Wednesday·18·November·2009
Spam in SMTP not via SMTP //at 18:53 //by abe
While examining the mail queue after a big mail server migration, I found the following reason for a bounce (hostnames replaced according to RFC2606):
550-5.1.1 - 550-5.1.1 - 550-5.1.1 TO LEARN WHY YOUR EMAIL WAS REJECTED PLEASE GO HERE: 550-5.1.1 - 550-5.1.1 http://www.example.com/answers/dWtsb3R0b3NAdWtsb3R0ZXJ5LmNvLnVrPgA=AAA=/ 550-5.1.1 - 550-5.1.1 Cheap, Reliable Webhosting 550-5.1.1 http://www.example.com/a/hostgator/ 550-5.1.1 - 550-5.1.1 Round-Trip Flights under $200 from Priceline! 550-5.1.1 http://www.example.com/a/pricelinertf/ 550-5.1.1 - 550-5.1.1 Free Skype-to-Skype calls on your mobile 550-5.1.1 http://www.example.com/a/skype/ 550-5.1.1 - 550 5.1.1 -
What’s next? Advertisements in HTTP headers? Oh, I forgot, they already
exist and are called “referrer spam”.
Tagged as: SMTP, SOTD, Spam
// show without comments // write a comment
Related stories
Monday·09·October·2006
Fedora Legacy useless? //at 15:16 //by abe
For a (much too long) time, we ran our three AMD 64 bit virus scanners and spam filter boxes with Fedora Core 4. Since the the official support ended a few months ago when Fedora Core 6 Test 2 came out, so we decided to switch them over to support through the Fedora Legacy Project.
For testing purposes we first switched over one of the three boxes. But the test failed: Although the changes (as documented on the Fedora Legacy home page) seemed to work fine, not a single update came until the end of last week, even though there were partially remotely exploitable security issues in OpenSSL, OpenSSH, gzip, etc. during that time. There were also no announcements on the list since FC4 switched over to the Fedora Legacy Project, not for FC4 nor for any other distribution maintained by the Fedora Legacy Project.
So what the heck does the Fedora Legacy Project if not security updates?
I would be very happy if I could switch over those boxes to Debian or even Ubuntu, but there’s no BiArch support (running 32 bit applications on 64 bit operating systems transparently) in Debian (and therefore neither in Ubuntu) yet without a lot of manual fiddling and chroots, so we can’t run our 32 bit virus scanners on those 64 bit boxes with a debianesk operating system yet.
Today we’ve upgraded the last of those three boxes to Fedora Core 5.
Tagged as: 64 Bit, Admin, AMD, chroot, Debian, ETH Zürich, Fedora, Fedora Core 4, Fedora Core 5, Fedora Legacy, gzip, OpenSSH, OpenSSL, Rant, Security, Spam, SpamAssassin, Ubuntu, Updates, Virus, WTF
// show without comments // write a comment
Related stories
Thursday·02·March·2006
Can the spam problem be solved? //at 02:23 //by abe
Many have tried to solve spam problem, even Micrsoft (with a quite strange solution ;-), but except personal solutions like well working and well-kept spam filters, no well-working general technical solution has been found yet.
Although I really would like to see a technical solution and often think about this problem, I currently believe that this primarily is a social problem which cannot be solved solely with technic. UserFriendly’s Erwin seems to see it the same way and proposed today a quite drastical solution.
There are good ideas out there (e.g. SPF, RBL, Greylisting and Teergrubing), but all seem to have their problems, too. Especially RBL often have administrative problems, i.e. if an entry is justified or not. Greylisting simply can be bypassed by being SMTP conform and trying again, so it’s usefulness will decrease permanently. And against Lutz Donnerhacke’s teergrubing, spammers seem to have found workarounds quite quickly. Haven’t heard much about it in the last years. (I just can’t remember what the drawback of SPF was.)
For myself I’ve solved the spam problem with a learning SpamAssassin
and sorting mail by spam-level into several mailboxes. The higher the
spam-level of such an inbox, the more seldom I look into it. Works
fine. For me. No general solution though, since the SpamAssassin needs
to be fed with fresh spam regularly.
Tagged as: Greylisting, Microsoft, RBL, SMTP, Spam, SpamAssassin, SPF, Teergrubing, UserFriendly, VHEMT
// show without comments // write a comment
Related stories
Cheap blue pills //at 02:22 //by abe
I just got an obvious spam e-mail with subject “cheap blue pills” and
it took me quite a moment to realise that they don’t want me to buy
pills which let me keep everyone I love and
everything that I have built my life upon. What a pity. But why
don’t they sell also red pills? ;-)
Tagged as: Geek, SCNR, Spam, The Matrix
// show without comments // write a comment
Image based captchas are evil //at 02:20 //by abe
I always found Captchas annoying. But since I also had or have problems with guestbook or comment spamming, I understood that people and especially companies saw no other choice against comment or wiki spamming, mass account grabbing, etc. But since most captcha are based on the fact that people can still read deformed or garbled texts in images while machines can’t or at least only with a big effort, there is one big drawback with them: They are even more an insuperable obstacle for blinds or visually handicapped people than for machines.
The blind computer science student Sebastian Andres showed at Berlinux how blinds
navigate and use the web and where they (must) stop. So because of
GMail uses visual captchas as a defense against mass account grabbing,
he couldn’t get such a “free” e-mail account. (And yes there exist
non-visual captchas. But they’re seldom used.) Thanks Sebastian for
this insight.
Tagged as: Accessibility, Berlin, Berlinux, Blinds, Captchas, Events, IT&W, Spam, WWW
// show without comments // write a comment
Related stories
Implemented a blacklist for blog comment spam //at 02:12 //by abe
Just killed all the remaining comment spams (I hope) and implemented a simple regexp based blacklist which should get most medicaments, potence pills, casinos, lotteries and other frequently posted junk. I hope, it does not hit too many valid posts. If you have problems posting comments, feel free to contact me by e-mail or on IRC.
In other news, I installed the blosxom plugin comments_recent and adapted the mail feature of writeback notify to my (in the meantime heavily modified)
instance of the comments plugin v0.6. I also made it symlink-safe
for use with multcat.
Tagged as: Blacklist, Blogging, Blosxom, Blosxom Plugin, comments_antispam, Hacks, Perl, RegExp, Spam
// show without comments // write a comment
Related stories
Blacklisting comment spam in blosxom //at 02:12 //by abe
Since the demand for blosxom anti-comment-spam solutions respective appropriate blosxom plugins seems to be really high, I’ve decided to polish up my apparently quite well working although still in beta state being anti-spam enhanced version of the comments plugin (ZIP) by putting the blacklist outside in an external file and writing some (still short) docs.
I use it since 11th of January this year and got only two spam comments and many more normal comments since then, so it should work. Although: I also got a question if my trackback doesn’t work. Hmmm. So no warranties, just an offer for help fighting against comment spam. ;-)
Another feature which is basically ported from the writeback notify plugin is notification of the blog owner about new comments by mail. Since on the server on which my blog runs the used Perl module Mail::Sendmail was not available, I used Mail::Send instead for my version.
For installation you first need to download the ZIP file of the original comments plugin, install it’s templates and then install my anti-spam enhanced version of the plugin itself.
Now playing: Rockapella — Come on Eileen
Tagged as: Blacklist, Blogging, Blosxom, Blosxom Plugin, comments_antispam, Hacks, Now Playing, Open Source, Other Blogs, Perl, RegExp, Spam
// show without comments // write a comment
