Home |
Search |
Today's Posts |
|
UK diy (uk.d-i-y) For the discussion of all topics related to diy (do-it-yourself) in the UK. All levels of experience and proficency are welcome to join in to ask questions or offer solutions. |
Reply |
|
LinkBack | Thread Tools | Display Modes |
#1
|
|||
|
|||
change of email address
For anyone interested, I shall be using this email address from now on. -- geoff |
#2
|
|||
|
|||
In message , Peter Ramm
writes On Wed, 26 Jan 2005 00:58:51 GMT, raden wrote: For anyone interested, I shall be using this email address from now on. I'm sure spammers' address harvesters will be ;-) Prolly - but, call me naive (without dipthong), I don't hide behind a false address, nor do I use my business addy for posts to uk-diy My reason for changing is more to do with being ISP independent rather than an anti-spam measure -- geoff |
#3
|
|||
|
|||
In article , Peter Ramm
writes On Wed, 26 Jan 2005 00:58:51 GMT, raden wrote: For anyone interested, I shall be using this email address from now on. I'm sure spammers' address harvesters will be ;-) Having been looking at this for a while... it seems that most harvesters only pick up the domain address so in my case lots of stuff arrives @chapelhouse, I set a simple filter that bounces anything without an addressee, this reduces the spam to the odd few which are not a problem. Demon are filtering spam now anyway which has cut it down even further -- .. |
#4
|
|||
|
|||
Peter Ramm wrote:
On Thu, 27 Jan 2005 08:34:33 +0000, "." wrote: In article , Peter Ramm writes On Wed, 26 Jan 2005 00:58:51 GMT, raden wrote: For anyone interested, I shall be using this email address from now on. I'm sure spammers' address harvesters will be ;-) Having been looking at this for a while... it seems that most harvesters only pick up the domain address so in my case lots of stuff arrives @chapelhouse, I set a simple filter that bounces anything without an addressee, this reduces the spam to the odd few which are not a problem. Demon are filtering spam now anyway which has cut it down even further I once set up an e-mail address which I only used in a couple of newsgroups - it very quickly became a magnet for all sorts of sh*t. However, this was some time ago so things may be different now. My Reply-to: address is valid and used only on Usenet. It gets a little junk sent to it but not much. Most spam gets sent to E-Mail addresses which appear on web pages, that's where the address harvesters get most of their addresses. I think the newsgroups on which the E-Mail address is used affect how much junk at attracts quite a lot, it's also significant whether the address appears in the body of the message or not. E.g. if you put your address in your .sig it will attract quite a lot more junk than if you have it only in the Reply-to: header. -- Chris Green |
#7
|
|||
|
|||
On Thu, 27 Jan 2005 08:34:33 +0000, "."
wrote: In article , Peter Ramm writes On Wed, 26 Jan 2005 00:58:51 GMT, raden wrote: For anyone interested, I shall be using this email address from now on. I'm sure spammers' address harvesters will be ;-) Having been looking at this for a while... it seems that most harvesters only pick up the domain address so in my case lots of stuff arrives @chapelhouse, I set a simple filter that bounces anything without an addressee, this reduces the spam to the odd few which are not a problem. Demon are filtering spam now anyway which has cut it down even further It's better to silently drop messages to users in your domain who are not addressees rather than bouncing them. If you bounce them, the spammer knows that he has a live domain and will then just try common names at that domain. -- ..andy To email, substitute .nospam with .gl |
#8
|
|||
|
|||
On 27 Jan 2005 13:39:50 GMT, wrote:
I didn't really mean an E-Mail address you use when posting to a web site. The ones that really attract a lot of Spam are addresses actually appearing on a web page, e.g. the Webmaster's address that should be on every site. That doesn't always hold. I have an email addresss link on my web page and have done so for seven years. My email address is also undisguised in the "From" and "Reply to" fields of newsgroup messages though its not put in the message itself. As I acquire work via webpage and email, often from people who are fairly computer illiterate, I consider it worth the risk of leaving myself open to spam attack but as it happens I have never had inordinate amounts of spam (nowadays about 15 spam messages per day) and I don't filter my email at all, though I would if the spam rate went up a lot I suspect luck has a lot to do with it and I hope I stay lucky Anna ~~ Anna Kettle, Suffolk, England |""""| ~ Lime plaster repairs / ^^ \ // Freehand modelling in lime: overmantels, pargeting etc |____| www.kettlenet.co.uk 01359 230642 |
#9
|
|||
|
|||
In article , Andy Hall
writes On Thu, 27 Jan 2005 08:34:33 +0000, "." wrote: In article , Peter Ramm writes On Wed, 26 Jan 2005 00:58:51 GMT, raden wrote: For anyone interested, I shall be using this email address from now on. I'm sure spammers' address harvesters will be ;-) Having been looking at this for a while... it seems that most harvesters only pick up the domain address so in my case lots of stuff arrives @chapelhouse, I set a simple filter that bounces anything without an addressee, this reduces the spam to the odd few which are not a problem. Demon are filtering spam now anyway which has cut it down even further It's better to silently drop messages to users in your domain who are not addressees rather than bouncing them. If you bounce them, the spammer knows that he has a live domain and will then just try common names at that domain. That has not been my experience Andy, I don't think the spammers even post from an address that they go back to anyway, its usually a third party with a link in the message. I think its a worldwide scattergun approach that gets the 1 in 6 million replies that still makes it worthwhile -- David |
#10
|
|||
|
|||
wrote: wrote: I once set up an e-mail address which I only used in a couple of newsgroups - it very quickly became a magnet for all sorts of sh*t. However, this was some time ago so things may be different now. My Reply-to: address is valid and used only on Usenet. It gets a little junk sent to it but not much. Most spam gets sent to addresses which appear on web pages, that's where the address harvesters get most of their addresses. I think the newsgroups on which the E-Mail address is used affect how much junk at attracts quite a lot, it's also significant whether the address appears in the body of the message or not. E.g. if you put your address in your .sig it will attract quite a lot more junk than if you have it only in the Reply-to: header. I beg to differ but my experience is totally opposite to yours. It took years before I ever received any spam from putting an e-mail address on a web site. My ISP allows any address before the @domain. So, by using unique addresses whenever I list my email address, give it to an on-line supplier, or register for something on a web page I know *exactly* where spam originates and can easily filter it based on the "to" address. I didn't really mean an E-Mail address you use when posting to a web site. The ones that really attract a lot of Spam are addresses actually appearing on a web page, e.g. the Webmaster's address that should be on every site. That's what I meant when I said "putting an e-mail address on a web site". Then I posted in a usenet group (this one) with a unique address and started receiving spam within 24 hours. The e-mail address was only in the reply to, never in the body. Then it would die down but every time I posted here I would get a further flurry of spam. Now I use this hotmail alias for usenet and just ignore it. Well my view is backed up by the only real data on this subject that I know about:- http://www.cdt.org/speech/spam/030319spamreport.shtml I don't see how this backs up your view that "Most spam gets sent to E-Mail addresses which appear on web pages" at all. The first line of the major finding says "e-mail addresses posted on Web sites or in newsgroups attract the most spam". I.e., *both* are a major source of spam. MBQ |
#11
|
|||
|
|||
Andy Hall wrote:
On Thu, 27 Jan 2005 08:34:33 +0000, "." wrote: In article , Peter Ramm writes On Wed, 26 Jan 2005 00:58:51 GMT, raden wrote: For anyone interested, I shall be using this email address from now on. I'm sure spammers' address harvesters will be ;-) Having been looking at this for a while... it seems that most harvesters only pick up the domain address so in my case lots of stuff arrives @chapelhouse, I set a simple filter that bounces anything without an addressee, this reduces the spam to the odd few which are not a problem. Demon are filtering spam now anyway which has cut it down even further It's better to silently drop messages to users in your domain who are not addressees rather than bouncing them. If you bounce them, the spammer knows that he has a live domain and will then just try common names at that domain. Surely though the lack of *any* failure also indicates that the spammer has got a 'live' domain? |
#12
|
|||
|
|||
On 29 Jan 2005 01:57:00 -0800, "Mathew J. Newton"
wrote: Andy Hall wrote: On Thu, 27 Jan 2005 08:34:33 +0000, "." wrote: In article , Peter Ramm writes On Wed, 26 Jan 2005 00:58:51 GMT, raden wrote: For anyone interested, I shall be using this email address from now on. I'm sure spammers' address harvesters will be ;-) Having been looking at this for a while... it seems that most harvesters only pick up the domain address so in my case lots of stuff arrives @chapelhouse, I set a simple filter that bounces anything without an addressee, this reduces the spam to the odd few which are not a problem. Demon are filtering spam now anyway which has cut it down even further It's better to silently drop messages to users in your domain who are not addressees rather than bouncing them. If you bounce them, the spammer knows that he has a live domain and will then just try common names at that domain. Surely though the lack of *any* failure also indicates that the spammer has got a 'live' domain? If you silently blackhole the messages, the spammer will assume they got to the intended recipient and probably do nothing more. If the mail is rejected as undeliverable with SMTP, it attracts attention. I've tried three different methods: - Bounce the message back after accepting it on the SMTP server. - Reject it as undeliverable to the specific user by the SMTP server. - Silently black hole. THe first two seem to both cause additional messages to users like "postmaster" and common first names to be sent. Being silent seems to stop this. -- ..andy To email, substitute .nospam with .gl |
#13
|
|||
|
|||
In article , Andy Hall
writes On 29 Jan 2005 01:57:00 -0800, "Mathew J. Newton" wrote: Andy Hall wrote: On Thu, 27 Jan 2005 08:34:33 +0000, "." wrote: In article , Peter Ramm writes On Wed, 26 Jan 2005 00:58:51 GMT, raden wrote: For anyone interested, I shall be using this email address from now on. I'm sure spammers' address harvesters will be ;-) Having been looking at this for a while... it seems that most harvesters only pick up the domain address so in my case lots of stuff arrives @chapelhouse, I set a simple filter that bounces anything without an addressee, this reduces the spam to the odd few which are not a problem. Demon are filtering spam now anyway which has cut it down even further It's better to silently drop messages to users in your domain who are not addressees rather than bouncing them. If you bounce them, the spammer knows that he has a live domain and will then just try common names at that domain. Surely though the lack of *any* failure also indicates that the spammer has got a 'live' domain? If you silently blackhole the messages, the spammer will assume they got to the intended recipient and probably do nothing more. If the mail is rejected as undeliverable with SMTP, it attracts attention. I've tried three different methods: - Bounce the message back after accepting it on the SMTP server. - Reject it as undeliverable to the specific user by the SMTP server. - Silently black hole. THe first two seem to both cause additional messages to users like "postmaster" and common first names to be sent. Being silent seems to stop this. But AIUI most spamming is not done from an original address but from a hijacked address (I have been the victim of this myself) so if this is the case it doesn't matter whether you bounce or blackhole, the original spammer never sees it anyway. You can argue that you waste bandwidth and inconvenience any address that has been hijacked but as for getting a response from the original source I can't see it myself. -- David |
#14
|
|||
|
|||
.. wrote:
In article , Andy Hall writes On 29 Jan 2005 01:57:00 -0800, "Mathew J. Newton" wrote: Andy Hall wrote: On Thu, 27 Jan 2005 08:34:33 +0000, "." wrote: In article , Peter Ramm writes On Wed, 26 Jan 2005 00:58:51 GMT, raden wrote: For anyone interested, I shall be using this email address from now on. I'm sure spammers' address harvesters will be ;-) Having been looking at this for a while... it seems that most harvesters only pick up the domain address so in my case lots of stuff arrives @chapelhouse, I set a simple filter that bounces anything without an addressee, this reduces the spam to the odd few which are not a problem. Demon are filtering spam now anyway which has cut it down even further It's better to silently drop messages to users in your domain who are not addressees rather than bouncing them. If you bounce them, the spammer knows that he has a live domain and will then just try common names at that domain. Surely though the lack of *any* failure also indicates that the spammer has got a 'live' domain? If you silently blackhole the messages, the spammer will assume they got to the intended recipient and probably do nothing more. If the mail is rejected as undeliverable with SMTP, it attracts attention. I've tried three different methods: - Bounce the message back after accepting it on the SMTP server. - Reject it as undeliverable to the specific user by the SMTP server. - Silently black hole. THe first two seem to both cause additional messages to users like "postmaster" and common first names to be sent. Being silent seems to stop this. But AIUI most spamming is not done from an original address but from a hijacked address (I have been the victim of this myself) so if this is the case it doesn't matter whether you bounce or blackhole, the original spammer never sees it anyway. You can argue that you waste bandwidth and inconvenience any address that has been hijacked but as for getting a response from the original source I can't see it myself. I agree. Spam comes in several carttegories. One categories is 'no valid return address' and usually invites you t visit a web site. Bouncing it is useless - there is nowhere to bounce, and chances are the bounce will bounce back to YOU as the originator of the bounce. Black hole it. Anoher class is that which uses hijacked valid addresses to escape being bounced as invalid return address. Chances are that bouncing this back to teh poor sucker whos adress is nicked will cause grief and extra traffic. Black hole it. Anoher class is that which uses a temporary address on MSN, AOL, or Yahoo. Tes have limits obn recipeint lists for uploading, so teh normal way tehse guys work is to use an open relay, which will very soon get blocked off and blacklisetd. So anything fo a blacklisted relay may be safely black holed. The final class of spam is from quasi legitimate business that have acquired your e-mail address, and are sending circulars. Most of these will get throiugh spam filters, and most of tehm will allow you to de-register. If not, you know who they are and can bounce messages back if you like. I have been developing my spam filters on my ISP, and have now a very good combiantion. - addresses to individuals in my domains that do not exist, are bounced with a 'no known user' - this takes care of all te crap fora similarly named domain I used to get. - addresses from blacklisted relays are silently refused at SMTP level - addresses from individuals on spoof non existent return addresses are junked. - all mail from AOL, yahoo and MSN is junked, with named exceptions for the very few pople I know that actually are dumb enough to use it. - address from certain companbies that still spam me after requests not to are returned with pithy messages. All this is done at my ISP (ww.calar.net) site on their machines, but under MY control. That way I do not have to download spam - they reject it or dump it there, saving me time and bandwidth. |
#15
|
|||
|
|||
On Sat, 29 Jan 2005 11:10:10 UTC, Andy Hall wrote:
I've tried three different methods: - Bounce the message back after accepting it on the SMTP server. - Reject it as undeliverable to the specific user by the SMTP server. - Silently black hole. And, of course... - Reject the initial connection if the sending IP is on a reliable blacklist (e.g. SBL/XBL) -- Bob Eager begin a new life...dump Windows! |
#16
|
|||
|
|||
In message , Andy Hall
writes - Bounce the message back after accepting it on the SMTP server. - Reject it as undeliverable to the specific user by the SMTP server. - Silently black hole. Can someone explain exactly what black holing is (apart from DIM^2's newly revealed fave pastime) -- geoff |
#17
|
|||
|
|||
On Sat, 29 Jan 2005 21:45:20 GMT, raden wrote:
In message , Andy Hall writes - Bounce the message back after accepting it on the SMTP server. - Reject it as undeliverable to the specific user by the SMTP server. - Silently black hole. Can someone explain exactly what black holing is (apart from DIM^2's newly revealed fave pastime) That doesn't bear thinking about, does it? In the context of email, if you have your own SMTP server which you manage yourself (or have appropriate access to a managed one), it is usually set up to receive email for your domain. This might be because it is permanently connected to the public Internet and a domain name server is advertising its address as that to be used for mail to your domain (using a DNS MX or mail exchanger) record; or could be because your ISP initially receives mail for your domain but forwards it to your SMTP server. Demon do this as an option to give one example. All of this is as opposed to a POP3 account at an ISP; where the ISP handles the SMTP part. So if you have said SMTP server or can manage one carrying your mail, you can set rules for delivery with most software (e.g. sendmail, postfix, etc.) One strategy is to bounce mail that doesn't match a local mail user name. Another is to accept it and then silently throw it away. In other words the difference between throwing the junk mail in the bin as opposed to writing the address of the sender on it and popping it into the postbox. It disappears into a black hole. A similar technique is used by some ISPs and carriers to handle one of the other pains in the arse, the denial of service, or DOS attack (not to be confused with Microsoft, although some would say that they are similar in that they prevent doing anything useful). There are various kinds of DOS attack, but a common one is for the miscreant to use a large number of trojan/virus compromised PCs to target a web site or other internet service and to swamp it with various types of traffic or attempted access such that it becomes unusable for legitimate users. There are several ways to combat it, but a common one is for the carrier/ISP to install a black holing router and to direct the traffic to it for the duration of the attack rather than to allow it through to the intended target. The black holing router simply silently drops the DOS traffic. Depending on the type of attack, the miscreant may not even know that this is being done. -- ..andy To email, substitute .nospam with .gl |
#18
|
|||
|
|||
In message , Andy Hall
writes On Sat, 29 Jan 2005 21:45:20 GMT, raden wrote: In message , Andy Hall writes - Bounce the message back after accepting it on the SMTP server. - Reject it as undeliverable to the specific user by the SMTP server. - Silently black hole. Can someone explain exactly what black holing is (apart from DIM^2's newly revealed fave pastime) That doesn't bear thinking about, does it? In the context of email, if you have your own SMTP server which you manage yourself (or have appropriate access to a managed one), it is usually set up to receive email for your domain. This might be because it is permanently connected to the public Internet and a domain name server is advertising its address as that to be used for mail to your domain (using a DNS MX or mail exchanger) record; or could be because your ISP initially receives mail for your domain but forwards it to your SMTP server. Demon do this as an option to give one example. All of this is as opposed to a POP3 account at an ISP; where the ISP handles the SMTP part. So if you have said SMTP server or can manage one carrying your mail, you can set rules for delivery with most software (e.g. sendmail, postfix, etc.) One strategy is to bounce mail that doesn't match a local mail user name. Another is to accept it and then silently throw it away. In other words the difference between throwing the junk mail in the bin as opposed to writing the address of the sender on it and popping it into the postbox. It disappears into a black hole. A similar technique is used by some ISPs and carriers to handle one of the other pains in the arse, the denial of service, or DOS attack (not to be confused with Microsoft, although some would say that they are similar in that they prevent doing anything useful). There are various kinds of DOS attack, but a common one is for the miscreant to use a large number of trojan/virus compromised PCs to target a web site or other internet service and to swamp it with various types of traffic or attempted access such that it becomes unusable for legitimate users. There are several ways to combat it, but a common one is for the carrier/ISP to install a black holing router and to direct the traffic to it for the duration of the attack rather than to allow it through to the intended target. The black holing router simply silently drops the DOS traffic. Depending on the type of attack, the miscreant may not even know that this is being done. Cheers -- geoff |
#19
|
|||
|
|||
raden wrote:
In message , Andy Hall writes - Bounce the message back after accepting it on the SMTP server. - Reject it as undeliverable to the specific user by the SMTP server. - Silently black hole. Can someone explain exactly what black holing is (apart from DIM^2's newly revealed fave pastime) Go directly to nowhere. Do not respond, do not accept. Th emnessge is simply refused, or accepted and thrown away. |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
21st Century E-Commerce Money Making Formula | Woodworking | |||
21st Century E-Commerce Money Making Formula | Woodworking | |||
21st Century E-Commerce Money Making Formula | Woodworking | |||
INSTANT CASH FLOW PROGRAM THAT REALLY WORKS!! | Home Ownership | |||
email address for OT poster | Woodworking |