"Throwaway" addresses and dead web links

This section is for questions relating to using the forum. Announcements on updates and any issues with the forum software may also be posted here occasionally.

Moderator: Tim Green

Post Reply
User avatar
Tim Green
Site Admin
Posts: 23154
Joined: Mon Jun 24, 2002 9:11 am
Location: Bruehl, Germany
Contact:

"Throwaway" addresses and dead web links

Unread post by Tim Green »

Recently a lot of new users have been registering with "throwaway" email addresses that are available from some online services for once-only use (the idea is to avoid spam on your own email account). Almost all of these users are spammers, who just create an account to include an URL to their own site. I delete these accounts immediately, sight unseen and with no questions asked.

However, some appear to be borderline cases -- they post URLs, sometimes very bizarre ones, but they are almost always dead links leading to nowhere. I also delete these new accounts immediately as well, also sight unseen and with no questions asked. I use a protected browser to check these links but am not willing to risk the possibility that they might be links that install malware on users' computers, and I don't have the time or the energy to perform thorough checks.

I can understand why users might want to use a throwaway address but please be aware that doing this may get you classed as a potential spammer and lead to immediate deletion of your account. The same applies to posting dead URLs and "deep" URLS for your web address. Posting these in your profile in a new account will almost always lead to immediate deletion of your account. (A "deep" URL is a long URL going "down" through several directory levels on a web server -- these URLs are almost always only posted by spammers.)

If an existing user adds a dead or deep URL to his/her account I may ask them first before deleting the account -- whether I do depends on the nature of the URL. If you post a link to a porn or obvious spam site account deletion will be immediate and merciless.

I'm still undecided on the question of the use of freemail addresses like hotmail and gmail. At the moment the situation with spam postings from these addresses is still manageable, but if it gets worse it is possible that all freemail addresses may be banned from the forum. This will not lead to account deletion but anyone using a freemail account would then have to switch to a "real" email address to continue to use the forum features that require an address, like notifications on new postings in threads you are watching.
Last edited by Tim Green on Fri Nov 24, 2006 4:00 pm, edited 1 time in total.
Vladimir
Posts: 48
Joined: Tue Jan 21, 2003 5:21 pm

Unread post by Vladimir »

I would also suggest you delete registered users that have no posts for more than two months since their registration.
Quite often their quite "good" e-mail addresses and web sites turns into spam after that time.
User avatar
Tim Green
Site Admin
Posts: 23154
Joined: Mon Jun 24, 2002 9:11 am
Location: Bruehl, Germany
Contact:

Unread post by Tim Green »

Hi Vladimir,
Vladimir wrote:I would also suggest you delete registered users that have no posts for more than two months since their registration.
This is not possible because of the way this forum is used. Many users never post but visit the forum frequently and use it as an information resource -- you must register to be able to use the Tutorials, Tips & Tricks and Templates sections, for example.
Quite often their quite "good" e-mail addresses and web sites turns into spam after that time.
I check this regularly and so far this hasn't happened here at all. If you find any spam links in user profiles please do report them. The reason that this doesn't happen is that the majority of the spam accounts either never get activated or are immediately visible as spam and get deleted anyway.
Regards,
Tim (EC Software Documentation & User Support)

Private support:
Please do not email or PM me with private support requests -- post to the forum directly.
Jonathan S
Posts: 163
Joined: Mon Oct 03, 2005 5:58 pm

Unread post by Jonathan S »

Tim,

How much trouble have you had with gmail accounts? When I got mine, it was by invitation only, and though I can invite others to become gmail users, there is a limit to the number of invitations I can send (15, I think). I know this isn't a foolproof way to keep people from using gmail as a spam source, so I'm wondering if you've had a lot of problems with this up to this point.

My gmail address is actually my serious one, now, though when I signed up for this forum I didn't have it.

Jonathan
User avatar
Tim Green
Site Admin
Posts: 23154
Joined: Mon Jun 24, 2002 9:11 am
Location: Bruehl, Germany
Contact:

Unread post by Tim Green »

Jonathan,

Actually, gmail is generally very good, I probably shouldn't have listed that as an example. Even if it comes to it, and it doesn't look like it at the moment, it's very unlikely I will have to ban gmail.The worst in terms of volume are hotmail and yahoo. There are a number of Russian equivalents that are really terrible, but those are all banned anyway.
Regards,
Tim (EC Software Documentation & User Support)

Private support:
Please do not email or PM me with private support requests -- post to the forum directly.
User avatar
Dean Whitlock
Posts: 577
Joined: Thu Sep 01, 2005 5:59 pm
Location: Thetford Center, Vermont USA
Contact:

Unread post by Dean Whitlock »

Hi Tim,

This is somewhat off topic except that it involves spam.
Lately I've been receiving a huge number of Undeliverable Message emails. I have checked some of these on the web-mail site of my email host, and they appear to be from legitimate addresses. The return addresses, however, are all bogus, using my domain name with randomly generated user IDs (for example, vqldx@mydomain.com). I can't tell if my domain is being used as a bogus source for spammers, or if they are trying to find legitimate addresses at my domain. Any clues? Any way to cut the buggers off at the knees?

FYI, my home email is on an iMac over a dial-up service. I haven't been able to spot any sub-ether traffic when I'm connected, so I don't think it's a virus running from my own system.

Thanks,
Dean
User avatar
Martin Wynne
Posts: 2656
Joined: Mon May 12, 2003 3:21 pm
Location: West of the Severn, UK

Unread post by Martin Wynne »

Dean Whitlock wrote:The return addresses, however, are all bogus, using my domain name with randomly generated user IDs (for example, vqldx@mydomain.com).
Hi Dean,

If it's any reassurance, I've been receiving lots of the same recently. I don't know why the spam filters don't kill them, but the answer is not to have a "catch-all" email address on your domain. Set up only the actual adresses you are using as mailboxes, and let the bogus ones end up in a black hole.

Martin.
User avatar
Van Swofford
Posts: 38
Joined: Thu Feb 05, 2004 5:42 pm
Location: Brentwood, TN

Unread post by Van Swofford »

Martin Wynne wrote:but the answer is not to have a "catch-all" email address on your domain
Hi guys,

I had the same thing happen to me. Got around 20,000 "undeliverable" replies to my catch-all account in one day, from all over the world. The only way I could put an end to it was to delete the catch-all account and set up specific accounts for all the addresses that I use. For all I know, there are still tens of thousands of the darn things coming in every day. :frustration:

Van
"Half of what I say is meaningless..." -- John Lennon
"Your job is to figure out which half" -- Van Swofford
User avatar
Tim Green
Site Admin
Posts: 23154
Joined: Mon Jun 24, 2002 9:11 am
Location: Bruehl, Germany
Contact:

Unread post by Tim Green »

There has been a massive increase in the volume of spam recently. Almost all of it is sent by around six major spammers, most of them in Russia, controlling huge networks of "zombie" computers (computers that have been secretly taken over by Trojans or viruses to send spam). The new spam Trojans are much more effective than the earlier ones -- they keep the volume of spam sent from each machine relatively low so that the users don't notice it.

Even if you don't use interactive virus protection everyone should scan their Windows computers for spyware, adware and viruses at least once a month, if only for the sake of all the other computer users out there. (This doesn't apply to you Dean -- there are no known Trojans for Mac OS yet.)

There's also a big increase in "white noise" spam. These are spam messages that just seem to contain random text, with little or no apparent purpose. If you're wondering what they're for, most of them are designed to make spam filters less effective. All modern spam filters "learn" with every message you classify as spam, and if you throw a lot of these random messages at them their spam recognition rate for real spam goes down. That is what the spammers are trying to achieve.

In my less lucid moments I find myself fondly considering the death penalty for these scumbags... :evil:
Regards,
Tim (EC Software Documentation & User Support)

Private support:
Please do not email or PM me with private support requests -- post to the forum directly.
Vladimir
Posts: 48
Joined: Tue Jan 21, 2003 5:21 pm

Unread post by Vladimir »

The situation is much worse than you anticipate. Those "zombies" are hundreds of poor Russian teens spamming all night long for a couple of hundred dollars per month. They can circumvine any anti-spammerbot protection.
User avatar
Tim Green
Site Admin
Posts: 23154
Joined: Mon Jun 24, 2002 9:11 am
Location: Bruehl, Germany
Contact:

Unread post by Tim Green »

Hi Vladimir,
Vladimir wrote:The situation is much worse than you anticipate. Those "zombies" are hundreds of poor Russian teens spamming all night long for a couple of hundred dollars per month. They can circumvine any anti-spammerbot protection.
I've heard about this. As far as I know, however, all these teens are actually working for the major spammers, either directly or indirectly. I'm not 100% sure about the infrastrcture, however.
Regards,
Tim (EC Software Documentation & User Support)

Private support:
Please do not email or PM me with private support requests -- post to the forum directly.
User avatar
Dean Whitlock
Posts: 577
Joined: Thu Sep 01, 2005 5:59 pm
Location: Thetford Center, Vermont USA
Contact:

Unread post by Dean Whitlock »

The economics of spamming elude me. :? I find it hard to believe that enough people reply to spammers to pay the setup costs and hosting fees. Of course, I felt the same way about junk snail mail, which continues to arrive at my door at even greater costs per message.

I read a suggestion about a year ago that all email servers be set up to delay each message by a few seconds. The author (whose name I forget) argued that this would reduce reception rates, and the resulting reply rates, to the point where spamming would no longer be profitable. The effect on legitimate email would be negligible, because it doesn't depend on volume activity. I wish it were so simple!

Tim, I'm with you on serious punishments (branding comes to mind), but the problem is catching the miserable expletives. Interpol has their hands full with violent criminals. Besides which, the hosting countries might enjoy the fact that Euros and Dollars are flooding into their economies. And how do you track down the originator when the reply-tos are all bogons? It seems like a truly "Mission Impossible" scenario.

Dean
User avatar
Dean Whitlock
Posts: 577
Joined: Thu Sep 01, 2005 5:59 pm
Location: Thetford Center, Vermont USA
Contact:

Unread post by Dean Whitlock »

For the technically oriented, here is a link to a PDF about delaying spam emails:

http://www.ceas.cc/papers-2004/191.pdf

The process described here uses a combination of message delay and resource drain on the sender, a process the author's call TCP Damping. It starts with a spam filter, so the delay/drain are only applied to suspected spam messages. It works best if it is used by lots of email servers. The authors are suggesting it not as a panacea but as one more weapon in the anti-spam arsenal. It seems like a good idea, but getting the word out so it will be widely adopted seems to be a stumbling block.

I expect Microsoft will try to trademark the concept and bring out their own proprietary version with conflicting standards. But they will bundle it with Outlook Server so it will become a de facto standard (read: cross to bear) in the business sector worldwide, much to the delight of spammers.
User avatar
Tim Green
Site Admin
Posts: 23154
Joined: Mon Jun 24, 2002 9:11 am
Location: Bruehl, Germany
Contact:

Unread post by Tim Green »

Dean,

I've seen many studies on this and the success rate they need to make a huge profit is tiny. And since it costs them literally nothing to send tens of millions of mails it's fine for the spammers if only a couple of thousand respond.

There is actually a very simple solution to the spam problem but no legal system anywhere has managed to find the guts to do it: You just need to place the full onus of responsibility on the party whose products are advertised, not on the spammer. If your products are advertised in spam, you are responsible for the spam. End of story.

This wouldn't get everyone, but it would get a lot of them. One of the main groups it wouldn't get is the penny stock spammers, because the respondents don't give them the money directly. What they do is buy very cheap penny stocks and then do a huge spam mailing. One or two days later the stock rises and they sell and collect a massive profit. As far as I can see they frequently manage to do this several times in succession before a penny stock is finally wrung dry.
Regards,
Tim (EC Software Documentation & User Support)

Private support:
Please do not email or PM me with private support requests -- post to the forum directly.
Post Reply