[TFN-help] soo much chinese spam (fwd)

Kenneth Alan Boyd Ramsay tfn-help@torfree.net
Mon, 23 Jun 2003 03:15:58 -0400 (EDT) 

On Thu, 6 Mar 2003, Al Aab wrote:

> is there a way to rid me of the daily halfmegabyte of china spam ?

Admittedly, I know just enough to be dangerous, but I believe that it is
possible to "tweak" the existing spam-filter on incoming mail to the TFN.
The problem is that if we just filter out messages encoded in Big-5 (one
form of Chinese), for example, we will almost certainly block legitimate
messages from China to other members.

In the past, I was on a legitimate mailing-list whose server was attacked
by a spammer.  First I got hit by a flood of spam, then there were so many
complaints that somebody blocked messages from that server.  That stopped
the spam - and it took me several tries to unblock things from the mailing-
list.

Unless it is really, REALLY, bad, it should be easier for you to hit the
"delete" button; than it is for the TFN (or any other ISP) to pass the
legitimate messages while blocking the spam.

Knowledge is power.  Can you identify where the spam is coming from?  If
the messages have an address where they want you to send money, that is
far more likely to be correct than the "FROM:" address - which is probably
forged, anyway.  If you compare the paths listed in the full headers of
several different spams, and find a common server, it could be where the
spam originates, or maybe one either way from the actual source.  Spammers
are notorious for forging headers, but the real servers that pass the
message are recorded faithfully, too.

Sending a message to "abuse@where_the_spam_came_from" may not help, if
it goes to the spammer himself.  Sending a message to "abuse@..." or
"webmaster@..." or "sysadnin@...". etc. to the first real system the
message passed through might help, although systems operators are usually
inundated by such requests.  It helps to be polite.  Remember, these are
usually busy people, who have probably learned to hate yet another such
request almost as much as they have learned to hate spam.  ;-)

> is it possible to change my log-id from af137 to something
> unknown to china spammers ?

Yes.  It is possible to keep changing your e-mail address, trying to keep
ahead of the spammers.  There are numerous free web-based e-mail sites,
such as http://www.bigfoot.com, http://www.mypad.com, etc. - even
anonymous remailers that make it almost impossible for anyone to track you
down (although some of them will allow it upon presentation of a court
order).  Usually, if you just delete the spam, and ignore them, the
spammers will lose interest.  Requesting removal usually just tells them
that you are a valid address, that they can sell to other spammers.
Of course, if you keep changing your address, nobody will be able to get
back to you.

Because of the TFN's one person - one membership setup, changing e-mail
addresses is probably difficult, but not impossible.  You could get a
"vanity" e-mail address, for example.

> is it possible to block all incoming email that is not english ?

Do a Google search for "spam buster".  There are probably other programs
available, that you can install to filter, using the appropriate criteria,
as well.  Let us know if you find one that works for you.

Boyd Ramsay

cx555@torfree.net