Spam Filtering: August 2005 Archives

I suppose it was inevitable that 419 scams would eventually start using Ireland as a source for their scams:

There are a number of technologies currently being developed to help combat spam, phishing fraud and other email related abuse. One which has received a considerable amount of attention in recent months is SPF. Another, which may not have attracted quite as much attention, is Yahoo's domain keys. In both instances the technology is designed to help verify who is authorised to send mail from a particular server, hostname or IP address. The problem, if you aren't a diehard geek, is actually identifying potential fraud in your email client. Server-side (at the MTA level) implementation comes in a number of forms, but at the client level (desktop) the number of email clients that actually check for valid SPF records (or domain keys) is thin on the ground. For Thunderbird you can install Joshua Tauberer's handy little extension which checks both SPF and Yahoo Domain Keys I'd love to hear of other email clients that support these kind of checks.

I've always been fascinated by spammers. They send millions of emails out in the hope that enough people will be duped into clicking on the link and visiting whichever site they are promoting or buying into whichever service they are selling. The phishing emails vary in their complexity, but you would have thought that the majority of people would have learnt to be more cautious by now. Unfortunately that is not always the case. I still see people offering to send me their credit card details via email. We still see credit card fraud. We sometimes see paypal fraud. How much money the fraudsters are making and how many scams are committed is hard to say, especially as people are unlikely to notice or report small amounts (scam a few thousand people for a euro - it's a lot of money, but I doubt if the victims would notice it immediately) In the last month I've seen the usual number of credit card scammers, with the hapless victims contacting us in some cases looking for more information. Apart from an IP address (belonging to a major ISP) there isn't that much information that you can provide.

Some time ago I wrote about setting up a local mirror for a DNS blacklist using RBLDNSD and Bind. Although that works fine and definitely gives a speed up to servers on the network I'd really like to know what is happening ie. how many queries.

Justin has posted an interesting study of a rule's effectiveness over time. His observations are interesting.

I've mentioned phishing fraud in the past. Most of it is quite well done and almost looks genuine I got one today that was really badly executed The first sign of it being fraudelent was the "from" part. Instead of saying "paypal" or "PayPal" they used "PaYpal", which is incorrect capitalisation. A company the size of Paypal is unlikely to make that kind of mistake The other signal was from MailScanner which had spotted that the link to paypal.com was actually to an IP address.

Some people's efforts at SEO are simply annoying. Spamming people after grabbing email addresses using some badly written bit of software is not the way to win friends online. Unfortunately some people obviously missed that message:

Hi, I took a look at your site a couple of hours ago... and I want to tell you that I'd really love to trade links with you. I think your site has some really good stuff related to my site's topic of car rental and would be a great resource for my visitors as it deals with some great aspects of car rental that I'd like to give my visitors more information about. In fact, I went ahead and added your site to my Car Rentals i Resource Directory at http://xxxxxx.com/carrentalsinireland Is that OK with you? Can I ask a favor? Will you give me a link back on your site? I'd really appreciate you returning the favor. Thanks and feel free to drop me an email if you'd like to chat more about this. Best wishes, XXXX xxxxx.com info@xxxxx.com P.S. When you do link back, there's some suggested code to use at http://xxxxxx.com/addurl //

(Links removed to stop them gaining from this post) Would somebody please explain what the connection between car rentals and hosting is? I can't see it. Any suggestions would be welcome. I am tempted to reply along the lines of: "Dear Muppet If you'd actually visited our site I would have to question your sanity. Love Michele"

Spamming really doesn't pay as Scott Richter, former "spam king" found out. Microsoft has won a case against Richter and his company OptInRealBig.com Llc. and will receive $7 million as part of the settlement. Full story

Comment spam can be a pain. Email spam renders email unusable. Being able to block both easily would be the "Holy Grail" for many bloggers.

Anybody who reads this blog knows that I'm ever so slightly opposed to spam, spammers and their ilk. Talking to Irish SMEs on a regular basis you realise fairly quickly that email is more than just a business tool.