From: "Eric D. Williams" <eric(_at_)infobro(_dot_)com>
...
Barry again inserts (to me) an interesting point on 'spamming' tools e.g.
zombies and robots; introduced by surreptitious or malicious means e.g.
viruses.
Yes, it was an interesting point.
I think there may be evidence, however, that these 'spamming' methods
do use clandestine communications channels to other compromised (or not)
systems to 'peruse' economically unproductive distribution. I still think the
best way to a proof of this is to obtain some code for forensic analysis. If
there is some [code] available I think that would be a valuable activity to
engage. ...
I do not understand that. If you found some code and figured it out,
you would know at most what some spammers may have done in one case.
You would not know what other spammers or the same spammers might do
tomorrow. If you failed to find any such code, you would only know
that you had failed to find such code, and could not conclude anything
about what any spammers did yesterday or will do tomorrow.
I don't see the point of such a forensic analysis. This group is not
trying to convict a crook, fix a cause of death, figure out who did
what to whom, or any of the usual reasons to "[apply] scientific
knowledge to legal problems"
http://www.m-w.com/cgi-bin/dictionary?book=Dictionary&va=forensic
Better is to
- discover the nature of the environment,
Does AOL automatically blacklist IP addresses after a bunch
of bad recipients?
- figure out the resulting pressures on spammers and spamware,
Bad entries in target lists hurt spammers that want to hit AOL.
- predict the results of those pressures,
Spammers will tend to honor 550s if they like hitting AOL.
- check of that prediction.
Do few, some, or many spammers that like hitting AOL honor 550s?
The code I wrote yesterday is related to the code I'll write tomorrow
only by my style and general interests. If I hear of a good idea,
I'm likely to apply it. I often abandon code and ideas that seemed
good yesterday in favor of new code because of new ideas, changing
requirements, or mere boredom. There's no obvious reason why spammers
don't do the same.
Still, if you want spamware, there's plenty available. No great
sleuthing is needed. Ask one of the people in news.admin.net-abuse.email
who spends time talking to spammers for an introduction to the "bulk
barn" and similar forums, and then blandly ask for software, without
mentioning why you want it. I'd probably start by asking
Shiksaa(_at_)spamhaus(_dot_)org(_dot_) Steve Linford might also have some
valuable
pointers. Or check the Spamhaus and Sapient Fridge's spamware sites
listing; see http://www.spamfaq.net/spamfighting.shtml#halls_of_shame
Or look at the ads for spamware you get with
http://groups.google.com/groups?q=spamware+list+group%3A*abuse.email
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg