Koen Martens wrote:
This person is delusional and suffering from various
psychological diseasses, he is not worth the waste of
bandwidth.
Seconded. Unfortunately many users of snake oil like
accuspam / spamarrest / UOL / quikcop / Symantec / ...
just don't know that they are worse than real spammers:
| From: me
| To: x (x and his C/R system ###### munged)
| Subject: SpamCop id:xxx RE: Buy cheap Pharmaceuticals through us! [######]
|
| x wrote:
|
|> Assuming that this is a correct address since my reply
|> addressed it different.
|
| @xyzzy is a catch-all, but the m-e(_at_)munged address also works,
| I only check it less often.
|
|> I disagree that a challenge and response system is mail
|> abuse. Spam is the mail abuse.
|
| And almost all spam comes with forged addresses.
|
|> Worms are mail abuse.
|
| And all worms in the past two years (minus SWEN / Gibe-F)
| forge sender addresses. Now worms are generally stupid, they
| take all addresses found on the infected system, and use these
| addresses both as target but also as forged sender.
|
| Spammers are also stupid, but still smarter than the 50 KB
| of the worm. They use existing domains to evade very simple
| spam filters.
|
| They also use existing local parts, and professional spammers
| use addresses passing simple call-back tests. In other words,
| both worms and spammers use _valid_ addresses.
|
| Therefore C/R systems not protected by a spam filter always
| harass innocent bystanders. Essentially asking arbitrary 3rd
| parties to sort the spam of somebody else (i.e., the spam of
| the paying customer of this C/R snake oil).
|
| I'm a modem user (V.90, remember ?) and get about 1000 bounces
| to forged addresses per day. Plus spam, challenges, vacation +
| out of office stuff, etc.
|
| Maybe some spammers even prefer to forge addresses of known
| "anti-spammers", but probably they simply send as fast and
| as much much as they can, abusing valid addresses.
|
| Therefore simple (= unprotected) C/R systems cannot work, they
| only try to shift the problem to innocent bystanders. "Try to",
| because I won't have it. 99% of my inbound is spam or spam
| related, and I won't "just hit Del".
|
| BTW, in theory you can identify all forgeries for my "domain"
| (= vanity host) xyzzy, my ISP published a sender policy (SPF)
| specifying the IPs allowed to send MAIL FROM *(_at_)*(_dot_)claranet(_dot_)de
|
| In practice any spam filter before your C/R system would be
| already good enough to catch a "Buy cheap Pharmaceuticals".
|
|> I'm guessing that your address was spoofed
|
| Sure. And that's no special case, it's how spam always works.
|
|> We only use email to communicate.
|
| Anything sending mail automatically is no communication, it's
| traffic, and it can be unsolicited and / or abuse. Even my own
| semi-automatical "forward the rest of the junk to SpamCop"
| procedure sometimes hits innocents (I'm not talking about your
| C/R system ;-)
|
|> what I consider legitimate software (and I understand
|> you don't)
|
| Maybe ask some experts in nanae what they think about C/R
| systems. It all depends on the spam filter before these
| systems (or their built-in filter, if they have one). I'm not
| sure about it, but apparently mailblocks.com does a decent job.
|
| UOL is the worst, and spamarrest is on the border to criminal,
| it comes complete with a MLM pyramid scheme. Earthlink's C/R
| system also doesn't work, because they use "brightmail" as a
| filter, and brightmail catches at most 50%.
|
| I've no idea where ########## stands, but obviously they don't
| support SPF.
|
|> If you had just sent me a note, I would have stopped it
|
| Oops, now that's a simple problem: Anything not clearly
| identified as bounce to an unused address forged(_at_)xyzzy goes
| to my "junk" folder. I try to catch some obvious problems
| like "Out of office" stuff, and the rest goes to SpamCop.
|
| So far that's nothing personal, I simply don't have the time
| to open all junk mails. In your case the subject was the
| typical spam subject, so normally I won't open it, and just
| forward it to SC for "quick reporting".
|
| I only see From + Subject + Date in the overview. But the
| added [############] in your subject triggered my interest to
| check this spam manually before reporting it.
|
| And it was one of the numerous "I need your help to sort my
| spam" challenges complete with a spamvertized link to the site
| of the software sending this stuff.
|
| Therefore I reported it "normally": Quick reporting won't
| send a report about the spamvertized ###### site to the uplink
| of ######, but normal SpamCop reports allow this.
|
| I've even added my standard text for erroneous spam challenges
| and bounces mentioning SPF. It's really nothing persoal, I do
| this at least ten times per day.
|
| And apparently you didn't know that almost all spam uses forged
| addresses, so now you know it (or better ask somebody else,
| after all I'm not exactly neutral in this issue... ;-)
|
|> I am just as frustrated as you must be with this subject.
|
| Try some nice filter, SpamAssassin 3.0 will support both SURBL
| and SPF. And / or test the "mailblocks" C/R system, or for
| starters don't ask 3rd parties what they think about a mail
| with subject "Buy cheap Pharmaceuticals through us" claiming
| to be sent from these 3rd parties.
|
| Bye, Frank