Fighting email spam and anti-UBE pointers

Archive-name: mail/anti-ube-pointer
Posting-Frequency: 2 times a month
Maintainer: Jari Aalto A T cante net

Announcement: "Bounces, Challenge-response systems, MTA, Bayesian tools (article pointer)"

Availability

FAQ archive is at http://www.faqs.org/faqs/

This message is an excerpt from bigger from Procmail Module
Library project's README.html document titled "Procmail
strategies against spam." available at
http://pm-lib.sourceforge.net/

The key points discussed in the document:

- Auto-replying or bouncing is considered a bad tactic
- MTA rejects can be abused and system administrators should
check their setup at least in regard to viruses.
- Challenge-Response system is based on false assumption that sender's
address can be used for authentication. It cannot and thus any C-R
system will contribute nothing else by amplifying the spam problem.

See picture http://pm-lib.sourceforge.net/pic/cr-system-joe-job.png

What should be done then?

- Bayesian tools are non-intrusive, harm no third parties
(in contrast to C-R), are easy to use and provide a good shelter.
- Battery of bayesian tools give even better shield due to
each program using a slightly different algorithm.

Many clarifying pictures are included:

- How address harvesting works
- How viruses should not be treated (at MTA level)
- Challenge-Response based authentication (overview)
- Challenge-Response system causing "Joe-Job"
- How MTA level UBE prevention works
- Procmail with battery of statistical tools

Table of contents:

1.0 Thoughts about increasing spam annoyance
1.1 Bouncing messages do no good
1.2 Rule based systems are not the solution
1.3 Challenge-Response systems make matters worse
1.3.1 Challenge-Response is not a doorbell but a
gun shooting decoys
1.3.2 Questioning Challenge-Response systems implementations
1.3.3 Summary - What are the effects of Challenge-Response
systems
1.4 Spam appearing in your yard - a story

2.0 A lightweight UBE block system with pure procmail
2.1 Suitable for accounts which ...
2.2 Where to put "pure procmail" UBE checks?
2.3 Using Procmail Module Library to fight spam

3.0 A heavyweight UBE blocking system
3.1 Advice for Debian Exim 4 mail system administrator
3.2 Advice for the normal account
3.3 Configuring Bayesian programs
3.4 A heavyweight spam catch setup using procmail

Some terminology

._UBE_ = Unsolicited Bulk Email
._UCE_ = (subset of UBE) Unsolicited Commercial Email

_Spam_ = Spam describes a particular kind of Usenet posting (and
canned spiced ham), but is now often used to describe many kinds of
inappropriate activities, including some email-related events. It
is technically incorrect to use "spam" to describe email abuse,
although attempting to correct the practice would amount to tilting
at windmills.

_Spam_ = definition by Erik Beckjord. "Some people decide that Spam
is anything you decide you want to ban if you can't handle the
intellectual load on a list." Remember, not to be confused with
real spam, which is unwanted bulk mail.

People are nowadays seeking a cure which will stop
or handle UBE. That can be easily done with procmail (under your
control) and with sendmail (by your sysadm). In order to select the
right strategy against UBE messages, you should read this section
and then decide how you will be using your procmail to deal with it.

Re: Fighting email spam and anti-UBE pointers

"Jari" wrote:

Hi "Jari",

Have you been enjoying the Challenge-Response FAQ that
I've been multi-posting all over the Usenet on
staggered schedules? Got it all scripted. Use a cron
job. No work at all.

No, that's not the title I'm using. I use a lot of
different titles and different formats and different
posting names.

The object is to educate people, not attract
spammer-trolls like you and your sock-puppets and
your criminal friends and THEIR sock-puppets to ruin
people's newsgroups.

And just think. If you weren't posting these
disinformation bulletins, I wouldn't be doing that.

Spammers are just not very bright, are they?

You hate Challenge-Response systems because you can't
beat them, and then deliberately provoke people that
are actually fighting spam (rather than trying to get
them to use filters that you know you can beat) into
action.

I hope that everyone reads your headers and notices
that you aren't with any organization at all and are
just someone posting a bunch of links including links to
websites that _you_ have put up.

How convenient.

Get an honest job. I'm sure that you are barely
qualified to scrub toilets someplace.



AC

--
Pass-list --> Block-list --> Challenge-Response
The key to taking control of your mailboxes
http://tinyurl.com/2t5kp

Re: Fighting email spam and anti-UBE pointers

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-23531-1114174310-0004
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Beavis writes:

> Have you been enjoying the Cha *SLAP*

Shaddup, Beavis. Or I tell your mum what you've _REALLY_ been doing with
your pet goat, all these years.

http://www.geocities.com/suhatrasabib/



--=_mimegpg-commodore.email-scan.com-23531-1114174310-0004
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBCaPNmx9p3GYHlUOIRAkWgAJwMWPGfQckOuGEUTrjItQHbIiz53QCc C8Du
x8c3siZE3B6yXwH7SSMKqdw=
=DwsL
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-23531-1114174310-0004--

Re: Fighting email spam and anti-UBE pointers

On Fri, 22 Apr 2005 05:17:45 GMT, Alan Connor wrote:



Bigfoot says you're a naughty monkey.

--
_________________________________________
NetworkElf: Super Genius, Computer Guy, Harley Owner!
Blindly serving the covert purposes of the
criminal-minded maniac behind Spews since 2003.
Certified since 2005.

Proof of spam - was Re: Fighting email spam and anti-UBE pointers

On Fri, 22 Apr 2005, Alan Connor wrote:
> Have you been enjoying the Challenge-Response FAQ that
> I've been multi-posting all over the Usenet on
> staggered schedules? Got it all scripted. Use a cron
> job. No work at all.

A confession of a spammer!

Re: Fighting email spam and anti-UBE pointers

On comp.mail.misc, in , "Alan Connor" wrote:

Oh look! It's "D. Stussy", the spammer's sock puppet.

Heard everything this cretin has to say a long time ago.

He really hates C/R systems because he's a little cowardly
criminal that won't use his real return address on the shit
he sends through the mails, and therefore they are rejected
by C/R systems.

Hey D. Stussy! Don't like C/R systems? You have a number of
options:

1) Sit on it and rotate

2) Write your duly elected representative

3) Eat shit

4) Get an honest job

5) Get a life

5) Kiss my ass

Not reading your posts.

And you can't make me.

And I don't care what you say.



He's been posting the same garbage, under many aliases, for
years, and is too stupid to notice that it's never had
any effect on me at all.

AC

--
alanconnor AT earthlink DOT net
Use your real return address or I'll never know you
even tried to mail me. http://tinyurl.com/2t5kp

~