[rescue] Spam (was: Perverse Question)

Curtis H. Wilbar Jr. rescue at hawkmountain.net
Sun Jun 8 09:40:29 CDT 2003

What is the username  ?  If it is a dictionary word, name, or simple
derivation (i.e. bear001 at ...) or a username that previously existed
the spammers will have it or will find it.

Spammers used to use EXPN or VRFY to find addresses off of a dictionary
of possible addresses (much like crack, etc use a dictionary and set of
rules for cracking possible passwords).... they would connect and check
each one.... and log the good ones.

When everyone started closing off EXPN or VRFY, spammers switched to doing
RCPT TO.... either way they have a great way to probe for valid addresses.
Now with open proxies to hide where they are probing from, then can do
so with even greater anonymity.

Unless you have an odd address... i.e. b3ar, imbear, 1bear4all, etc...
if your ISP gets probed they are likely going to find your address.

Once one spammer finds your address.... it is only a matter of time...
(spammers like to also make money by selling addresses... or at least
they used to... and if they aren't doing it somebody who doesnt want to
be a spammer but wants to make some money might do it).

-- Curt
>Date: Sat, 7 Jun 2003 22:21:05 -0700
>Subject: Re: [rescue] Spam (was: Perverse Question)
>From: "r.stricklin" <bear at typewritten.org>
>To: The Rescue List <rescue at sunhelp.org>
>Content-Transfer-Encoding: 7bit
>On Saturday, June 7, 2003, at 07:51  AM, Sheldon T. Hall wrote:
>>> I honestly have never use SpamAssassin.  Properly choosing when and 
>>> where to use your e-mail address works wonders.
>> Yeah, but screw up _just_once_, and your address will be on every spam 
>> list
>> in China, and you'll get innundated.
>It doesn't even matter. It doesn't make one bit of difference when and 
>where you use your email address, you WILL get spammed. There's no 
>disincentive for spammers to mail to even "plausible" addresses.
>This story is true, by the way.
>I have an email account that I have never used for anything. I've never 
>sent mail from it, I've never given the address to anyone. I've never 
>put it on any web form. I've never mentioned it in USENET. It's not an 
>AOL or hotmail account, either. It's the account I got with my dialup 
>ppp account. I never used it because I had a shell account and a vanity 
>domain on a friend's server. The dialup ppp account was just so I had 
>bandwidth to get to my friend's server.
>A couple of years ago, I figured I should check that account, because 
>it was likely my ISP had been sending system news and stuff to me at 
>that address. I'd had the address for three years by that point, and 
>hadn't ever bothered to check it.
>I logged into the POP server... 5,500 new messages. ALL SPAM.
>This was a year and a half ago.
>Last year, it got 5,500 new messages. ALL SPAM.
>My friend shut down his server last month, so I've been busy setting 
>things up at my ISP, so I checked that account again last month.
>5,500 new messages since January. ALL SPAM.
>It doesn't matter who you are or where your address ends up. You will 
>get spam.
>rescue list - http://www.sunhelp.org/mailman/listinfo/rescue

Curtis Wilbar
Hawk Mountain Networks
rescue at hawkmountain.net

My e-mail is protected against viruses and spam by MailGuardian
          Top notch protection at unbelievable prices

More information about the rescue mailing list