Full Disclosure mailing list archives
Re: WAS: Re: RE: Spamcop automated reporting script...
From: VTLinux () coldrain net
Date: Thu, 10 Nov 2005 15:51:24 -0500 (EST)
Hi Bart, Sorry but you missed a few points. The mail you would forward will be sorted so that only one email goes back to the source. Next the source will lose its domain registration if they do not follow the ICANN rules, which is most spammers. In general, they do not tell the truth nor do they behave responsibly. Packet shaping and forgery have no relationship to this. The experience so far is that no one gets it the first time around and very few of them after some effort. It is not like any current approach, so don't feel bad. It is a very good idea, once it's understood. There is no real increase in mail from KnujOn, but the decrease in spam received has been proven in alpha testing. Your filter, we'll take it from there. cheers, bob On Thu, 10 Nov 2005, Bart Lansing wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bob, took a little trip to KnujOn, and have a comment or two...From the site, with comments parenthetically inserted inline:_________________________ I already have a spam filter/blocker, why do I need KnujOn? Filters and blockers stop spam from reaching mailboxes but do not actually stop the flow of spam. The messages pile up and must be reviewed and deleted. Would it not be nice to just dump all the messages in a program and have them returned to the sender? (Collecting and bouncing back all of the spam certainly does not block the flow of Spam either...in fact, you just doubled the traffic and if the actual sender is a bot'd machine, all you are doing is needlessly conjesting the 'net and not doing anything to the spammer.) How is KnujOn different from current anti-spam programs? Filters and blockers search emails for keywords and other content that flag messages as possible junk mail and then divert the email to a quarantine area for review or deletion. KnujOn takes junk email and returns it to the sender. (Sooooooooooooo, you have.a bounceback routine when you find a forged sender....see above....returning to sender is bad, Bob. A better approach would be traffic shaping, which of course is already being done elsewhere by others, which throttles the spam and forces it to time out. Of course, just nuking the stuff before it hits the mail gateways is a tried and true approach as well) What does KnujOn do? KnujOn has a special algorithm that finds out where the email is really coming from and then returns the email to the sender. KunjOn also collects information about junk mailers and detects fraudulent Internet activity, alerting possible victims before damage is done. (So, you use the same [or similar] algortithm that has been employed by Spamcop and Co. for some time now to validate the header information and then, when you find a forged sender, you clog the internet with useless bouncebacks to machines that are likely not owned by the spammer you want to harm.) ___________________________ Looks to me like a) nothing new from a technology perspective, b) something we would NOT want to see done vis-a-vis rampant bouncebacks, and c) something that does nothing like SpamCop does to inform ISPs and other interested parties of the spam that is occuring. In short, IMHO, this is a bad idea. Cheers Bart On Thu, 10 Nov 2005 06:35:23 -0800 bruen () coldrain net wrote:If you would like an alternative, you can sign up for a beta test at www.KnujOn.com. All you will have to do is forward your spam to anemail address which you will be given. Everything else is taken care of.The signup is free and easy but limited. Click the Personal tab... cheers, bob On Thu, 10 Nov 2005, Aditya Deshmukh wrote:Has anyone got a automated spamcop reporting script? Thanks in advance if you can send in .txt format preferably offlist.I hit the send before I could explain what I wanted to do... I have a spamcop account - and I managed to get the spamcop Url with the reportID to a file using fetchmail + grep Combination. But there is some thing I cannot get working with the Spamcop spam submission form used to complete the spam Reporting. Has anyone made something like this before ?_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.4 wkYEARECAAYFAkNzbocACgkQfw4CJpLBxON27ACfXqaV3eHVQaE7M6NfJAEmTeWLaMQA oLtdPV5aAyBILH77oJuTrKQuiFbE =34E4 -----END PGP SIGNATURE----- Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485
-- Dr. Robert Bruen Cold Rain Technologies http://coldrain.net +1.802.579.6288 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- WAS: Re: RE: Spamcop automated reporting script... Bart Lansing (Nov 10)
- Re: WAS: Re: RE: Spamcop automated reporting script... VTLinux (Nov 10)