|
Jump to navigation
Has your computer been running slower lately? Does is seem like your harddisk is constantly humming? You may be an unwilling spammer. Seems like one of my domains, ebizworks.net, is the target of a spammer again. This happened about 6 months ago, but that time it was more of a hassle. The way I noticed was when I started receiving hundreds of bounced emails.
I just received a little over 10 bounced emails so I know that someone out there has their computer being used by a spammer. How do I know? Easy, the reply to addresses are basically some gobbleygook@ebizworks.net. Here's a couple of the reply to email addresses and where they originated from:
uhiebrxhlx@ebizworks.net
24.9.74.198 (Comcast.net)
nvqbydgcam@ebizworks.net
68.213.201.210 (BellSouth.net)
ovgkhwis@ebizworks.net
208.246.9.236 (uu.net)
ikqgfk@ebizworks.net
155.68.37.175 (fandm.edu)
The only way to find out the originator (not the spammer) is to view the message headers. For example:
Received: from ebizworks.net ([69.199.100.226])
by webrpt01.jadetech.com (SMSSMTP 4.0.0.59) with SMTP id M2004060803415516463
for ; Tue, 08 Jun 2004 03:41:55 -0500
Return-path:
From: Star Bittick
To:
Subject: Spam: High Recommendation On TCPD Tuesday! jghjcu
Date: Tue, 08 Jun 2004 17:01:34 -0400
Reply-To:
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: plain
I've bolded the originating IP in the above message header for clarity. However, not all returned emails will provide this level of detail. This is another indication of how broken the current email delivery systems are. The real IP address of ebizworks.net is 66.70.181.245. It would seem logical that email servers could be made intelligent enough to look at the reply to email address and compare the domain name part of it with the real IP address of the domain. If the IP address of the originator (69.199.100.226) does not match the IP of the domain (66.70.181.245), then send a report to the owner of the originating IP address. Rogers Cable Inc. in this specific example. This would notify Rogers Cable Inc. that one of their customer's computers has been hacked by a spammer and they can disable it's Internet access until the customer has installed the appropriate firewall, anti-virus software, etc. on their computer.
There's several victims in this example. One, I'm a victim since I have to deal with all the bounced emails, could get accused of spamming, or even lose this domain. Secondly, the poor, naive computer user has their computer being illegally used by a spammer (what other information did the hacker get too?) and will probably get their computer disconnected. And then the ISP, has to deal with it too. It takes up massive amounts of time for ISP to deal with spammers.
But the problem is still with broken email protocols. There is no comparison done on the originating sender and the forged sender's email address. The spammer hides his (or her) real identity. The advertiser, using this method, should be taken out to the woodshed. However, even the advertiser may be a victim in this situation. In my spam attack of several months ago, the advertiser was a victim of someone that wanted to get his business shut down. It was a case of the competition using spam as a way to hurt him.
So who wins with spam? Not me, not you, not the ISP, not the advertiser, and not the spammer. The ones that win are companies like MSN, AOL, Earthlink, etc. It won't be long before they block all email to their customers that do not originate from their own customers (or who have paid the proper fees to them). The sheep will be in the corral to be sheared only by their own herder.
Jim Gray
http://jim.quikonnex.com
Posted on 06/08/04 at 17:12:50 by Jim Gray
Category: Peeves
Comments
So friends, how do I stop these bounced emails from mailer-daemon? I have reported them as spam, changed my password, and run various virus scans-nothing is helping!!
Well, y'know what Lois ? I feel exactly the same way. It really is out of hand and I can see systems like Quikonnex being a real solution to the problem.
We get these return 'bounce' emails which never came from our servers and we do complain to the backbone providers but often, nothing is done. Where does this leave us ? Out in the cold, as far as I'm concerned.
If you publish anything regularly online, apart from having to deal with all the problems Jim mentions, you'll also get people who really did subscribe to your list forgetting that fact. They turn around crying spam (usually because they're having a particularly bad day on the spam front anyway) causing you even more headaches with your backbone providers.
People have been saying for a while now that 'email is dead' and I always said 'nahhh they'll work something out' - but now I'm more of the persuasion that email is dead, at least as a marketing, publishing tool.
Quikonnex really is great and I love the way you can just subscribe to a channel at the click of a button. No double opt in baloney ! Congrats on a great product Jim !
I've been wondering what's going on - I agree whole-heartedly Jim that until the protocol for email is changed - email is useless to me.
These spammers even attempt to represent your ISP - usually for one of their phishing schemes - it's just not worth the hassle.
I've started saving some of these messages for returned mail so that I can do some of my own investigating - I haven't even sent email in the last week and a half and I'm receiving returned mail - for someone but I know it's not me even though my domain name is in the return address.
This is so out of hand - and to be honest, I don't see it being fixed any time soon.
Lois
Add Comments
|
