E-mail Scam, Addressess being collected of mailing list
::Advice Requested
Mike Meyer
mwm-dated-1050764645.65f0b1 at mired.org
Mon Apr 14 08:04:07 PDT 2003
In <200304140814.50253.will at unfoldings.net>, Willie Viljoen <will at unfoldings.net> typed:
> If spamasassin doesn't work, another approach I have found is whitelisting.
> Go googling for tools to do this automatically. I am too lazy, so I use
> spamassassin, but some have had success with whitelisting mailing lists
> they want by hand, and letting the rest come through with a challenge
> response authentication method, ie:
I recommend tmda as a whitelist tool. It's in the ports tree.
> The problem with this method is that it will also eventually be overcome, as
> spammers install transport filters on their servers that detect this and
> send a reply.
The problem with *any* method is that it will eventually be
overcome. Bayesian filtering means you can use one tool that will
adopt to changing attacks, but spam will still get through until the
filter adopts. I've as yet to see spam that was auto-replied for the
confirmation. In fact, the only spam I get that isn't from a
whitelisted list is the nigerian bank account scam, which is the only
spam I know of that requires a valid reply address to start with.
FWIW, spammers don't use "their" servers any more. They break into
other peoples computers to use. It's the only way they can deal with
servers at large ISPs that shut them off after so many messages. They
switch IPs almost instantly after the connection is shut down. That's
also how the beat blacklisting IP addresses.
<mike
--
Mike Meyer <mwm at mired.org> http://www.mired.org/consulting.html
Independent Network/Unix/Perforce consultant, email for more information.
More information about the freebsd-questions
mailing list