Spam!!! (1 Viewer)

[MarkHastings]

I use McAfee's Spam Blocker and have it set to the highest amount of blocking (i.e. only email addresses that I allow), but I just got a Spam email where they used MY email address as the "to" - This is SO INFURIATING!

As far as the other 'phoney' email addresses they use, it doesn't bother me too much, but this feels so much like an invasion of my privacy. I can not tell you how much I want the person (who sent this) to suffer horribly!!!

Should I just suck it up or what can I do about it? I am thinking of forwarding it to my service provider, but I doubt anything will come of it.

I can just see it now, I'm going to start getting 1,000 of emails each day from MY address!

 

[John Watson]

The industry has got to take some responsibility for this crap.

They have given us a really lousy email protocol. Between 'friendly' versions of addresses that so many people create, and the computer generation of spoofed sending and receiving addresses, we are being taken for fools. I don't know who is sending, or how something that doesn't bear any of my addresses, gets in my box.

If Gates was the least bit serious, the spoofing could be made impossible, and any spam could be traced, and the originators punished for their maliciousness.

I think legislation of the "do not contact again unless authorized within three attempts" is warranted. I think I even support a tax of 1 cent per email message sent. The scum who send millions of messages would think twice about pushing the send button.

I hope a day will come when the ISPs themselves take some responsibilty, and I just forward any spam that gets through to them, and know that they will deny service to the originators.

 

[MarkHastings]

DEFINITELY! I mean, my phone has the capability to block 'unavilable' caller ID calls, so why can't they do something like this with email?

Is it that difficult to block an email that uses a phoney address???

 

[Paul Padilla]

The difficulty here is that many users at large take no responsibility for their own systems. What I mean by this is things like downloading, or allowing (or turning a blind eye to) their family to download screensaver, games, add-ins, neato tools to make their cursors do fun things...handing out their E-mail address to any and every web page that asks them to do so...setting up questionable file sharing programs to get the latest 50cent track on the cheap...and all the while many of these add spyware, adware, malware that compromise their security. They harvest E-mail addresses...personal information...passwords, etc. For every care that concerned computer users take, they have at least one acquaintence with their E-mail address who's teenage daughter just installed that free download which also installed spyware without her knowledge.

This information makes it into the hands of people who practice "war driving"...driving through neighborhoods using a high gain antenna and a wireless laptop looking for people who have purchased wireless networking equipment and ignored all of the warnings and instructions in the literature about setting it up securely. Their SSID wireless network name is being broadcast for everyone to detect...they don't use any of the MAC address filtering much less encryption or authentication recommended and laid out in the manual. So "Joe Schmo's family wireless network" is wide open for spammers to tap in...blast out a few thousand E-mails, and then move on to the next target. All of that spam appears to have come from the address of that homeowner and there's no way to prove otherwise.

Why not enable all of these types of security from the factory? It's infinitely more practical for users to begin with something that is wide open and lock it down from there, than to start with something that's locked down and learn what and how to open it up to allow the right communication to make it through. Joe Schmo and his family just want it to work, damn it!

By and large, consumers have always wanted one thing with computers. Ease of use. Now that spyware and spam are part of everyday vernacular, consumers also want complete security. These two things are in direct competition with each other. The more you lock things down the less compatible, or at least user friendly, they are. Most people who take an interest in their computer security are happy to sacrifice a little ease of use to keep out the crud, but there are thousands more people who could care less.

 

[MarkHastings]

...never thought of that. :frowning:

But at least with "phoney" email addresses, they should have some kind of way to authenticate wether the email address is coming from the appropriate server/provider.

 

[Paul Padilla]

There are some specs being developed to do the kind of authentication you're talking about. One of the tough parts is the sheer volume of traffic it will create. For every E-mail that transmits from Server A to Server B...Server B has to go back to Server A and essentially say, "Hey...is "[email protected]" a legitimate E-mail address?" Then server A has to reply, etc. Now think of that kind of crosstalk for the thousands and thousands of E-mail servers and millions of E-mail addresses. I don't really know where the technology stands on that, but I do know it's a huge task.

Businesses have it even tougher because there's a careful balance of productivity (I'm the sales VP damn it, I don't have time to go through all this spam every morning) vs.
that one message tagged as spam because the idiot who E-mailed his HUGE order decided to include his favorite Nantucket lymerick.

Just to clarify...the IP address of the homeowner...not the E-mail address.

 

[DaveF]

And what prevents spammers from creating new software to respond in the affirmative from the zombies creating the software? It will change the nature of spam. But will it reduce it?

My solution, which has gaping flaws, is to prosecute not the spammers, but the businesses being advertised by the spammers. Ultimately, spam points to an address, online or offline, selling something. Target those who profit from the spam, not the spammers themselves. Kill the demand, kill the supply. (I'll leave to the reader to find the killer flaw.)

Find the solution and you'll make a fortune (or at least be loved my the masses).

 

[John Watson]

Dave, I am no computer guru, but I am simply boggled to think that there is no way that the presently feasible easy-to-create phoney origin addresses cannot be eliminated from the software running e-mail. Or that the e-mails that bug us cannot be traced back to a specific source.

I want that (rebuilding of the e-mail software) to happen before I have to pay for spam washers. And I think the software industry, and the ISPs should pay for it, too.

The cost to serious legitimate businesses of a 1 cent tax is trivial - assuming they do not send millions of messages to people who don't want them?

Your idea of punishing the businesses (however possible) who pay the spammers makes sense to me.

 

[Tekara]

The main problem is that there are many places that don't protect their smtp servers (outgoing mail servers), with an unprotected smtp server, anyone can send their garbage email through it.

So if you set up a simple home email server and don't lock it down, spammer can send all of his email through your server, without your consent or knowledge. When the authorities track down the origin, guess where it came from? that's right. . . you!

 

[MarkHastings]

The problem with punishing the businesses (who are mentioned in an email), is that I can send 1,000,000 spam emails out and put a link to any business I want, and they'll get in trouble for it.

 

[Paul Padilla]

That's akin to saying, "Do away with the US postal service and come up with something entirely new because I'm getting junk mail." The task is that large. And regardless of who pays for it up front, consumers, again, will pay in the end.

 

[MarkHastings]

But I don't think we should have to accept it. As far as regular spam, I agree that we need to accept it since it's a free country and you shouldn't be arrested for advertising, but this is very close to "identity theft", which should hold some sort of legal action against the person who sent it???

 

[John Watson]

To Paul : I will gladly pay the 1 cent tax or fine on the few hundred e-mails I send a year, provided that helps curb the millions the spammers send.

Re Mark's comment on Identity Theft. Good one! I also believe much spam is harassment - porn, drug pushing, and knock-off jewelry; in other words, it's faud and criminal harassment.

Paul, you obviously know a great deal more about the Internet and e-mail than I do. But I hope you are not entirely right. I get steamed even about the few pieces of junk mail that come from the post office

A couple of years ago I saved the following thread from this site, and have always wondered whether it expressed what I hope will be possible?

http://www.hometheaterforum.com/htfo...hreadid=173617

Any other gurus know what it means?

In the meantime, I will be happy to see Jack Bauer tasked with shutting down some spammer next season

 

[Paul McElligott]

It wouldn't. It would just mean that a larger share of your spam would come from Russia.

There are ways to authenticate e-mails using digital signatures in something like PGP but unless we make that authentication part of the e-mail protocol itself, only a small percentage of users will take advantage of it.

 

[MarkHastings]

Yeah, taxing would only stop the "little Guys" - I mean, look at all the junk mail in your mail box...The postage doesn't stop them, and that's at a much greater expense (i.e. not only the cost involved in the postage, but the materials to create and print the literature).