Anti Spam - SpamUnit

For those who know everything about email spam, forum spam may come as a surprise. Message boards, in this “Web 2.0″ age, are increasingly important for online communities and even companies who seek their members’ and customers’ feedback and debate on open forums. However, the days of the truly open forum are all but numbered; automated forum spambots can easily infiltrate such boards to post marketing material, and hence registration - signing up for a forum account - is now extremely common.

A few years ago, this was enough to stop most spammers. Since then, automated form-filler bots have become extremely commonplace; they can easily sign up automatically for hundreds of forums in minutes, using free, automated email services to get accounts for those boards that require email authentication. Then, they are often free to post spam messages until an administrator removes them manually. As such, boards have become even more closed - particularly as forum spam filtering and forum spam blacklisting are not as advanced as their email counterparts.

Spam prevention on forums takes many forms. “Captcha” sign-up is increasingly common; this requires the registration form to include a small image with difficult-to-read letters and symbols printed on it. The registering user must then type what he/she sees into a text box in order for the registration to continue. (For the visually-impaired, a sound-based alternative is sometimes offered, or the ability to email the administrator is given.) This task is easy for most humans but very difficult - yet not impossible - for computer programs. For those spammers that do register, inconveniences such as flood control and tight moderation easily stop them, but at the cost of annoying some legitimate users.

Blacklisting email addresses or certain forum spam terms seems to be the best solution, but it’s increasingly difficult to do so, particularly as forum spam is in its infancy when compared with e-mail spam. When email whitelisting and blacklisting technology can be transposed to the forum arena, the internet will be a better place for it.

Bookmark:

Another perspective on the GoodMail system is offered by BloggerNews. They feel that companies signing up to use the spam white list system are merely offering spam by another name. Calling the software a “loophole”, they point out that it is heavily reliant on the honour system, saying that companies must only offer a pledge to use only email addresses acquired legitimately, but there is no mechanism in place to guarantee this. Yahoo! mail have recently signed up to the GoodMail system in addition to their own anti spam measures, but have come under criticism for not ensuring that consent is first given by end users.

Perhaps, in this sense, spam laws have a lot to answer for. All too often there is little burden on the email sender to really prove that what they’re doing is above board. Nonetheless, the GoodMail spam solution is proving extremely popular with reputable companies, and one hopes that the company will quickly clamp down on rogue clients, if only to preserve its own reputation. Nonetheless, some customers would prefer that ISPs and technology companies focused on spam protection and spam filters, rather than marketing. See BloggerNews for more

Bookmark:

Once again the spam gangs inconvenienced thousands of innocent internet users when their activities saw the UK branch of Italian telecoms giant Tiscali hit a spam black list. A large portion of Tiscali subscribers found themselves unable to send outgoing mail via SMTP; spam gangs abusing the network had resulted in spam blocking software restricting Tiscali IPs from reaching certain email addresses. What’s even more worrying is that the ISP seemed to take a long time to fix the problem: first, they had to purge the network of spammers. After doing so, the changes made to stop future attacks by spammers were scheduled to kick in in seven to ten days. The company recommended that customers use web mail, such as Yahoo! email or Lycos mail, to send vital messages while the changes took place. This angered some customers who expected a prompter service, rather than massive inconvenience.

Eventually, Tiscali rectified most of the issues and returned to the spam whitelist on most spam sites. After the negative publicity, and customer backlash, perhaps now the ISP will make a greater attempt to get rid of spam from its network, and perhaps to utilise a better spam stopper.

See The Register for full article

Bookmark:

We read recently about a business traveler who could not send emails at all whilst traveling abroad with his laptop. The problem was deceptively simple. The traveler used Outlook, and the ISP he was using blocked port 25.

As he could receive emails fine, it was clearly not a problem with his Outlook spam filter. Rather, it was a server-side issue: some ISPs restrict port 25 to some extent, or even entirely. AOL users, for example, cannot connect to port 25 at all, the block acting as a de facto spam black list. Simply put, port 25 is the default connection port for sending emails, and thus one used by a lot of spam tools and spam solutions. By blocking it, ISPs hope to stop these robots from taking advantage of their network, whilst letting regular users fix the problem manually. For someone like our business traveler, it’s easier said than done when they have no idea what the problem is.

Of course, if you use web mail, you avoid the problem entirely! If you don’t, here is a simple solution if you find yourself unable to send mail and suspect it may be a port 25 issue.

Using Outlook or Outlook Express? Spam may not be a problem, but your connection might be. Access your Outgoing SMTP server and add :587 to the end, e.g. sendmail.yourserver.com:587. 587 is left open by most providers when 25 is blocked.

Still no progress? Your ISP may have blocked port 25 entirely, even from outgoing connections, or your mail server may not exist. Contact your ISP and ask them for further details on a valid port to send legitimate email.

Port blocking may be a noble attempt to get rid of spam, but it can also be a major inconvenience. Make sure you don’t suffer from this problem.

Bookmark:

While the trial of spam king Robert Alan Soloway has been catching all the headlines, it’s worth looking at some of the other top spammers who are the targets of the FBI’s “Operation Bot Roast.” Along with Soloway, two others have already been charged, with more possibly on the way. The first of the other two is James C. Brewer of Arlington, Texas. Well-known to those who keep spam blacklists, this man apparently installed botnet software on Chicago-area hospital computers (see post 11.) The other is the least well-known of all, but is worthy of mention. Jason Michael Downey of Covington, Kentucky, is also a famed botnetter. Using spam virus software, he is also allegedly not only involved in zombie PC, but also fraud; his charge relates not directly to spam mail but to Fraud and Related Activity in Connection with Computers.

Of course, this could just be the tip of the iceberg. The FBI are rumoured to have even more targets, mostly relating to botnetting as opposed to simply junk spam: their problem lies mostly with fraud and hacking, rather than with marketing. However, they realise that the actual act of spamming is a major concern for users, so they offer tips on their website (see: http://www.fbi.gov/page2/june07/botnet061307.htm) about spam protection, spam filtering and how to use spam blocker software. They also recommend spam firewall programs be left on it at all times: all sound advice.

Bookmark: