hats off to Project Honey Pot...
it sounds like PHP is doing a great job...& spammers must be sentenced at par with Drug Mafias...Life without a parole & PC...!
A group opposed to spam is taking a novel approach to fighting the scourge by using a mountain of data and a $1bn lawsuit to go after email harvesters who make possible all those penis-enlargement solicitations in the first place. The complaint, filed by Project Honey Pot on behalf of tens of thousands of members in more than …
If there have not been harvesting bots so far, there will be now. Perhaps its time that the ISP industry started to take botnets seriously, and routinely fenced off users who were found to be infected.
Remotely detecting infection is an interesting problem, but there should be a few giveaways - like when a stream of spam or a DDOS attack starts...
I had thought of writing a script that extracts the top level domain name for the links embedded in spam emails. The script would then do a "Who Is" on that domain name and the result would be parsed for the registrants email address. The spam email would then be forwarded to that email address. A nice little add on for Thunderbird perhaps?
The drawback of this is if everyone who is spammed used this method, then a lot of mail servers would likely fall over under the strain. And there is no guarantee that the domain registrant ever uses the email address specified in his/her domain registration. Is it not a good idea in principle though, targeting the sellers of the product being advertised as well as the actual spammers themselves?
It is easy enough to deal with those spam mails that specify product in title.. calais, viagra, casino, anatrim etc, etc. A mail filter will happily delete these from the mail server without even downloading them. But the obfuscation of title is frustrating and harder to deal with.
And yes it is time for ISPs to act. A simple behaviour based rules gateway/firewall could do a lot to cut down spam and botnets.
The only way (that I can see) to bring the purveyors of finest quality spam down is to hit the only part you can really find, trash their servers and increase the cost of them doing business.
Hell they want people to log on and buy their goods - everybody should.
1) Never click on the link in the email - cut and paste the address into a browser.
2) Order 3 or 4 tons of pharmaceutical enhancements.
3) Put in dummy address and credit card number.
None of the spam sites that I have seen do a real-time credit card check so the more dummy orders they get the more time is wasted as each one has to be manually checked and updated. The more realistic an address looks the more chance there is of somebody wasting time trying to process an order.
BTW - Credit card numbers are Mod10
Biting the hand that feeds IT © 1998–2020