any of you IT bods out there recommend anything about Spam; have my own domain and e-mails but over the last week I think I am being targetted by a spammer

Pretty sure that its only source as the e-mail styles are very familiar; using PC-Cillin for my anti-virus/spam/firewall

They are being picked up and just about to create an auto-rule in outlook to move and mark as read to a subfolder but is there anything i can do to stop them?

At the mo its around 5 a day but I have heard horror stories

I think Keith might be along with some figures....

any of you IT bods out there recommend anything about Spam; have my own domain and e-mails but over the last week I think I am being targetted by a spammer

Pretty sure that its only source as the e-mail styles are very familiar; using PC-Cillin for my anti-virus/spam/firewall

They are being picked up and just about to create an auto-rule in outlook to move and mark as read to a subfolder but is there anything i can do to stop them?

At the mo its around 5 a day but I have heard horror stories

Mine run through 'Spam assassin' on the host server and are decreasing all the time, I went from 50 per day down to just one or two per day now, as 'Spam assassin' gradually learnt from me what was spam and what was not spam.
New stuff still gets through though, it's a bit of a losing battle I'm afraid.
Masking my email adresses on each website has helped, as has just having one contact page on each site with just one masked email address rather than an email link on each page. Now I link each and every reference to contact me back to the one contact page. We live and learn.

Mine run through 'Spam assassin' on the host server and are decreasing all the time, I went from 50 per day down to just one or two per day now, as 'Spam assassin' gradually learnt from me what was spam and what was not spam.
New stuff still gets through though, it's a bit of a losing battle I'm afraid.
Masking my email adresses on each website has helped, as has just having one contact page on each site with just one masked email address rather than an email link on each page. Now I link each and every reference to contact me back to the one contact page. We live and learn.

that makes me think; maybe its another e-mail being redirected which is the spam source

that makes me think; maybe its another e-mail being redirected which is the spam source

Have you viewed the source on the email to see where it's coming from?

Have you viewed the source on the email to see where it's coming from?

what do you mean the e-mail address? They are all random

any of you IT bods out there recommend anything about Spam;

I've encountered it once or twice...

have my own domain and e-mails but over the last week I think I am being targetted by a spammer

That happens. We had a serious attack against bsac.com the other week. Thousands upon thousands of attempts to get a message through - a so-called "dictionary attack". Some of them would have made it, too, if only Spammy had bothered to send his mails to the right server...

Pretty sure that its only source as the e-mail styles are very familiar;

You'll usually get the same thing sent to gazillions of addresses. It's a bulk-mailer; the text will be almost identical in every case (just on or two fields set for each mail).

using PC-Cillin for my anti-virus/spam/firewall

Then you're dealing with the problem in the wrong place. If your server has already accepted the mail, the damage is done.

How is your domain hosted?

They are being picked up and just about to create an auto-rule in outlook to move and mark as read to a subfolder but is there anything i can do to stop them?

I use ClamAV and SpamAssassin on the server. That gets rid of most stuff. I also have custom procmail rules for anything that slips by them, although they don't get invoked very often these days.

But the single most effective thing you can do is to convince everyone just how important it is to keep their systems clean. Almost all spam is sent[1] from compromised computers belonging to ordinary people. Your granny is possibly a major purveyor of spam, even though she doesn't know what spam is.

The fewer machines that are available to send spam, the more costly it will be for the spammers. At the moment, it's almost free for them, and they make *millions*. It's not hard to see why there's so much spam about...

At the mo its around 5 a day but I have heard horror stories

You're several orders of magnitude below what many people get. Annoying, isn't it?

Vic.


[1] Specifically, compromised machines often *appear* to send spam. The data is often transferred from a cheap data pipe somewhere in BlackHat-land, but that machine claims to be a machine on a network with a much better reputation. The compromised machine responds as if it had actually sent the data. In this way, a cheap, dirty pipe can be used, and it's much harder for the SysAds on the "good" network to do much about it, because the bytes in question didn't actually come from their network...

any of you IT bods out there recommend anything about Spam; have my own domain and e-mails but over the last week I think I am being targetted by a spammer

Pretty sure that its only source as the e-mail styles are very familiar; using PC-Cillin for my anti-virus/spam/firewall

They are being picked up and just about to create an auto-rule in outlook to move and mark as read to a subfolder but is there anything i can do to stop them?

At the mo its around 5 a day but I have heard horror storiesOnly 5 a day? Luxury! :D To my personal domains it's >1,000 per day, the attached graphic is from @bsac.com over the last month, currently around 100,000 per day but it did peak at near 0.25 million per day. So yes, it could be worse for you! :rolleyes:

What can you do about it? Well you can't stop them being sent, but you can stop many of them even reaching you. One of your problems will be what we call "Joe Jobs", that's where they just send fred@, joe@, dog@ spam to your domain, they are the easiest to get rid of.

If you have your own domain you should have control, what you will have is a 'catch all' filter to send godknowswhat@ to you email account. Get rid of it, only use and accept named thisisreal@ type emails. For the catch all your ISP should have what's called a black hole, ask them about it, you then divert your catch all to the black hole.

That will stop a lot of them even reaching you, for those that do I recommend MailWasher, I've used that for years and it does a good job.

HTH

Keith L

Have you viewed the source on the email to see where it's coming from?China - and that guess will be 75% correct even without looking :)

K

in amongst the stuff I dont understand there Vic thanks for the help

my domain is hosted by 123-reg.co.uk should I get hold of them then?

Autorule is dealing with it but trouble is that is dumping bank stuff, bills and even the club e-mail list :)

Only 5 a day? Luxury! :D To my personal domains it's >1,000 per day, the attached graphic is from @bsac.com over the last month, currently around 100,000 per day but it did peak at near 0.25 million per day. So yes, it could be worse for you! :rolleyes:

What can you do about it? Well you can't stop them being sent, but you can stop many of them even reaching you. One of your problems will be what we call "Joe Jobs", that's where they just send fred@, joe@, dog@ spam to your domain, they are the easiest to get rid of.

If you have your own domain you should have control, what you will have is a 'catch all' filter to send godknowswhat@ to you email account. Get rid of it, only use and accept named thisisreal@ type emails. For the catch all your ISP should have what's called a black hole, ask them about it, you then divert your catch all to the black hole.

That will stop a lot of them even reaching you, for those that do I recommend MailWasher, I've used that for years and it does a good job.

HTH

Keith L


bloody hell I think I must have been lucky all these years! OK as I am super ignorant can you do the domain control bit again? Do I have to name ALL of my contacts; that would take ages! Not to mention people have multiple e-mail addresses or new contacts/mates being filtered out

Only 5 a day? Luxury! :D To my personal domains it's >1,000 per day, the attached graphic is from @bsac.com over the last month, currently around 100,000 per day but it did peak at near 0.25 million per day. So yes, it could be worse for you! :rolleyes:

What can you do about it? Well you can't stop them being sent, but you can stop many of them even reaching you. One of your problems will be what we call "Joe Jobs", that's where they just send fred@, joe@, dog@ spam to your domain, they are the easiest to get rid of.

If you have your own domain you should have control, what you will have is a 'catch all' filter to send godknowswhat@ to you email account. Get rid of it, only use and accept named thisisreal@ type emails. For the catch all your ISP should have what's called a black hole, ask them about it, you then divert your catch all to the black hole.

That will stop a lot of them even reaching you, for those that do I recommend MailWasher, I've used that for years and it does a good job.

HTH

Keith L

All my domains are hosted on a plesk server which has this lovely little feature. Now only one email address works on each of my domains, all the rest such as sales@ and info@ are treated as 'non existent users' and as such don't even reach me. :D
I dread to think how much spam I'd be getting if it weren't for features such as this.

All my domains are hosted on a plesk server which has this lovely little feature. Now only one email address works on each of my domains, all the rest such as sales@ and info@ are treated as 'non existent users' and as such don't even reach me. :D
I dread to think how much spam I'd be getting if it weren't for features such as this.
I only get emails for addresses I've set up all the rest just disapear not even a delivery failure :)

bloody hell I think I must have been lucky all these years! OK as I am super ignorant can you do the domain control bit again? Do I have to name ALL of my contacts; that would take ages! Not to mention people have multiple e-mail addresses or new contacts/mates being filtered outNo, it's your inbound address rules that you change. You only allow emails to iusethis@, igaveoutthis@, myprivateone@ email addresses, you bin everything else. That gets rid of the Joe Job/Dictionary attacks.

HTH

Keith L

No, it's your inbound address rules that you change. You only allow emails to iusethis@, igaveoutthis@, myprivateone@ email addresses, you bin everything else. That gets rid of the Joe Job/Dictionary attacks.

HTH

Keith L

cheers that makes sense; obviously I wont repeat the e-mail thing here ;)

EDIT: Hmmmm; they all appear in the 'To:' box to be sending to my e-mail rather than bcc

I only get emails for addresses I've set up all the rest just disapear not even a delivery failure :)NEVER send back NDR's (Non Delivery Reports) -

It allows people to fish for real ones
It wastes bandwidth
You can be used as a mailbomb by somebody using a faked addressNDR's are more trouble than they are worth, turn them off!

K

I only get emails for addresses I've set up all the rest just disapear not even a delivery failure :)

Each new domain is set up as a 'catch all' until I added the first user which I set as the only user and then set non existent users to delete everything from the server.
If I need another user I just add one, or add an alias to an existing user.
It seems to work. so far..... [fx: theme music from jaws] :D

China - and that guess will be 75% correct even without looking :)I've been getting spam in Portugese from South America for years, grief knows what they are trying to sell me, and more recently in Japanese.

My filters at Combro pull out 3000 a day on non-existant ids, bradly@combro.co.uk and such, and the textual filters another 100 but we still get a dozen or so through. Normally these are the ones that are so corrupted there isn't any clue what it was selling or infecting so it's a bit hard to add them to the killfile.

The best one was one pretending to be from my ISP, warning me to run a particular download to solve a problem they had detected. It was clearly writen by a bot based on my domain name and was signed by the 'nigelhewitt.net' support team.
I did laugh.

cheers that makes sense; obviously I wont repeat the e-mail thing here ;)

EDIT: Hmmmm; they all appear in the 'To:' box to be sending to my e-mail rather than bccIt's not a Joe Job then, and you have a problem :) I'd recommend Mailwasher on the local machine.

K

ok given the hosting is by a commercial company I can either pay for their 'e-mail protection' (sounds like a fat Italian will take over looking after my mail) for £8.50; they claim to use some software called 'Authentium' on the servers; the hosting/domain renewal is with 123-reg. To be honest I think this should be included for free :mad: :mad:

Otherwise does Spam Assasin run locally?

Final question (sorry not IT fessed up like you system guys) if I use Mailwasher is it something which deals with the problem after it occurs; ie like my current firewall/antivirus/spamprotector??

Only noticed because just got another one this time trying to flog me cheap WinXP stuff; didnt get picked up as spam :(

ok given the hosting is by a commercial company I can either pay for their 'e-mail protection' (sounds like a fat Italian will take over looking after my mail) for £8.50; they claim to use some software called 'Authentium' on the servers; the hosting/domain renewal is with 123-reg. To be honest I think this should be included for free :mad: :mad:

Otherwise does Spam Assasin run locally?

Final question (sorry not IT fessed up like you system guys) if I use Mailwasher is it something which deals with the problem after it occurs; ie like my current firewall/antivirus/spamprotector??

Only noticed because just got another one this time trying to flog me cheap WinXP stuff; didnt get picked up as spam :(£8.50 is a good deal IMHO. If you want a free server side (ISP) one then sign up for a free Wandoo account, they have a good one running which simply puts '*** SPAM ***' at the start of each message, very easy to filter.

Spam Assasin is a Linux server process, you wont want to run that locally ;)

All of the other solutions deal with the problem after you've got the email and it's on your machine. Have you set up your local spamprotector? Because if you have it sounds like it's not much cop :)

K

£8.50 is a good deal IMHO. If you want a free server side (ISP) one then sign up for a free Wandoo account, they have a good one running which simply puts '*** SPAM ***' at the start of each message, very easy to filter.

Spam Assasin is a Linux server process, you wont want to run that locally ;)

All of the other solutions deal with the problem after you've got the email and it's on your machine. Have you set up your local spamprotector? Because if you have it sounds like it's not much cop :)

K

yes and all it does it say SPAM: at the beginning of each one; then I am autorule moving it

More worried if it rises to the levels I hear from you lot; will ask the domain hoster about their product by e-mail and if I get my money back if some get through

yes and all it does it say SPAM: at the beginning of each one; then I am autorule moving it

More worried if it rises to the levels I hear from you lot; will ask the domain hoster about their product by e-mail and if I get my money back if some get through

Money back?
Now there's an interesting concept. :D

Money back?
Now there's an interesting concept. :D

whats the point in paying someone to protect my mailbox if it doesnt do what it says on the tin?

whats the point in paying someone to protect my mailbox if it doesnt do what it says on the tin?

Indeed. I was just being cynical. :) I can't help myself sometimes. It's my age. :D

I've found that the work I've done myself with SpamAssassin on my domain server seems to be having more effect recently than anything my ISP is doing (if they're doing anything at all).
With the proper setup you can control it yourself (mostly). I guess it depends what you're paying for the hosting with 123-reg.
Keith says it sounds like good value at £8.50 and I'm pretty sure he knows exactly what he's talking about.
When you say £8.50 is that for the whole year?

Indeed. I was just being cynical. :) I can't help myself sometimes. It's my age. :D

I've found that the work I've done myself with SpamAssassin on my domain server seems to be having more effect recently than anything my ISP is doing (if they're doing anything at all).
With the proper setup you can control it yourself (mostly). I guess it depends what you're paying for the hosting with 123-reg.
Keith says it sounds like good value at £8.50 and I'm pretty sure he knows exactly what he's talking about.
When you say £8.50 is that for the whole year?

i think for the whole year; which is something i would be willing to pay for but and this is the big but if I get one sodding spam then I will be asking for my money back :D :D

otherwise what is the point? I know how to right click/delete

i think for the whole year; which is something i would be willing to pay for but and this is the big but if I get one sodding spam then I will be asking for my money back :D :D

otherwise what is the point? I know how to right click/deleteYou must find the real world such a disapointment.
You expect perfection for £8.50 or a refund?

i think for the whole year; which is something i would be willing to pay for but and this is the big but if I get one sodding spam then I will be asking for my money back :D :D

otherwise what is the point? I know how to right click/delete

Sheesh. Not even one? I'd read the small print then, I doubt if anyone could stop all the spam, and I expect no-one would say they could, otherwise we'd all be running it, and someone would be a very rich person indeed. :D

Actually there is a way you can stop all the spam. Forever.
There's a small button next to the plug socket where you plug in your computer.....
Found it? Turn it to the 'off' position and hey presto, no spam. Forever.
That will be £8.50 please. :cool:

Please note our disclaimer:
"Should you decide to turn the button back to the on position, we cannot accept any responsibility for any further spam appearing on your computer". This message will self destruct in five seconds".

Sheesh. Not even one? I'd read the small print then, I doubt if anyone could stop all the spam, and I expect no-one would say they could, otherwise we'd all be running it, and someone would be a very rich person indeed. :D

Actually there is a way you can stop all the spam. Forever.
There's a small button next to the plug socket where you plug in your computer.....
Found it? Turn it to the 'off' position and hey presto, no spam. Forever.
That will be £8.50 please. :cool:

Please note our disclaimer:
"Should you decide to turn the button back to the on position, we cannot accept any responsibility for any further spam appearing on your computer". This message will self destruct in five seconds".


very funny :D :D

OK will just live with it for the mo

thanks for help and explanations everyone; as I said never been in this position before

i think for the whole year; which is something i would be willing to pay for but and this is the big but if I get one sodding spam then I will be asking for my money back :D :D otherwise what is the point? I know how to right click/deleteDon't want much do you - a dirt cheap domain name and a 100% effective spam filter thrown in! :rolleyes: In this area you get what you pay for, pay peanuts and you get monkeys, the free services are worth every penny that you pay for them IMHO :)

It depends how much your time frustration is worth, if it's not worth < £10 for a commercial service then fine, just put up with it. Spam costs time and/or money, it's as simple as that. The BSAC has to pay a damn sight more than £8.50 per annum to protect its staff and volunteers, but it's worth every penny. If we didn't pay that our server would grind to a halt, we'd pay more than that for bandwidth just to receive the junk, our HQ staff and volunteers would waste hours and hours having to deal with it manually.

It really does depend on the scale of and your needs.

Keith L

£8.50 is a good deal IMHO.

Depends on what you get for your money. £8.50 is not a lot of money. I would expect to get not a lot of service for it...

Spam Assasin is a Linux server process, you wont want to run that locally ;)

SpamAssassin is a Perl application. You *could* run it locally - but if you need me to tell you that, it's probably best you don't...

Vic.

very funny :D :D

OK will just live with it for the mo

thanks for help and explanations everyone; as I said never been in this position before

Well if you can get to a SpamAssassin setup then you can teach it to spot spam/nospam that is specific to you, it uses a system called Bayesian (http://en.wikipedia.org/wiki/Bayesian_filtering) filtering, where it collects keywords that are specific to spam, or specific to no spam, after a while it picks up all of the older spam and some of the new spam, under the rules it has for identifying spam. If I get one new spam, I tell SpamAssassin that it's spam, and that's the last I hear of it, I don't get that particular spam ever again. Bob the Fish T' shirts were coming through thick and fast at one point last year, I added it to SpamAssassin and I now haven't seen Bob the Fish for at least three months. Similar stories for Viagra, Cialis, WinXP, and Rolex watches and those bl##dy 'Re:[8]' emails.

Have you masked all the email addresses on your web sites? That seems to work pretty well too.

I'm sorry to go on about this, but it's been a real bugbear for me, having learned the hard way.
Five spam emails a day at the moment is pretty small, but that's not saying what the future holds for you. :eek:

if I get one sodding spam then I will be asking for my money back :D :D

otherwise what is the point? I know how to right click/delete

You won't get a filter that blocks every single spam without *dire* consequences.

The only way to know for sure whether a mail is spam or not is for you to read it and take a decision; even then, your opinion might change from day to day.

There exists a grey area where a mail might or might not be spam; the size of that area depends on your filtering software and how well you've trained it, but it will always be there.

Now - do you ditch every mail that falls into that area (and lose legitimate mail) or do you accept it (and therefore accept some spam)?

Vic.

Masking my email adresses on each website has helped, as has just having one contact page on each site

The most effective thing I've done is to run lots and lots of aliases. I currently have about 250 email addresses - all going to the same inbox.

The idea behind this is that I can hand out a unique email address every time I want someone to contact me; if this address gets spammed, I know who leaked the address[1], and I can shut it down within a few seconds. No more spam to that addy...

Vic.

[1] Address leaks come in two flavours: either someone's machine gets compromised and the address book (etc.) are raided by the malware, or else someone passes on an address I've given them to someone else. Just see how tetchy I get if someone does that...

Vic/Andy

thanks guys didnt know jack about spam as I never had it and always had my filters turned on.

Andy,
Spam Assasin sounds great but problem is I dont host the server 123-reg do that so the odds are using their product or nowt. Dont know what masked e-mails are but assume you mean if my mail is published somewhere its not in a form which shows the actual e-mail address; just something else

Vic,
I will do something about it

Tricks that have helped me without splashing out on that hard earned cash.

Those with websites - if you are giving your e-mail address "mailto:me@1234.co.uk" then the spam bots will grab that.
I use another form of "at" in the stated address and that has kept me free of spam although you lose the nice trick of clicking the e-mail address and having the e-mail application fire up on the client side.
If you have CGI on the server you can use the "Hidden" method in your forms to have emails sent to you without revealing your email address.

Those on MS Express can go to "tools" and select "block senders" (although it only allows 50 different address blockings) - and/or "create rules" such as anything with "$$$" notation or "Viagra" in the subject and/or body of the text will be sent to your rubbish bin or other such folder. Thats my favourite.

When downloading e-mails - as soon as its done I also break the connection just in case one tries to report back that it succeeded in getting through.
Yes - I do have an up-to-date firewall and Anti virus. You must have both of these if your on-line.

I have dropped my previous hosting co's and was receiving no spam after the switch some three or four month back.

The other challenge I now have with the Forums is that since joining the new BSAC Forum - NOT BSAC's fault, and quite possibly by pure coincidence I have suddenly started receiving spam too.
Average of 8 a day - this said it used to be 150 per day.

Try some of the above simple measures which your PC offers and see how you fair. :)

Hope the above simple measures help all but to everyone else that's savy out there what is the ultimate software protection you can buy?
Most anti spam software appears to simply take the spam and trash it.
Why can't the ISP's block spammers from reaching our In-Boxes???
They know the addresses :mad:

Vic/Andy

thanks guys didnt know jack about spam as I never had it and always had my filters turned on.

Andy,
Spam Assasin sounds great but problem is I dont host the server 123-reg do that so the odds are using their product or nowt. Dont know what masked e-mails are but assume you mean if my mail is published somewhere its not in a form which shows the actual e-mail address; just something else


These email harvesting bots recognise the word mailto: or the @ symbol on a web page, and harvest the text to get the email address.
Masked email addresses are just that, you can either write it like this:
rick(at)bsac.com, which most people can work out, but they have to type it into their email browser, so it doesn't work as a link from a webpage.
Or you can make a picture which has your email address in it like this (http://www.diveinstruct.org.uk/email/email.gif).
But if you write html code to make the picture into an email link, then the bots can still harvest it, so it also doesn't work as a link.
Or you can go here (http://www.bris.ac.uk/is/services/computers/nwservices/mail/hidden-mailto.html) and write in your email address, click the button, then add the resulting code to your web page, remembering to change the visible text on the web page from your email address to a word or words such as click here to email me which works really well for me on my web pages. Well it does at the moment.... There is no mailto: or @ symbol as they're changed into hexadecimal code which the bots can't read, well not yet anyway.
Apparently there are other ways too, but I don't know how they work.

I think the best way is to have a combination of as many ways as possible to either stop it at source, or deal with it before/when it comes in. Free methods do work a bit, but ultimately you have to pay somewhere along the way.

I have a reseller account (£350.00 per year) which is easily paid for by the four commercial sites which I host for other people. This means I can host other sites for free, like my own business site and Dive Instruct (http://www.diveinstruct.org.uk/) and the Force Z Survivors Association (http://www.forcez-survivors.org.uk/).
It also means I get to play with the tools that go with it, like SpamAssassin. And as a hobby web monkey I get to play with things I don't fully understand. :eek: So far I haven't broken anything..... :D

Why can't the ISP's block spammers from reaching our In-Boxes???
They know the addresses :mad:

This is something that gets me quite annoyed, all these computer experts out there and we're still getting bl##dy spam. It's so annoying!
Can't they make a 'PC bomb' to blow up the spammers PC?
Or better still, send the boys around. :eek:
Frankly, hanging's too good for them. :D

I think the best way is to have a combination of as many ways as possible to either stop it at source

The *only* way to stop Spam is to make it unviable to be a spammer.

At present there is just too much money in it - look, for example, at Jeremy Jaynes. He got 9 years for spamming last year - but was reckoned to have a net worth of $24 million. So if you divvy that out between 3 years of spamming and 9 years of porridge, he could still be said to have salted away an average $2 million per year - and that's after paying all his expenses.

It costs almost nothing to send spam - there are so many compromised computers available to do the work for you. If that number were dramatically reduced, it would be less profitable to be a spammer - and it would also be easier to isolate them. Yet most computer owners do nothing about the security of their machines until they get hit so badly that they are forced to clean them up.

I have a reseller account (£350.00 per year)

I have a dodgy old PC on the end of an ADSL line..

You learn loads more when you have to build it all yourself :-)

Vic.

Yes - I do have an up-to-date firewall and Anti virus. You must have both of these if your on-line.

I have a firewall to separate my internal LAN services from my external offerings. I don't have anti-virus (although I've thought about it a couple of times).

I've never had any malware on my computers...

Hope the above simple measures help all but to everyone else that's savy out there what is the ultimate software protection you can buy?

Using a computer with an effective security system. Works for me...

Most anti spam software appears to simply take the spam and trash it.

If you accept the mail at the server, there's nothing else you can do. All the information about who it came from has already been lost. You cannot return it to anyone, because there is no-one to return it to...

Why can't the ISP's block spammers from reaching our In-Boxes???

Several reasons.

Firstly, it's way too expensive. When you count the number of mails an ISP handles, the number is often in the billions per day category. If each one is individually checked, that's a whole load of server power tied up checking those mails. Someone's got to pay for that - both the capital cost of the computers, and the electricity to run them / cool them. Yet most people choose their ISP based on cost...

Secondly, there needs to be a firm definition of what spam is; to date, there is no such definition. Remember that, although you might be able to define it for yourself, you actually need a definition that's acceptable to every customer of an ISP. This is not an easy task, and you're bound to upset someone.

Thirdly, there is no motivation for most ISPs to do this. They will gain nothing by implementing such filters, and could even lose business. It's all very well a few people voting with their feet - but most people just don't. If an ISP does nothing about a spam problem - it probably won't affect them in the slightest. Look at the Spamhaus / SPEWS listings for certain ISPs - they're spammy as you like, but they are still making vast profits.

They know the addresses :mad:

What addresses? The only address in a spam mail that might be legitimate is the "To:" address - and that's you. Even that is often forged.

Every other address you see in a spam (often including, laughably enough, the site/product being spamvertised) will be forged. Such addresses might be the innocent victim of a forgery, or might be something completely made-up. Either way, there's absolutely no point taking any sanctions against the purported sender - that would be the wrong target entirely.

HTH

Vic.

I have a dodgy old PC on the end of an ADSL line..

You learn loads more when you have to build it all yourself :-)

Vic.

That's OK for you, you have a clue.... :D

And, I can only get dial up out here in the sticks :(

Vic's points are well founded - Even in the US, several spammers have been taken to court but then they took an antispam group to court afterwards because they were losing business over it - it wasn't Spamhaus I don't think, but some other group that had created a mass listing of all the spammers as I recall. About two years ago or maybe more. So the picture is sure complicated on this issue of what is regarded as spam.

For me it's unsolicited e-mails inviting me to have breast enlargement when I'm of the male species. Or being offered a million dollars if I agree to handle King tutoos banking arrangements!

One thing I have not quite figured out is how, despite not having the following email adddress! - the folowing emails arrive at my door: salesATfreshwaterdiver buyerAT InfoAT

Vic's points are well founded - Even in the US, several spammers have been taken to court but then they took an antispam group to court afterwards because they were losing business over it - it wasn't Spamhaus I don't think, but some other group that had created a mass listing of all the spammers as I recall. About two years ago or maybe more. So the picture is sure complicated on this issue of what is regarded as spam.

For me it's unsolicited e-mails inviting me to have breast enlargement when I'm of the male species. Or being offered a million dollars if I agree to handle King tutoos banking arrangements!

One thing I have not quite figured out is how, despite not having the following email adddress! - the folowing emails arrive at my door: salesATfreshwaterdiver buyerAT InfoAT
Sound like the catchall is set to send to your main account Paul.

Adrian

This is something that gets me quite annoyed, all these computer experts out there and we're still getting bl##dy spamIt's a war out there Andy. The spammers have their own experts working long into the night to come up with new and more fiendish ways to beat the spam filters. There is unlikely to ever be a 100% effective filter because the attack patterns are dynamic.

It's not even a fair fight because the good guys must comply with the various laws of the land while the bad guys are free to ignore them.

It's a war out there Andy. The spammers have their own experts working long into the night to come up with new and more fiendish ways to beat the spam filters. There is unlikely to ever be a 100% effective filter because the attack patterns are dynamic.

Yep, to see how bad it is have a quick look at this:
http://isc.sans.org/diary.php?storyid=1173