason Cattlet, President and founder of Junkbusters Corp, argues his case for introducing laws to fight spammers.
I think a combination of both law and technology will slowly start to weaken the growth of spam. Some interesting links on this controversial subject are below.
- EFF's Position Paper Have you donated?
- Lawerence Lessig's Spam Bounty Hunters
- Chip Rosenthal's comments for DNSBL
- My post about RMX
- David E. Sorkin's site on Spam Laws
- David E. Sorkin's Technical and Legal Approaches to Unsolicited Electronic Mail
- List of known DNSBL
May 29, 2003
Case for RMX
I read a really nice article by Mike Rubel supporting the use of RMX records to help prevent the spoofing of the FROM: header.
This document supports and encourages the adoption of Hadmut Danisch's RMX resource records for DNS. RMX records are intended to make email forgery difficult by providing a mechanism for a domain owner to list all mail servers authorized to send email on behalf of his or her domain name. They eliminate the most serious drawback of SMTP--the meaningless From: header--without breaking any core internet protocols.