From: Digest <deadmail>
To: "OS/2GenAu Digest"<deadmail>
Date: Sun, 31 Dec 2006 00:01:00 EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600
Subject: [os2genau_digest] No. 1408
Reply-To: <deadmail>
X-List-Unsubscribe: www.os2site.com/list/

**************************************************
Saturday 30 December 2006
 Number  1408
**************************************************

Subjects for today
 
1  Re:  Mystified : Ian Manners" <deadmail>
2  Re:  Mystified : Voytek Eymont" <voytek at sbt dot net dot au>
3  Re:  Mystified : Ian Manners" <deadmail>
4  Re:  Mystified : Voytek Eymont" <voytek at sbt dot net dot au>
5  Re:  Mystified : Ian Manners" <deadmail>
6  Re:  Mystified : Voytek Eymont" <voytek at sbt dot net dot au>
7  Re:  Mystified : Alan Duval <amoht at westnet dot com dot au>
8  Re:  Problem with eCS3 beta : Glenn Montgomery <glenn at montysplace dot net>

**= Email   1 ==========================**

Date:  Sat, 30 Dec 2006 01:54:41 +1100 (EDT)
From:  "Ian Manners" <deadmail>
Subject:  Re:  Mystified

Hi Alan

>My ISP does a good job in stopping spam. It lets me know which Emails it 
>has stopped and lately they all have long names and no recognizable 
>ISP's. As I don't know much about ISP's could someone tell me how these 
>spammers can send an Email without using a recognized ISP? Also, as they 
>obviously change their Email address  all the time how on earth do they 
>ever get any replies? It mystifies me.
>It would seem to me that spam could be stopped if one could nominate the 
>only sites that one would accept Email from. Maybe this is possible and 
>I am unaware of it.

Most spammers will falsify there sending domain, ie, dont think of it
as an ISP but as a domain. Example, I have quite a lot of domains,
one of which is comkal dot com but comkal dot com doesnt send email out
at all, though I know a spammer used that domain for one of there
spam runs, ie, its easy to falsify the From: part in an emails header.

As to the actual sending out of email, you dont actually need an
ISP, you only need some software to send the email out. This is
why spammers love Windows (and some Linux) computers, they
find a weakness in a users windows PC, gain entry via a back door
or virus, and install there own little SMTP engine that they can
then hook up to a controller for sending out spam emails. The
Windows computer doesnt need to be an ISP's email server.

Some spammers will also use misconfigured email servers which
allow relaying, and this can also happen to OS/2 users who have
there own email servers, if they do not correctly setup their server :-(

We would need to go back to the early days of the ARPA or
Internet to start to explain why anyone can send email, and why
a lot of email servers will accept email from anywere. That last
bit is slowly changing now due simply to the spam problem.

Some people like myself (I'm not an ISP, though I do host some
websites/email/etc for myself, and for my accountant, and a rather
outrageous friend of my wifes) host our own email server(s) but
we set them up per the internet RFC's, RFC, also called Request
For Comment, are a collection of what we would term 'Best Practice'
methods of talking to everyone else, and so that we all understand
our interconnected network that we call the internet, and how to
be civalised in the protocols required to talk to each other.

I have setup my mail server on a static IP, with what is called a
reverse  lookup, ie, do a host command on os2site dot com as follows

[D:\]host os2site dot com
os2site dot com has address 203.29.18.140
os2site dot com mail is handled (pri=100) by warp.os2site dot com
os2site dot com mail is handled (pri=200) by ns1 dot comkal dot net

[D:\]host 203.29.18.140
20.1.168.192.IN-ADDR.ARPA domain name pointer warp.os2site dot com

That last bit is called the 'reverse lookup'

You can also setup a legitemate email server on a Dynamic IP
address using a Dynamic Domain Name Service, though this
is probably not a good idea if you have a business that relies
on email. There are also people such as myself that use RBL's
(Realtime Black Lists) in such a way as not to accept email from
any IP address, or range of IP address's, that are allocated as
being dynamic, or IP address's that are known spammer havens.

I have what is called an MX record for my mail server, though
according to the RFC's you do not actually need one, most ISP's
and other people that run mail servers are now refusing to accept
email from a computer/server unless it does have an MX records,
and some also require a special TXT record. These records are
DNS records.

email, its protocols, and its mechanism for working really need a lot
more time and space to explain, and I've never been good at compressing
a lot of information into a small summary but I hope you get the basic's,
If I've undersood your question correctly.

As to actual ISP's, almost anyone can be an ISP, it simply stands for
Internet Service Provider, in the way that term is taken in a general
sense here in Australia, I use to provide dialup access to friends and
others but with the advent of ADSL, I got out of that. You could
literaly say that even someone that hosts a website for someone else
is an ISP, as they are providing an "Internet Service" :-)

If you want more info, you could do a google search on something like

"How does email work"

Cheers
Ian Manners
Tech Fossil (Often  called a Dinosaur) - ancient animal that gets things done
http://www.os2site dot com/


The Microsoft Macarena: spin, spin, spin.
----------------------------------------------------------------------------------
 

**= Email   2 ==========================**

Date:  Sat, 30 Dec 2006 08:11:50 +1100 (EST)
From:  "Voytek Eymont" <voytek at sbt dot net dot au>
Subject:  Re:  Mystified


<quote who="Ian Manners">

>>  Also, as
>> they obviously change their Email address  all the time how on earth do
>> they ever get any replies? It mystifies me.

they do not want replies
they want ppl to go to promoted web site, buy promoted product, etc, etc
not reply

-- 
Voytek

----------------------------------------------------------------------------------
 
**= Email   3 ==========================**

Date:  Sat, 30 Dec 2006 11:38:37 +1100 (EDT)
From:  "Ian Manners" <deadmail>
Subject:  Re:  Mystified

>they do not want replies
>they want ppl to go to promoted web site, buy promoted product, etc, etc
>not reply

I forgot to add the bit about return email address's :-)
Thanks Voytek

>>> they obviously change their Email address  all the time how on earth do
>>> they ever get any replies? It mystifies me.

And to elaborate, sometimes a spammer will use the email address's of
real people, ie, the Return and From fields are populated by email
address's from the same database the spammer gets to To: from,
leading to an aweful lot of error messages/bounces's, and newby
reply's to some poor sods email address. (I've had this happen to
me :-( ), Spammers will sometimes also do a complete spam run
using the Return email address of someone they dislike, ie, some
one from SPEW's, SORB's, etc.

You might also think they will use a real email address in the From: and
Return fields if they wish to validate email address's but thats a thing of
the past now. With so many broadband connections spammers nolonger
seem to care if there database includes non functional email address's.
Chances are someone else will eventually use that email address, and its
also quite normal for a spammers database program to split put all everything
on the left hand side of the  at  (username), and the righthand side of the  at ,
(domain) and then apply all the username bits to all the domain bits on the
premise that if someone uses a username for one domain, then other's
may also use it for a different domain. ie, I've used sonicprince at hotmail
for years as a test email account, I created that at comkal dot com dot au, ecssite dot com,
and at primus dot com dot au and instantly all were flooded by spam.

Spammers dont care how much bandwidth they steal from other people, its
there nature, they only care about maximising the number of people
that receive the spam email, with the knowledge that in the percentage
game some people will go to the website and buy the product. ie, if only
10 people out of 100 million emails sent, buy the product, they have turned
a profit (might be small) as sending the spam costs them nothing !


Cheers
Ian Manners
Tech Fossil (Often  called a Dinosaur) - ancient animal that gets things done
http://www.os2site dot com/


The trouble with being punctual is that nobody's there to appreciate it.  -- Franklin P. Jones
----------------------------------------------------------------------------------
 

**= Email   4 ==========================**

Date:  Sat, 30 Dec 2006 12:38:15 +1100 (EST)
From:  "Voytek Eymont" <voytek at sbt dot net dot au>
Subject:  Re:  Mystified


<quote who="Ian Manners">

> Spammers dont care how much bandwidth they steal from other people, its
> there nature, they only care about maximising the number of people that
> receive the spam email, with the knowledge that in the percentage game
> some people will go to the website and buy the product. ie, if only 10
> people out of 100 million emails sent, buy the product, they have turned a
> profit (might be small) as sending the spam costs them nothing !

few month ago, there was a story in the news about some guy in US that got
busted,
I don't recall correct details, but, he had like 10 T1s or T3s (enough to
provide b/w to several office buildings, his monthly ISP bill was like
USD30,000, and, he was making millions if not squilions

when he got busted, he claimed to be broke, but feds looked up his
pre-nuptials where he declared something like USD10m worth

it was claimed he was 2nd or 5th largest spammer

-- 
Voytek

----------------------------------------------------------------------------------
 
**= Email   5 ==========================**

Date:  Sat, 30 Dec 2006 13:35:05 +1100 (EDT)
From:  "Ian Manners" <deadmail>
Subject:  Re:  Mystified

Hi Voytek

>few month ago, there was a story in the news about some guy in US that got
>busted,
>I don't recall correct details, but, he had like 10 T1s or T3s (enough to
>provide b/w to several office buildings, his monthly ISP bill was like
>USD30,000, and, he was making millions if not squilions
>
>when he got busted, he claimed to be broke, but feds looked up his
>pre-nuptials where he declared something like USD10m worth

Yep, shows the mentality/stupitidy of a spammer.....
Wonder what he was doing with all that local bandwidth ?
Direct spamming ?
Bragging rights ?

99% of spammers use someone elses bandwidth, so they only need
their regular internet access to gain access to open proxies/infected PC's
and Botnets. Some of the big spammers were/are using a simple cable
connection, guess they could call it a "Business Expense" :-)

>it was claimed he was 2nd or 5th largest spammer

Probably right, the list changes weekly, though beneath the identities
they are probably the same people.

Cheers
Ian Manners
Tech Fossil (Often  called a Dinosaur) - ancient animal that gets things done
http://www.os2site dot com/


Message on a leaflet: IF YOU CANNOT READ, THIS LEAFLET WILL TELL YOU HOW TO GET LESSONS
----------------------------------------------------------------------------------
 

**= Email   6 ==========================**

Date:  Sat, 30 Dec 2006 13:43:12 +1100 (EST)
From:  "Voytek Eymont" <voytek at sbt dot net dot au>
Subject:  Re:  Mystified


<quote who="Ian Manners">

>> few month ago, there was a story in the news about some guy in US that
>> got busted, I don't recall correct details, but, he had like 10 T1s or
>> T3s (enough to
>> provide b/w to several office buildings, his monthly ISP bill was like
>> USD30,000, and, he was making millions if not squilions
>>
>>
>> when he got busted, he claimed to be broke, but feds looked up his
>> pre-nuptials where he declared something like USD10m worth
>
> Yep, shows the mentality/stupitidy of a spammer.....
> Wonder what he was doing with all that local bandwidth ?
> Direct spamming ?
> Bragging rights ?

that guy was big time business, he was flat out spamming across the his
entire bandwidth


> 99% of spammers use someone elses bandwidth, so they only need
> their regular internet access to gain access to open proxies/infected PC's
>  and Botnets. Some of the big spammers were/are using a simple cable
> connection, guess they could call it a "Business Expense" :-)



-- 
Voytek

----------------------------------------------------------------------------------
 
**= Email   7 ==========================**

Date:  Sat, 30 Dec 2006 03:49:29 +1100
From:  Alan Duval <amoht at westnet dot com dot au>
Subject:  Re:  Mystified

Hi Ian & Voytek,

Thanks for the explanations. I'm now a lot wiser.

Regards,

Alan Duval
----------------------------------------------------------------------------------
 

**= Email   8 ==========================**

Date:  Sat, 30 Dec 2006 18:26:28 +0000
From:  Glenn Montgomery <glenn at montysplace dot net>
Subject:  Re:  Problem with eCS3 beta

Hello all,

Thanks for your replies. It appears that one of my hard disks died
coincidentally at the time I was doing the install. I removed it and the
machine could boot. So -- amazing.

Thanks again for your help
Glenn Montgomery

----------------------------------------------------------------------------------
 

