PUBLIC MARKS with tag spam

I’m declaring war on Spam, right now, right here. Every single day I start up my email program and I’m bombarded with spam email after spam email … worse still, the spammers are hitting all of my blogs really hard too! Other than us...

smtp-delay is an add-on/plug-in intended for use with qmail. It was written primarily to add banner delays and antipipelining to qmail. These two features are known to be able to block certain types of spam and virus mail sent through non-rfc-compliant SMTP engines. When I looked around for programs to add this functionality to qmail, I found only one such program, and didn't like the way it was done. BTW...I have the same objections to the way its done in sendmail 8.13.x. Since banner delays (the server pausing for some time before issuing an SMTP banner) cause every SMTP connection to take longer, I thought it would be a good idea to somehow exempt "legitimate" mail servers...or at least not subject them to long banner delays. So I decided to tune the banner delay time based on the connecting IP's reverse DNS. IPs with no rDNS get treated the worst (longest banner delay). IPs with rDNS matching a regex intended to detect dynamic/end-user IPs get a moderate delay. All other IPs get a very short banner delay...just long enough to see if they immediately pipeline (send SMTP commands before the banner's been sent). The original intent for smtp-delay was that it should be run before rblsmtpd, and simply set the RBLSMTPD environment variable if applicable, letting rblsmtpd issue the 4xx response. Pretty early on, I realized smtp-delay should be able to run standalone (without dependence on rblsmtpd to do its talking) and issue a 4xx response on its own. Lately, the spam load against our mail cluster has gotten so bad that I've started running smtp-delay after rblsmtpd, based on the idea that there's no point waiting out a long banner delay holding an open socket to an IP we have no intention of accepting mail from anyway. This reduced our concurrency by about 20%.

An API aimed at qualifying blog comment spam. Accpeted input/outputs are XML and YAML.

When displaying an e-mail address on a website you obviously want to obfuscate it to avoid it getting harvested by spammers. But which obfuscation method is the best one? I drove a test to find out. Here are the results: In 2006 I opened nine different e-mail addresses. On this page I published the nine e-mail addresses. But every address has been obfuscated by a different method. I made sure it’s getting indexed by Google by putting a link to that page on the tilllate.com homepage. Then I waited 1.5 years (see the original post). For each e-mail address I counted the amount of spam I received. The amount of spam received started by 21MB (for no obfuscation and a total of over 1800 spam mails) and went down to absolutely no spam.

When displaying an e-mail address on a website you obviously want to obfuscate it to avoid it getting harvested by spammers. But which obfuscation method is the best one? I drove a test to find out. Here are the results:

Malgré bien des tentatives pour essayer de l'éradiquer et de le minimiser, le spam ou courrier électronique non sollicité reste plus que jamais d'actualité. Dans une récente étude publiée par MessageLabs, 81,5% des emails reçus au travers des fournisseurs d'accès seraient du spam.

Ça peut toujours servir

Declaring war on comment spammers. I've seen a huge increase in the amount of comment spam that I've been receiving on my blogs. It's time to fight back. What do you do, or what plugins or add ons do you use on your blogs to fight spam?

"こうした情報商材の年間売り上げは総額２００億円と推測されるが、「詐欺まがいの内容」との苦情も急増。多くの販売者が購入者に「あなたのブログに広告を張り付けて。売れたら報酬を払います」と持ちかけているのが特徴で、損をした人が元を取り戻そうと誇大広告をばらまき、別の人がまた損をするという構図になっている。「負の連鎖」の広がりに、「まるでネットのネズミ講」との声も出ている。"

mod_defensible is an Apache 2.x module intended to block spammers/hackers/script kiddies using DNSBL servers. It will look at the client IP and check it in one or several DNSBL servers and return a 403 Forbidden page to the client. This guide shows how to install and use it with Apache 2 on a Debian Etch server.

"いつのまにか、こんな団体ができてるんですねー　全然知らない人ばっかりー。" 確かに。

huhu

Les Spammeurs anonymes, tu les connais bien : ce sont ceux qui adorent gaver ta boîte aux lettres de petites arnaques, de médocs bidons, de faux diplômes ultra chers et de photos pornos… L’année dernière, ils ont gagné des millions d’euros, juste avec une bonne connexion Internet, un procédé pour rendre anonymes leurs mails, et des millions d’adresses mail comme la tienne !

Calling all bloggers! We’d like to enlist your help in making TypePad AntiSpam the best, smartest, free antispam service available. We’ve launched this beta version in an effort to make the service smarter, and we’re counting on your feedback to provide vital information on how to defeat spam more effectively.

Naam: PLANETBITS Vestigingsadres: Royaards van den Hamkade 9 Vestigingsplaats: 3552CJ Utrecht Internetadres: www.planetbits.com KvK-nummer: 30215515 0000 Soort Inschrijving: Hoofdvestiging

(cache Google du post http://i.never.nu/hack-update/ ) // Patrick de i.never.nu a signalé le 10 que son Wordpress avait été contaminé. Depuis ce soir, le nom de domaine est redirigé sur une page garage. Piratage ou suspension provisoire ?

Nombre de pages vérolées vers lesquelles pointent les spam links. Ces sites tournant sous Wordpress sont au fur et à mesure sandboxés par Google. Fin mars, ce nombre tournait autour de 25000. // A parcourir avec le Javascript désactivé-- of course.

Réaction tardive de Matt W., surtout pour réfuter l'alarmisme de Security Focus. Le problème est connu depuis la sortie du correctif WP 2.3.3. Il semble acquis que rien ne paraitra là-dessus sur la homepage de WP.org.