Search Again: OT-SPAM/Harvesting prevention From: Administrator Date: Monday, August 13, 2001 Time: 1:42:07 pm Hi there, Because this is both a mail issue and a DNS issue, I am sending it to both the EIMS list and the QuickDNS list. My apologies if you recieve duplicate posts... I know there are several sites that deal with prevention of email address harvesting, such as <http://members.aol.com/emailfaq/mungfaq.html> and <http://cgastudy.fateback.com/study/help/SPAM.htm> but I found out about a method that I hadn't heard of before and wanted some feedback from other admins out there... The Model Shipbuilder FAQ on Usenet <http://www.seaways.com/faq/smf-contrib.html> has the following method to foul would be harvesters form collecting addresses: Each email address in the contributors section has a mailto: link that points to two addresses, that of the contributor and also "noc@ftp.warez.org". The purpose of this is that this second address is supposed to be some kind of loopback. Sending mail to it will in theory bounce mail to the senders ISP. So every time a spammer uses a harvested address, they also send a spam to their own ISP. If they are a heavy spammer, they will in theory flood their own ISP who will probably shut them down. I'm skeptical of this working for several reasons: 1) if it really worked, more admins would use this trick. The Ship Modeler FAQ is the only place I've seen it. 2) a savvy spammer could easily cull the 'trick' address from their list since it is a single address. 3) I have doubts that a single email address could forward messages to a spammer's own ISP. I wonder how such an address could work, and if it could I suspect that it would only work if their ISP's email address was noc@domain.com. This last one is where I'm a little uncertain. I tried doing some searches and found this thread about DNS records: <http://ciac.llnl.gov/news/BIND/9801/msg00433.html> Is there some validity to the plan outline above? I also found that the domain is up for sale <ftp://ftp.warez.org/> so if there is some validity, it probably won't last long. Maybe there is some way to reimplement this elsewhere... What are your thoughts on this and what do you think is the best method for preventing harvesting on the web and on UseNet? Thanks for your feedback! --Eric Kopf -- Administrator -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Aladdin Systems, Inc., 245 Westridge Drive, Watsonville, CA 95076 Phone: 831.761.6200, Fax: 831.761.6206 Yeah, We're the StuffIt People... _________________________________________________________________ StuffIt Web Page: http://www.stuffit.com/ Aladdin Web Page: http://www.aladdinsys.com/ Aladdin FTP Site: ftp://ftp.aladdinsys.com/pub/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Messages In This Thread: OT-SPAM/Harvesting prevention by Administrator on Aug 13, 2001 at 1:42:07 pm Re: OT-SPAM/Harvesting prevention by Systems on Aug 14, 2001 at 12:49:23 pm