October 22nd, 2003, 04:55 PM
The most effective way to use those valid domain names, ip addresses and phone numbers which spammers can not afford to not to use or fake. Is to build either Mail Server or Mail Client spam filter which goes like this
ACTION = Reject OR Delete
ITEM = Body (email body field)
FUNCTION= Contains String (Sepate with semi-colon)
FROM NOW ON ANY SPAM EMAIL WHICH CONTAINS THOSE DOMAINS WILL BE AUTOMATICALLY REJECT OR DELETED.
Just imagine if these method would be used in way same way as Anti-virus.
->Scan email body for learned span domain names, ip adddresses and phone numbers
->When found delete or quarantine
->Norton Anti-Spam Updates (Downloads the latest spam domain/IP/Telephone list.
YOU GET THE IDEA!!!
October 22nd, 2003, 08:00 PM
An easy way is for each ISP only allow outgoing mail via their main mail server, all others have to smart relay through it...
ISP's block Port 25 on it's border router except to it's mailserver so only mail leaving an ISP's
own network is filtered through it's Mail server.
This would stop all the SPAM in a matter of days....
My ISP is set up that way.... and there are at least 7 mail servers on my ISP's system
My Mailservers all relay outgoing e-mail via my ISP's main mail server
If a spammer had to do this, it would be real easy to track and
the ISP would see it happening.....
Most spammers use cable or ADSL circuits to do their dirty work....
If the smart relay took off... and ISP's do not want their
regular customers mail blocked... Guess what would happen....
I do like to use a free spam blocking software from www.spampal.us and it
does work well....
SPAM... Breakfast of Jerks!
Franklin Werren at www.bagpipes.net
Yes I do play the Bagpipes!
And learning to Play the Bugle
October 23rd, 2003, 04:58 PM
Good idea. Another thing to think about is that you've set up a spammer honeypot. I think micky05 is on this tip, but s/he didn't make it explicit. The only people who will connect to your fake relay are people who are trying to use open relays. You could write a little scriptie thing that tried to send mail to email@example.com notifying them that they have a probably spammer. Heck, you could keep stats and post to alt.evil.spammers.kill.kill.kill or whatever if an ISP shows a pattern of spamming.
October 23rd, 2003, 05:08 PM
Just an update, I did wind up writing a fake SMTP server; however, I have only posted it to the Addicts forum. So for all you addicts out there, have a looksee, and for you guys that haven't quite made it yet, maybe you'll have something to look forward to
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
October 23rd, 2003, 05:25 PM
The idea is very good, but the problem is that if they check by sending something to themselves it will not get to them, and they will find another server. Although, as stated it will make them waste time and money finding another server, I have an idea. If you read the first 10 emails, or send them to me to read, so that if they are test emails you can allow those to pass so they think the server is up. Then just kill/dump the mail after you have determined which ones are test mails. You could perhaps write a script to tell.
-It is I, me-
October 25th, 2003, 05:14 PM
umm...it's very good idea.