Re: How to stop spammers bringing our server down?
- From: "Phil B" <phil.remove.brady@xxxxxxxxxxxxx>
- Date: Mon, 12 Nov 2007 19:14:32 -0000
"Peter" <occassionally-confused@xxxxxxxxxxxx> wrote in message
news:15p2j352ut546t14dhu9v93m3qvnvhkkcp@xxxxxxxxxx
"Phil B" <phil.remove.brady@xxxxxxxxxxxxx> wrote
Simple layman's explanation: Most spam generators use very simple
algorithms - usually running on hi-jacked infected PCs. Greylisting
temporarily rejects a first attempt at an email ("I'm very busy so please
try later" response) but remembers the sender/target email address
combination. It continues to reject that combination for (say) an hour
then
lets it through. A 'proper' mail sender will respect that temporary
overload, requeue the request, retry and get through but not a simple spam
generator since they will go straight on to the next victim. There are
also
efficiency devices built in - eg if A on your site send email to B then a
subsequent incoming B to A will be accepted immediately. Also, if it has
seen B send to A successfully before, then it lets it through straight
away.
Thank you Phil for the explanation.
I guess this is what e.g. Yahoo do, because it takes ages (up to an
hour) for an incoming email to appear in the inbox there.
It's really annoying though if used in a business context because so
often a customer phones up qith a query, then says he is email in the
order and .... the email does not appear till much later.
In fact yahoo accepts the email immediately (I can see that looking at
our smtp server activity when sending an email to yahoo) so they must
be storing them on their server, while looking for IP patterns. This
is probably more effective because a spammer could easily just come
back after an hour, whereas 10,000 emails to different yahoo customers
from the same IP is obviously *all* spam. Anybody could think of that
comeback trick and I have a neighbour who is a professional spammer
(he claims to do email marketing only for opt-in mailing lists but I
don't believe that for a moment...) and he has a staff of 10 people
full-time working out techniques to bust spam filtering.
Currently I am working on the principle that any registered domain
WILL always get attacked in a big way, and the only thing one can do
is make sure that any usernames are not easily guessed.
This means that while an address like
john.whittington@xxxxxxxxxxxxxxx
is going to be very hard to guess for the spammer and will be just
fine,
sales@xxxxxxxxxxxxxxx
is going to get flooded. Of course,
webmaster@xxxxxxxxxxxxxxx
you can just forget completely :)
But a company needs an address like sales@ to put on its website
(unless you want to rely just on web enquiry forms, which many people
hate) so the approach I am doing there is to use e.g.
sales25@xxxxxxxxxxxxxxx
and since these addresses are used largely just for the initial
contact one can change this address regularly.
The website address is moreover disguised with the usual javascript
methods but it seems that spammers have got around that nowadays. One
could put it up as a graphic and I have done that on some websites but
I think that on a business website it's going too far.
Unfortunately most companies are just too dumb to do any of this and
as a result email is often not usable for business comms, so it's back
to fax.
Peter,
If your email addresses are being 'harversted' by web page scanners then:
a) present a web page for customers to complete.
b) not have them as links which means they are 'non clickable'.
c) have them only accessible behind a verification system ("Please key in
the letters you see here").
Phil
.
- References:
- Re: How to stop spammers bringing our server down?
- From: Phil B
- Re: How to stop spammers bringing our server down?
- Prev by Date: Re: Extension wiring
- Next by Date: Gadget Show Tonight
- Previous by thread: Re: How to stop spammers bringing our server down?
- Next by thread: Wi-Fi Access problem
- Index(es):
Relevant Pages
|
Loading
