eWeek has a great article talking about a recent investigation into a botnet known to be sending out a good chunk of the spam you see. The bot herders seem to be Russian. Go figure. With 70,000 plus bots, they can pump out over a billion spams a day. The big question is what to do about it.
Law Enforcement agencies seem to have bigger fish to fry. They're not interested and pretty useless here. The only way to really effectively stop this kind of activity is through the Internet Service Providers. The ISPs need to take infected machines OFFLINE completely. No three strikes. No ignoring reports. If you see a bot on your net, you pull the plug. Period. Revenue loss? Probably. But you also get lost revenue back form less spam, less time tweaking spam filters, and less time futzing with do I or don't I terminate the account. You have a bot you get your service turned off till you get rid of it. Period. No second chances.
The next step is to lobby Law Enforcement and law makers to go after those responsible. Put these criminals in jail. No fines. Jail. On the first offense. This needs to include the spammer, the email harvester, the programmer who wrote the bot, the company being advertized, and the banking systems that process the payments. You're involved in spam, you get your assets frozen and you go to jail.
Over 93% of all email traffic is spam. And it is on the rise. It needs to be clobbered HARD. I've seen an 8-fold increase in the last 6 months. It is insane. It needs to stop.
Friday, November 17, 2006
Monday, September 18, 2006
Wednesday, August 30, 2006
AOL's AntiSpam System - SCOMP
AOl claims to have this wonderful "Feedback loop" notification system. Right.
Well, here are a couple fundamental flaws:
1. They presume ANY thing an AOL user markd as spam really is spam. Even if it's a note from your mom. Now, I know there are some very intelligent people who use AOL for whatever reason I cannot fathom, but the vast majority of AOL users are complete morons. And AOL doesn't question them.
2. If your domain name is mantioned in the spam ANYwhere, you are at fault. Period. End of discussion. Even if it is a JoeJob.
3. The word "loop" in their "Feedback Loop" is a lie. It's one way and there is NO WAY to tell AOL that they are sending you reports of spam that are just wrong.
GRR.
Just one more reason not to use AOL... in case you needed one.
Friday, January 27, 2006
Using DNS to Fight Spammers?
You've probably heard of RBL's and DNSBL's. These are "realtime" blacklists which some system and network administrators use to filter who can send mail to their servers.
Now, I've been thinking. Spammers HAVE to make their money somehow. This means there is someone paying them. They have a customer of three. So how would you stop the spammer from making money from customers? Hijack their web sites the same way crackers can. If you are an ISP this is easy. You take the primary DNS server and add a bogus entry in it for the spammer's domain. Wildcard CNAME it to a server where the customer can see what is happening and get an explanation and some other more legitimate resources.
I'm not saying anyone chouls do this by default. I'm saying it should be a choice. A value added service to be protected from spammer's web sites. What would this require? Simply put, it would require a highly responsive group to maintain the blacklist of domains, adding new ones and removing those whic hare accidentally added.
But it could be done.
Now, I've been thinking. Spammers HAVE to make their money somehow. This means there is someone paying them. They have a customer of three. So how would you stop the spammer from making money from customers? Hijack their web sites the same way crackers can. If you are an ISP this is easy. You take the primary DNS server and add a bogus entry in it for the spammer's domain. Wildcard CNAME it to a server where the customer can see what is happening and get an explanation and some other more legitimate resources.
I'm not saying anyone chouls do this by default. I'm saying it should be a choice. A value added service to be protected from spammer's web sites. What would this require? Simply put, it would require a highly responsive group to maintain the blacklist of domains, adding new ones and removing those whic hare accidentally added.
But it could be done.
Subscribe to:
Comments (Atom)
