SpamBully

[SGB]

Top of the morning to you! Oops! Top of the afternoon, and evening for
everyone else.

I would like to know YOUR opinions about SpamBully by Axaware?

Thanks!

 

[N. Miller]

On Mon, 8 Oct 2007 10:17:05 -0500, SGB wrote:

> Top of the morning to you! Oops! Top of the afternoon, and evening for
> everyone else.
>
> I would like to know YOUR opinions about SpamBully by Axaware?

Found their web site. Their writeup says:

| Punish/Bounce/Report/Challenge - Get back at spammers by increasing their
| costs, returning their spam, and reporting them to the servers they came
| from and the FTC. Email a special password to an unfamiliar sender that
| they must correctly type in before their email is allowed to your Inbox.

99% of the spam flitting about the Internet has forged sender email
addresses. Therefore, 99% of the SpamBully "punishment" will be bullying
innocent victims of forgery. Don't do it.

I you need a Naive Bayesian filter, try one of these:

K9: http://keir.net/k9.html
POPFille: http://popfile.sourceforge.net/

--
Norman
~Shine, bright morning light,
~now in the air the spring is coming.
~Sweet, blowing wind,
~singing down the hills and valleys.

 

[Mike M]

> 99% of the spam flitting about the Internet has forged sender email
> addresses. Therefore, 99% of the SpamBully "punishment" will be
> bullying innocent victims of forgery. Don't do it

I agree 100%. One of my e-mail domains is curently being spoofed in a
spam attack that appears to be originating from two PCs, one in Thailand
and the other in Texas but could well be from another location all
together. I'm currently receiving well in excess of 4,000 bounces and
rejections per hour and this has been going on for some hours now.
Fortunately the vast majority of the bounces and rejections I'm receiving
can be easily filtered on the server since the actual spoofed addresses
used are nearly always non existent accounts.
--
Mike Maltby
mike.maltby@gmail.com


N. Miller <anonymous@msnews.aosake.net> wrote:

> On Mon, 8 Oct 2007 10:17:05 -0500, SGB wrote:
>
>> Top of the morning to you! Oops! Top of the afternoon, and evening
>> for everyone else.
>>
>> I would like to know YOUR opinions about SpamBully by Axaware?
>
> Found their web site. Their writeup says:
>
>> Punish/Bounce/Report/Challenge - Get back at spammers by increasing
>> their costs, returning their spam, and reporting them to the servers
>> they came from and the FTC. Email a special password to an
>> unfamiliar sender that they must correctly type in before their
>> email is allowed to your Inbox.
>
> 99% of the spam flitting about the Internet has forged sender email
> addresses. Therefore, 99% of the SpamBully "punishment" will be
> bullying innocent victims of forgery. Don't do it.
>
> I you need a Naive Bayesian filter, try one of these:
>
> K9: http://keir.net/k9.html
> POPFille: http://popfile.sourceforge.net/

 

[SGB]

Over 4,000!!! Oh my gawd, Mike. I am so sorry your computer has been
invaded. I know how frustrating and aggravating and... it is. :-(

"Mike M" <No_Spam@Corned_Beef.Only> wrote in message
news:OEIBEUdCIHA.4712@TK2MSFTNGP04.phx.gbl...
> > 99% of the spam flitting about the Internet has forged sender email
> > addresses. Therefore, 99% of the SpamBully "punishment" will be
> > bullying innocent victims of forgery. Don't do it
>
> I agree 100%. One of my e-mail domains is curently being spoofed in a
> spam attack that appears to be originating from two PCs, one in Thailand
> and the other in Texas but could well be from another location all
> together. I'm currently receiving well in excess of 4,000 bounces and
> rejections per hour and this has been going on for some hours now.
> Fortunately the vast majority of the bounces and rejections I'm receiving
> can be easily filtered on the server since the actual spoofed addresses
> used are nearly always non existent accounts.
> --
> Mike Maltby
> mike.maltby@gmail.com

 

[Mike M]

Fortunately it's not my computer that's been invaded. What I'm seeing is
the result of someone else's PC having been taken over by a bot and
spewing forth unwanted spam using one of my e-mail domains as the spoofed
"From" address. It looks as if it is dying off now as most of what I am
seeing now is delivery delayed messages. Based on previous experience,
this has happened to me before, there will probably be two or three more
spells of activity before the infected machine(s) get cleaned up and the
spamfest stops.

Cheers,
--
Mike M


SGB <NoEmail@ThisAddress.com> wrote:

> Over 4,000!!! Oh my gawd, Mike. I am so sorry your computer has been
> invaded. I know how frustrating and aggravating and... it is. :-(

 

[webster72n]

You have been 'nuked', 'SpamBully' !!!

 

[Heirloom]

It ain't me, Mike!
Heirloom, old and Texas is a big place

"Mike M" <No_Spam@Corned_Beef.Only> wrote in message
news:OEIBEUdCIHA.4712@TK2MSFTNGP04.phx.gbl...
>> 99% of the spam flitting about the Internet has forged sender email
>> addresses. Therefore, 99% of the SpamBully "punishment" will be
>> bullying innocent victims of forgery. Don't do it
>
> I agree 100%. One of my e-mail domains is curently being spoofed in a
> spam attack that appears to be originating from two PCs, one in Thailand
> and the other in Texas but could well be from another location all
> together. I'm currently receiving well in excess of 4,000 bounces and
> rejections per hour and this has been going on for some hours now.
> Fortunately the vast majority of the bounces and rejections I'm receiving
> can be easily filtered on the server since the actual spoofed addresses
> used are nearly always non existent accounts.
> --
> Mike Maltby
> mike.maltby@gmail.com
>
>
> N. Miller <anonymous@msnews.aosake.net> wrote:
>
>> On Mon, 8 Oct 2007 10:17:05 -0500, SGB wrote:
>>
>>> Top of the morning to you! Oops! Top of the afternoon, and evening
>>> for everyone else.
>>>
>>> I would like to know YOUR opinions about SpamBully by Axaware?
>>
>> Found their web site. Their writeup says:
>>
>>> Punish/Bounce/Report/Challenge - Get back at spammers by increasing
>>> their costs, returning their spam, and reporting them to the servers
>>> they came from and the FTC. Email a special password to an
>>> unfamiliar sender that they must correctly type in before their
>>> email is allowed to your Inbox.
>>
>> 99% of the spam flitting about the Internet has forged sender email
>> addresses. Therefore, 99% of the SpamBully "punishment" will be
>> bullying innocent victims of forgery. Don't do it.
>>
>> I you need a Naive Bayesian filter, try one of these:
>>
>> K9: http://keir.net/k9.html
>> POPFille: http://popfile.sourceforge.net/
>

 

[Mike M]

ROFL!!!!!!!!!!!!!!!

The thought had never even crossed my mind but now that you've mentioned
it I'm going to check any further headers very very carefully and if I
find r74-192-242-63.tyrdcmta02.tylrtx.tl.dh.suddenlink.net you're in real
trouble. I'll have to dig out some very special chilli for you. ))))
--
Mike M


Heirloom <nobodyhome@noplacelike.hom> wrote:

> It ain't me, Mike!
> Heirloom, old and Texas is a big place

 

[N. Miller]

On Mon, 8 Oct 2007 18:59:41 +0100, Mike M wrote:

> I'm currently receiving well in excess of 4,000 bounces and
> rejections per hour...

I wasn't even getting that many in a day when my 'yahoo.com' account was
forged as sender a while back. I saved four MailWasher bounces as ammunition
in debates about phony bounces. They impersonate their ISP's Mailer-DAEMON,
which is usually a TOS violation.

--
Norman
~Shine, bright morning light,
~now in the air the spring is coming.
~Sweet, blowing wind,
~singing down the hills and valleys.

 

[Mike M]

N. Miller <anonymous@msnews.aosake.net> wrote:

> I wasn't even getting that many in a day when my 'yahoo.com' account
> was forged as sender a while back. I saved four MailWasher bounces as
> ammunition in debates about phony bounces. They impersonate their
> ISP's Mailer-DAEMON, which is usually a TOS violation.

At least they have virtually stopped now. I started up this morning to
find just the one "unable to deliver" message so hopefully the machine(s)
involved is now clean or the bot has decided to use someone else's e-mail
domain. I don't use MailWasher, perhaps I should, but instead am using
MagicMail which while not being necessarily as configurable as MailWasher
normally is enough to suit my needs.
--
Mike Maltby
mike.maltby@gmail.com

 

[N. Miller]

On Tue, 9 Oct 2007 12:20:47 +0100, Mike M wrote:

> N. Miller <anonymous@msnews.aosake.net> wrote:

>> I wasn't even getting that many in a day when my 'yahoo.com' account
>> was forged as sender a while back. I saved four MailWasher bounces as
>> ammunition in debates about phony bounces. They impersonate their
>> ISP's Mailer-DAEMON, which is usually a TOS violation.

> At least they have virtually stopped now. I started up this morning to
> find just the one "unable to deliver" message so hopefully the machine(s)
> involved is now clean or the bot has decided to use someone else's e-mail
> domain. I don't use MailWasher, perhaps I should, but instead am using
> MagicMail which while not being necessarily as configurable as MailWasher
> normally is enough to suit my needs.

I just went looking in my MTA log for evidence for a discussion at
DSLReports on spam zombies. Good grief! My log is fast filling with rejected
bounces! The sources of the bounces are, mostly mail hosts apparently
trying to bounce email to non-existent users in my domain. It looks like my
domain is under a forgery attack by some spammer. Hundreds of entries, in
just a few hours, like this:

| T 20071009 110156 470b5d38 Connection from 87.106.82.85
| T 20071009 111033 470b5d38 HELO leladax.de
| T 20071009 111033 470b5d38 MAIL FROM:<>
| T 20071009 111042 470b5d38 RCPT TO:<%Random_non-existant%@aosake.net>
| E 20071009 111042 470b5d38 RCPT from 87.106.82.85 - user <%Random_non-existant%@aosake.net> not known.
| T 20071009 111042 470b5d38 QUIT
| T 20071009 111042 470b5d38 Connection closed with 87.106.82.85, 526 sec. elapsed.

I may attempt to count the number of these made-up email addresses.

For the OP, SpamBully wouldn't work on these. Whichever mailhost tried to
send the "punishing bounce" would be stuck with the SpamBully bounce my MTA
is rejecting them. The abuse is directed at my mail server from the
Internet. The email provider whose customer tried to send the SpamBully
bounce is only contributing to the abuse.

Please be aware that I have no way to tell whether any of the rejected
bounces I am logging are MailWasher, or SpamBully, or some other kind of
phony bounce. But, if the provider whose mail server is stuck with an
undeliverable SpamBully bounce should get pissy, the bouncer, not the
forgery victim, would be the target of the provider's wrath.

--
Norman
~Shine, bright morning light,
~now in the air the spring is coming.
~Sweet, blowing wind,
~singing down the hills and valleys.

 

[N. Miller]

On Mon, 8 Oct 2007 13:19:26 -0500, SGB wrote:

> "Mike M" <No_Spam@Corned_Beef.Only> wrote in message
> news:OEIBEUdCIHA.4712@TK2MSFTNGP04.phx.gbl...

>>> 99% of the spam flitting about the Internet has forged sender email
>>> addresses. Therefore, 99% of the SpamBully "punishment" will be
>>> bullying innocent victims of forgery. Don't do it

>> I agree 100%. One of my e-mail domains is curently being spoofed in a
>> spam attack that appears to be originating from two PCs, one in Thailand
>> and the other in Texas but could well be from another location all
>> together. I'm currently receiving well in excess of 4,000 bounces and
>> rejections per hour and this has been going on for some hours now.
>> Fortunately the vast majority of the bounces and rejections I'm receiving
>> can be easily filtered on the server since the actual spoofed addresses
>> used are nearly always non existent accounts.

> Over 4,000!!! Oh my gawd, Mike. I am so sorry your computer has been
> invaded. I know how frustrating and aggravating and... it is. :-(

Here is something to consider: What happens if a SpamBully (or MailWasher)
user tries to bounce spam to the originating email address? My domain is
currently under a forgery attack some spammer has forged random,
non-existent user names as the sender of his spam. Hundreds of Internet mail
hosts are accepting the spam for delivery, then trying to return it to the
non-existent users in my domain. I don't run with a "catch-all" account, so
email to non-existent users is rejected by my MTA. Thus, the bouncer is
stuck with the message.

MailWasher, and, maybe, SpamBully can try to send their phony bounces
through the user's message submission server. This unfortunate provider will
be stuck with an undeliverable bounce. What I am seeing in my logs:

| T 20071009 110459 470b5d49 Connection from 219.232.224.79
| T 20071009 111026 470b5d49 HELO u607.51.net
| T 20071009 111026 470b5d49 MAIL FROM:<>
| T 20071009 111032 470b5d49 RCPT TO:<%Random_non-existent_User%@aosake.net>
| E 20071009 111032 470b5d49 RCPT from 219.232.224.79 - user <%Random_non-existent_User%@aosake.net> not known.
| T 20071009 111032 470b5d49 QUIT
| T 20071009 111032 470b5d49 Connection closed with 219.232.224.79, 333 sec. elapsed.

The total log size is more than triple the normal size. The "MAIL FROM: <>"
indicates that this is a DSN (Delivery Status Notice), set to "<>" in order
to prevent a loop.

My MTA is not sending DSNs (that would be futile because the "<>" is
designed to prevent that), but simply refusing to accept the message. If
this were a SpamBully (or MailWasher) phony bounce, the host with the phony
bounce would be stuck holding that bounce. If, as MailWasher can be
configured to do, this phony bounce was sent directly from the user
computer, I don't know what would become of the message. I don't know if
MailWasher is designed to handle rejected phony bounces. OTOH, if the phony
bounce was sent through the user's email provider, their mail host would
probably notify their postmaster that this phony bounce was undeliverable.
That postmaster could get rather testy with the SpamBully/MailWasher user
trying to send such phony bounces through their system.

--
Norman
~Shine, bright morning light,
~now in the air the spring is coming.
~Sweet, blowing wind,
~singing down the hills and valleys.

 

[Mike M]

> the bouncer, not
> the forgery victim, would be the target of the provider's wrath

Oh how I agree. Sadly most that are bouncing seem to have little control
of their systems and even less knowledge about how to detect spoofing and
the like.

Sorry to read that your domain is also suffering. Mine seems to be OK for
the moment but have suffered three, no four, major bounce/undeliverable
"attacks" in the last couple of months due to false addresses in my domain
having been used as the spoof "From" address. The worst went on for
almost five days.

It's for this reason that I don't use MailWasher and won't be using
SpamBully.
--
Mike Maltby
mike.maltby@gmail.com


N. Miller <anonymous@msnews.aosake.net> wrote:

> On Tue, 9 Oct 2007 12:20:47 +0100, Mike M wrote:
>
>> N. Miller <anonymous@msnews.aosake.net> wrote:
>
>>> I wasn't even getting that many in a day when my 'yahoo.com' account
>>> was forged as sender a while back. I saved four MailWasher bounces
>>> as ammunition in debates about phony bounces. They impersonate their
>>> ISP's Mailer-DAEMON, which is usually a TOS violation.
>
>> At least they have virtually stopped now. I started up this morning
>> to
>> find just the one "unable to deliver" message so hopefully the
>> machine(s)
>> involved is now clean or the bot has decided to use someone else's
>> e-mail
>> domain. I don't use MailWasher, perhaps I should, but instead am
>> using
>> MagicMail which while not being necessarily as configurable as
>> MailWasher
>> normally is enough to suit my needs.
>
> I just went looking in my MTA log for evidence for a discussion at
> DSLReports on spam zombies. Good grief! My log is fast filling with
> rejected bounces! The sources of the bounces are, mostly mail hosts
> apparently trying to bounce email to non-existent users in my domain.
> It looks like my domain is under a forgery attack by some spammer.
> Hundreds of entries, in just a few hours, like this:
>
>> T 20071009 110156 470b5d38 Connection from 87.106.82.85
>> T 20071009 111033 470b5d38 HELO leladax.de
>> T 20071009 111033 470b5d38 MAIL FROM:<>
>> T 20071009 111042 470b5d38 RCPT TO:<%Random_non-existant%@aosake.net>
>> E 20071009 111042 470b5d38 RCPT from 87.106.82.85 - user
>> <%Random_non-existant%@aosake.net> not known. T 20071009 111042
>> 470b5d38 QUIT
>> T 20071009 111042 470b5d38 Connection closed with 87.106.82.85, 526
>> sec. elapsed.
>
> I may attempt to count the number of these made-up email addresses.
>
> For the OP, SpamBully wouldn't work on these. Whichever mailhost
> tried to send the "punishing bounce" would be stuck with the
> SpamBully bounce my MTA is rejecting them. The abuse is directed at
> my mail server from the Internet. The email provider whose customer
> tried to send the SpamBully bounce is only contributing to the abuse.
>
> Please be aware that I have no way to tell whether any of the rejected
> bounces I am logging are MailWasher, or SpamBully, or some other kind
> of phony bounce. But, if the provider whose mail server is stuck with
> an undeliverable SpamBully bounce should get pissy, the bouncer, not
> the forgery victim, would be the target of the provider's wrath.

 

[SGB]

THIS IS MY OPINION.

SPAM is not going to stop.

Why bother to bounce the emails? Just delete them.
Besides, there is no reason to cause a traffic jam on the internet highway
trying to bounce them back, especially with so many accidents happening. You
are comprising too much with bounce backs.

I do not bounce emails as a rule of thumb.

It is a waste of life. it is way too stressful, aggravating and frustrating
trying to control what one has no power over.

I have used MailWasher Pro for over four years. The software program has not
caused me any problems. The way I have it configured has been an asset to my
sanity. I like it very much with a few exceptions.

The reason I asked about SpamBully was that it seemed more comprehensive
with the additional features as did Spam Eater by Spam Blocker Software. I
will be staying with the tried and true.

Peace!

"Mike M" <No_Spam@Corned_Beef.Only> wrote in message
news:OWwM05qCIHA.2060@TK2MSFTNGP06.phx.gbl...
> > the bouncer, not
> > the forgery victim, would be the target of the provider's wrath
>
> Oh how I agree. Sadly most that are bouncing seem to have little control
> of their systems and even less knowledge about how to detect spoofing and
> the like.
>
> Sorry to read that your domain is also suffering. Mine seems to be OK for
> the moment but have suffered three, no four, major bounce/undeliverable
> "attacks" in the last couple of months due to false addresses in my domain
> having been used as the spoof "From" address. The worst went on for
> almost five days.
>
> It's for this reason that I don't use MailWasher and won't be using
> SpamBully.
> --
> Mike Maltby
> mike.maltby@gmail.com

 

[Mike M]

> Why bother to bounce the emails?

I don't and am pleased to read that you don't either however sadly many
users of programs such as MailWasher and SpamBully are doing just that.
--
Mike Maltby
mike.maltby@gmail.com


SGB <NoEmail@ThisAddress.com> wrote:

> THIS IS MY OPINION.
>
> SPAM is not going to stop.
>
> Why bother to bounce the emails? Just delete them.
> Besides, there is no reason to cause a traffic jam on the internet
> highway trying to bounce them back, especially with so many accidents
> happening. You are comprising too much with bounce backs.
>
> I do not bounce emails as a rule of thumb.
>
> It is a waste of life. it is way too stressful, aggravating and
> frustrating trying to control what one has no power over.
>
> I have used MailWasher Pro for over four years. The software program
> has not caused me any problems. The way I have it configured has been
> an asset to my sanity. I like it very much with a few exceptions.
>
> The reason I asked about SpamBully was that it seemed more
> comprehensive with the additional features as did Spam Eater by Spam
> Blocker Software. I will be staying with the tried and true.

 

[Alias]

Mike M wrote:
>> Why bother to bounce the emails?
>
> I don't and am pleased to read that you don't either however sadly many
> users of programs such as MailWasher and SpamBully are doing just that.

I use T-Bird and it doesn't have that feature, not that I would waste my
time. The only intelligent thing to do with spam is nuke it and move on.
If everyone would do that, it would disappear. I must say, though, that
the spammers seem to have really gone downhill in the IQ department.
Back in the late 90s, spam could even be interesting or from a
legitimate company. Now, it's just big penises and drugs. Sad.

--
Alias
To email me, remove shoes

 

[SGB]

Smiles from across the pond!

"Mike M" <No_Spam@Corned_Beef.Only> wrote in message
news:edgUm8sCIHA.4956@TK2MSFTNGP06.phx.gbl...
> > Why bother to bounce the emails?
>
> I don't and am pleased to read that you don't either however sadly many
> users of programs such as MailWasher and SpamBully are doing just that.
> --
> Mike Maltby
> mike.maltby@gmail.com

 

[SGB]

"Now, it's just big penises and drugs. Sad."

No biggie there.

My concerns are the viruses, malware, spyware and so forth in the email
itself or the links.

And, another thing on my list of NOT to do is never click on unsubscribe.
Oh my gawd... PLEASE DO NOT CLICK ON THAT LINK!

Peace!

"Alias" <iamalias@shoesgmail.com> wrote in message
news:%23%23Ws1BtCIHA.1184@TK2MSFTNGP04.phx.gbl...
> Mike M wrote:
> >> Why bother to bounce the emails?
> >
> > I don't and am pleased to read that you don't either however sadly many
> > users of programs such as MailWasher and SpamBully are doing just that.
>
> I use T-Bird and it doesn't have that feature, not that I would waste my
> time. The only intelligent thing to do with spam is nuke it and move on.
> If everyone would do that, it would disappear. I must say, though, that
> the spammers seem to have really gone downhill in the IQ department.
> Back in the late 90s, spam could even be interesting or from a
> legitimate company. Now, it's just big penises and drugs. Sad.
>
> --
> Alias
> To email me, remove shoes

 

[Alias]

SGB wrote:
> "Now, it's just big penises and drugs. Sad."
>
> No biggie there.
>
> My concerns are the viruses, malware, spyware and so forth in the email
> itself or the links.

No biggie here. I use Ubuntu and 99.99% of malware is only for those who
do Windows.

>
> And, another thing on my list of NOT to do is never click on unsubscribe.
> Oh my gawd... PLEASE DO NOT CLICK ON THAT LINK!
>
> Peace!

Yeah, then they know your email is valid, same thing for replying.

Alias
To email me, remove shoes

>
> "Alias" <iamalias@shoesgmail.com> wrote in message
> news:%23%23Ws1BtCIHA.1184@TK2MSFTNGP04.phx.gbl...
>> Mike M wrote:
>>>> Why bother to bounce the emails?
>>> I don't and am pleased to read that you don't either however sadly many
>>> users of programs such as MailWasher and SpamBully are doing just that.
>> I use T-Bird and it doesn't have that feature, not that I would waste my
>> time. The only intelligent thing to do with spam is nuke it and move on.
>> If everyone would do that, it would disappear. I must say, though, that
>> the spammers seem to have really gone downhill in the IQ department.
>> Back in the late 90s, spam could even be interesting or from a
>> legitimate company. Now, it's just big penises and drugs. Sad.
>>
>> --
>> Alias
>> To email me, remove shoes
>
>


--

 

[webster72n]

"SGB" <NoEmail@ThisAddress.com> wrote in message
news:uLeZBVtCIHA.5360@TK2MSFTNGP03.phx.gbl...
> "Now, it's just big penises and drugs. Sad."
>
> No biggie there.
>
> My concerns are the viruses, malware, spyware and so forth in the email
> itself or the links.
>
> And, another thing on my list of NOT to do is never click on unsubscribe.
> Oh my gawd... PLEASE DO NOT CLICK ON THAT LINK!
>
> Peace!

Peace, oh Smiling One! <H>.

>
> "Alias" <iamalias@shoesgmail.com> wrote in message
> news:%23%23Ws1BtCIHA.1184@TK2MSFTNGP04.phx.gbl...
> > Mike M wrote:
> > >> Why bother to bounce the emails?
> > >
> > > I don't and am pleased to read that you don't either however sadly
many
> > > users of programs such as MailWasher and SpamBully are doing just
that.
> >
> > I use T-Bird and it doesn't have that feature, not that I would waste my
> > time. The only intelligent thing to do with spam is nuke it and move on.
> > If everyone would do that, it would disappear. I must say, though, that
> > the spammers seem to have really gone downhill in the IQ department.
> > Back in the late 90s, spam could even be interesting or from a
> > legitimate company. Now, it's just big penises and drugs. Sad.
> >
> > --
> > Alias
> > To email me, remove shoes
>
>