Your Universal Remote Control Center
RemoteCentral.com
Custom Installers' Lounge Forum - View Post
Previous section Next section Up level
Up level
The following page was printed from RemoteCentral.com:

Login:
Pass:
 
 

Topic:
OT. No junk mail
This thread has 4 replies. Displaying all posts.
Post 1 made on Sunday September 10, 2017 at 06:48
thecapnredfish
Senior Member
Joined:
Posts:
February 2008
1,397
I live in the path of Irma. I find it strange that junk mail has ceased nearly 100%. How is this possible?
Post 2 made on Sunday September 10, 2017 at 09:21
buzz
Super Member
Joined:
Posts:
May 2003
3,763
There are a lot of "entrepreneurs" in Florida. These guys are either generating the marketing spam or have poorly configured servers that have been hijacked. Another dimension is the network of Trojan'd machines that can be leased by the hour to blow out spam. This is a hierarchical scheme where "controller" Trojans (the primary generators are many layers up, scattered around the globe) send jobs out to lower members. If the controllers go down, the lower members, regardless of location, will be quiet. Evidently, there is a cluster of controllers and Trojans in Texas and Florida.

A few years ago a large project, with Microsoft as the point man, tracked the Trojans. Controllers were identified, backtracking to the top. (this is an arduous task because these networks are designed to prevent discovery) When they were satisfied that they had identified the whole pack, there was a globally coordinated take down. Within hours about 70% of spam was gone. I'm not convinced that the spammers have fully recovered. And, I suspect that more and more users are installing anti Trojan software. Another dimension might be better filtering by your email service.

But, I continue to receive messages (with dangerous attachments) from "Hot young Russian girls" who would love to correspond with me -- just open the attachment. Many of these attachments are hostile image files -- don't attempt to look at these.

Years ago I was more actively campaigning against spammers and I would report abuses to the server owners. A couple times I irritated the spammers to the point where they put me on a "punish" list as the sender of the spam messages. For a few days I received thousands of rejection notices (bad email addresses, blocker returns) and irate complaints from regular folk and system admins.

Currently, I'm using an email server bundled with the business web hosting. Here I can install my own "filter". It took a few weeks to tweak, but I'm now down to a low single digit spam leak per week, with many zero weeks. I started by filtering out big words such as "Viagra", "V1agra", any "*.ru" source, etc., and eventually identified a message format that many of the spammers use. When I identify a spam message, I return a message to the sender indicating "bad address". Eventually, their server will remove my address from their list in order to better utilize their bandwidth. There are a few false positives and I'll need to add an exception rule. Overall, I'm down to 50-80 rejected messages per week and this number is dwindling.

[edited minor typo]

Last edited by buzz on September 11, 2017 05:13.
Post 3 made on Monday September 11, 2017 at 02:27
Ernie Gilman
Yes, That Ernie!
Joined:
Posts:
December 2001
29,845
On September 10, 2017 at 06:48, thecapnredfish said...
I live in the path of Irma. I find it strange that junk mail has ceased nearly 100%. How is this possible?

Has it? Or has spam ceased? If it's spam, buzz has a lot of info for you!

Is it too much to ask for "junk mail" to be the term for USPS home-delivery type unwanted mail, and "spam" or even "spam email" to be the term used for unwanted messages that come via the internet?
A good answer is easier with a clear question giving the make and model of everything.
"The biggest problem in communication is the illusion that it has taken place." -- G. “Bernie” Shaw
Post 4 made on Monday September 11, 2017 at 08:21
King of typos
Loyal Member
Joined:
Posts:
June 2002
5,248
On September 10, 2017 at 09:21, buzz said...
When I identify a spam message, I return a message to the sender indicating "bad address". Eventually, their server will remove my address from their list in order to better utilize their bandwidth. There are a few false positives and I'll need to add an exception rule.

Do you mind going into detail about this “bad address” email you send out? What does it look like, images or what not, formate and what does it say?

KOT
Post 5 made on Monday September 11, 2017 at 10:19
buzz
Super Member
Joined:
Posts:
May 2003
3,763
The receiving email server replies with a code indicating the success (or not) of delivering the message. If the message is blocked by one of my filters, a "fail" code is returned to the sender. In addition to the numeric code, I can attach a string. You may have seen "550 Unknown recipient ... Thankyou for contacting XYZ company, please check your contact's address ..." messages for a typo in the address. If I can (some servers allow me to specify the exact code), I return a "505" which is an ill defined return code -- indicating that I may not know what I'm doing. "550" is popular. In any case the leading "5" indicates that this is the end of the line for the message. My rejection message also returns a cryptic string that I can recognize if a legit message is rejected and the rejection is brought to my attention. The most important part is that it is a machine generated (not touched by a human, cannot be negotiated or social engineered) "dead end", that the sending server can report to its user.

If you have a commercial hosting account, you probably have access to eMail "Filters". "cPanel" is a popular host account management program. You may have access to the filters through cPanel or, if you use webmail, the filters may be accessible through that portal.

There are some commercial filters than can be enabled, often for an additional hosting fee. These services have "honey pots" scattered about that attempt to attract spam and catalog it. Any messages sent to you that match a catalog entry are discarded. (For example: IP address x.x.x.x is spewing spam or Trojans today -- block any mail from this address)

Email messages have two main parts: Header and Body. Body is the text that you want to read and the Header is made up of lines used by and added by the various servers that touched the message. "To", "From" and "Subject" would be the most obvious and important entries for the recipient. Your received message has been through a gaggle of servers until it arrives at the delivering server. The delivering server would be your mail account hosting server. It is customary that a server add a line(s) to the top of the header, indicating that it has touched the message, along with a time stamp and probably some IP address information. The rules for these messages are lax. It's a giggle to me that some of the worst spam has Header messages indicating that this message has been blessed by anti-spam program XXYZ. Servers can also remove Header lines. The most trustworthy line is the top line that has been added by your own delivery server. The others can  easily be faked.

I don't use commercial filters, I'm too cheap. While building my filters, I'll pick through a few headers for messages that slipped through -- looking for features that I can recognize in a filter. This could be a keyword in the subject line ("Dr Oz", "Oprah", etc.), a domain ("*.ru"), or IP address. In a few cases I think that a gang of spammers are using the same software because I'll notice a characteristic string in their headers. This could be part of a quality control scheme that would allow them to identify the list that they can edit to remove my address because of the bounce.


Jump to


Protected Feature Before you can reply to a message...
You must first register for a Remote Central user account - it's fast and free! Or, if you already have an account, please login now.

Please read the following: Unsolicited commercial advertisements are absolutely not permitted on this forum. Other private buy & sell messages should be posted to our Marketplace. For information on how to advertise your service or product click here. Remote Central reserves the right to remove or modify any post that is deemed inappropriate.

Hosting Services by ipHouse