Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Ways to stop spam, detect robotic activity, and actually harm the spam trade, as well as how it works, how to circumvent filters, etc. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Anti-spam techniques
Posted by: rsnake
Date: August 20, 2006 08:38PM

One of the very old tactics I have seen is to automatically send a mailer-daemon response once an email has been deemed as spam, so that any tools that attempt to do list cleanup will be fooled into thinking the user is non-existant. I think that's a clever tactic, as it uses their own tools against them. I've never seen it widely adopted, but it feels like a fairly trivial thing to do in an automated device.

It might be interesting to set up a prototype on a heavily spammed account and see if you can decrease the levels of spam through that method alone.

Options: ReplyQuote
Re: Anti-spam techniques
Posted by: web
Date: August 21, 2006 03:48AM

I agree this would be very effective against spam, but if it was completely automatic it could certainly cause a lot of confusion.

Imagine sending a quick e-mail to someone and having a mailer-daemon response sent back. Did you send it to the wrong e-mail, or did it get detected as spam? I can imagine some people repeatedly modifing their message and resending it with the mistaken belief that it was detected as spam when in fact they're typing an "I" where there should be an "L".

Perhaps if this was only done against messages that the user explicitly marked as spam, but it's unlikely most people would take time out of their day to do this.

Options: ReplyQuote
Re: Anti-spam techniques
Posted by: trix
Date: August 21, 2006 08:04AM

if anything i think a new protocol has to be designed, but then again it will be circumvented.

Options: ReplyQuote
Re: Anti-spam techniques
Posted by: rsnake
Date: August 21, 2006 09:57AM

Web, I think you actually caught it, and I wasn't particularly clear. I actually meant if you marked it as spam. Similar to how cloudmark works, where over time the user's interaction starts to slow down their own spam over time. I'm pretty sure it would work, but yes, you're right, it would be fairly confusing to have it completely automated. I think automation would work where it was simply a spam collector to test the theory though.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Anti-spam techniques
Date: November 04, 2006 07:07PM

It's just like clicking the link spammers send you and filling it in with bad data!

HTML Purifier - Standards Compliant HTML filtering

Options: ReplyQuote
Re: Anti-spam techniques
Posted by: rsnake
Date: November 04, 2006 07:36PM

I wouldn't click on any links in spam or load up any images/use preview panes. It's the fastest way to verify that your address is valid, unless you change the link so it doesn't reflect the unique identifier associated with your address.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Anti-spam techniques
Posted by: apnovi
Date: December 08, 2006 08:35AM

Ive only thought about this briefly but
You would have to defiantly make sure whatever address you were sending the Mailer daemon responses too was a spammer. If someone decided to send emails from a falsify`d email address with junk on them just so you would blacklist them they could then use your own system to spam that account with mailer-daemon responces from your server and you`d probably get your mail system blacklisted.
Or maby even just spam you with thousands and thousands of emails from an address they know there getting a fake mailer-daemon response from in an attempt to DOS you mailserver or disrupt your business.

Options: ReplyQuote
Re: Anti-spam techniques
Posted by: rsnake
Date: December 08, 2006 11:36AM

This already happens actually... my father had email sent as him via spoofed email. How he found out was by getting tons of reply mailer daemon responses. It's weird that they picked his address of all addresses everywhere, but when the admin called him he said he knew it wasn't my dad who was sending the email. So anyway, my point being, this already happens.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Anti-spam techniques
Posted by: graphyx
Date: February 08, 2007 01:12PM

What if you did the mailer-daemon response once an email has been deemed as spam only after hours. Like 2-7 AM when people are least likely to be sending legitamate emails?

Options: ReplyQuote
Re: Anti-spam techniques
Posted by: rsnake
Date: February 09, 2007 09:04PM

That might work. I've noticed that spammers definitely know what time of day/week to send spam so that's not outside the norm.

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: Anti-spam techniques
Posted by: trev
Date: February 11, 2007 08:19PM

Rsnake, I don't think it is intentional. A large portion (most?) of the spam goes through botnets now and botnets only work when people are actually online.

Options: ReplyQuote


Sorry, only registered users may post in this forum.