From: Digest To: "OS/2GenAu Digest" Date: Sun, 31 Dec 2006 00:01:00 EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600 Subject: [os2genau_digest] No. 1408 Reply-To: X-List-Unsubscribe: www.os2site.com/list/ ************************************************** Saturday 30 December 2006 Number 1408 ************************************************** Subjects for today 1 Re: Mystified : Ian Manners" 2 Re: Mystified : Voytek Eymont" 3 Re: Mystified : Ian Manners" 4 Re: Mystified : Voytek Eymont" 5 Re: Mystified : Ian Manners" 6 Re: Mystified : Voytek Eymont" 7 Re: Mystified : Alan Duval 8 Re: Problem with eCS3 beta : Glenn Montgomery **= Email 1 ==========================** Date: Sat, 30 Dec 2006 01:54:41 +1100 (EDT) From: "Ian Manners" Subject: Re: Mystified Hi Alan >My ISP does a good job in stopping spam. It lets me know which Emails it >has stopped and lately they all have long names and no recognizable >ISP's. As I don't know much about ISP's could someone tell me how these >spammers can send an Email without using a recognized ISP? Also, as they >obviously change their Email address all the time how on earth do they >ever get any replies? It mystifies me. >It would seem to me that spam could be stopped if one could nominate the >only sites that one would accept Email from. Maybe this is possible and >I am unaware of it. Most spammers will falsify there sending domain, ie, dont think of it as an ISP but as a domain. Example, I have quite a lot of domains, one of which is comkal dot com but comkal dot com doesnt send email out at all, though I know a spammer used that domain for one of there spam runs, ie, its easy to falsify the From: part in an emails header. As to the actual sending out of email, you dont actually need an ISP, you only need some software to send the email out. This is why spammers love Windows (and some Linux) computers, they find a weakness in a users windows PC, gain entry via a back door or virus, and install there own little SMTP engine that they can then hook up to a controller for sending out spam emails. The Windows computer doesnt need to be an ISP's email server. Some spammers will also use misconfigured email servers which allow relaying, and this can also happen to OS/2 users who have there own email servers, if they do not correctly setup their server :-( We would need to go back to the early days of the ARPA or Internet to start to explain why anyone can send email, and why a lot of email servers will accept email from anywere. That last bit is slowly changing now due simply to the spam problem. Some people like myself (I'm not an ISP, though I do host some websites/email/etc for myself, and for my accountant, and a rather outrageous friend of my wifes) host our own email server(s) but we set them up per the internet RFC's, RFC, also called Request For Comment, are a collection of what we would term 'Best Practice' methods of talking to everyone else, and so that we all understand our interconnected network that we call the internet, and how to be civalised in the protocols required to talk to each other. I have setup my mail server on a static IP, with what is called a reverse lookup, ie, do a host command on os2site dot com as follows [D:\]host os2site dot com os2site dot com has address 203.29.18.140 os2site dot com mail is handled (pri=100) by warp.os2site dot com os2site dot com mail is handled (pri=200) by ns1 dot comkal dot net [D:\]host 203.29.18.140 20.1.168.192.IN-ADDR.ARPA domain name pointer warp.os2site dot com That last bit is called the 'reverse lookup' You can also setup a legitemate email server on a Dynamic IP address using a Dynamic Domain Name Service, though this is probably not a good idea if you have a business that relies on email. There are also people such as myself that use RBL's (Realtime Black Lists) in such a way as not to accept email from any IP address, or range of IP address's, that are allocated as being dynamic, or IP address's that are known spammer havens. I have what is called an MX record for my mail server, though according to the RFC's you do not actually need one, most ISP's and other people that run mail servers are now refusing to accept email from a computer/server unless it does have an MX records, and some also require a special TXT record. These records are DNS records. email, its protocols, and its mechanism for working really need a lot more time and space to explain, and I've never been good at compressing a lot of information into a small summary but I hope you get the basic's, If I've undersood your question correctly. As to actual ISP's, almost anyone can be an ISP, it simply stands for Internet Service Provider, in the way that term is taken in a general sense here in Australia, I use to provide dialup access to friends and others but with the advent of ADSL, I got out of that. You could literaly say that even someone that hosts a website for someone else is an ISP, as they are providing an "Internet Service" :-) If you want more info, you could do a google search on something like "How does email work" Cheers Ian Manners Tech Fossil (Often called a Dinosaur) - ancient animal that gets things done http://www.os2site dot com/ The Microsoft Macarena: spin, spin, spin. ---------------------------------------------------------------------------------- **= Email 2 ==========================** Date: Sat, 30 Dec 2006 08:11:50 +1100 (EST) From: "Voytek Eymont" Subject: Re: Mystified >> Also, as >> they obviously change their Email address all the time how on earth do >> they ever get any replies? It mystifies me. they do not want replies they want ppl to go to promoted web site, buy promoted product, etc, etc not reply -- Voytek ---------------------------------------------------------------------------------- **= Email 3 ==========================** Date: Sat, 30 Dec 2006 11:38:37 +1100 (EDT) From: "Ian Manners" Subject: Re: Mystified >they do not want replies >they want ppl to go to promoted web site, buy promoted product, etc, etc >not reply I forgot to add the bit about return email address's :-) Thanks Voytek >>> they obviously change their Email address all the time how on earth do >>> they ever get any replies? It mystifies me. And to elaborate, sometimes a spammer will use the email address's of real people, ie, the Return and From fields are populated by email address's from the same database the spammer gets to To: from, leading to an aweful lot of error messages/bounces's, and newby reply's to some poor sods email address. (I've had this happen to me :-( ), Spammers will sometimes also do a complete spam run using the Return email address of someone they dislike, ie, some one from SPEW's, SORB's, etc. You might also think they will use a real email address in the From: and Return fields if they wish to validate email address's but thats a thing of the past now. With so many broadband connections spammers nolonger seem to care if there database includes non functional email address's. Chances are someone else will eventually use that email address, and its also quite normal for a spammers database program to split put all everything on the left hand side of the at (username), and the righthand side of the at , (domain) and then apply all the username bits to all the domain bits on the premise that if someone uses a username for one domain, then other's may also use it for a different domain. ie, I've used sonicprince at hotmail for years as a test email account, I created that at comkal dot com dot au, ecssite dot com, and at primus dot com dot au and instantly all were flooded by spam. Spammers dont care how much bandwidth they steal from other people, its there nature, they only care about maximising the number of people that receive the spam email, with the knowledge that in the percentage game some people will go to the website and buy the product. ie, if only 10 people out of 100 million emails sent, buy the product, they have turned a profit (might be small) as sending the spam costs them nothing ! Cheers Ian Manners Tech Fossil (Often called a Dinosaur) - ancient animal that gets things done http://www.os2site dot com/ The trouble with being punctual is that nobody's there to appreciate it. -- Franklin P. Jones ---------------------------------------------------------------------------------- **= Email 4 ==========================** Date: Sat, 30 Dec 2006 12:38:15 +1100 (EST) From: "Voytek Eymont" Subject: Re: Mystified > Spammers dont care how much bandwidth they steal from other people, its > there nature, they only care about maximising the number of people that > receive the spam email, with the knowledge that in the percentage game > some people will go to the website and buy the product. ie, if only 10 > people out of 100 million emails sent, buy the product, they have turned a > profit (might be small) as sending the spam costs them nothing ! few month ago, there was a story in the news about some guy in US that got busted, I don't recall correct details, but, he had like 10 T1s or T3s (enough to provide b/w to several office buildings, his monthly ISP bill was like USD30,000, and, he was making millions if not squilions when he got busted, he claimed to be broke, but feds looked up his pre-nuptials where he declared something like USD10m worth it was claimed he was 2nd or 5th largest spammer -- Voytek ---------------------------------------------------------------------------------- **= Email 5 ==========================** Date: Sat, 30 Dec 2006 13:35:05 +1100 (EDT) From: "Ian Manners" Subject: Re: Mystified Hi Voytek >few month ago, there was a story in the news about some guy in US that got >busted, >I don't recall correct details, but, he had like 10 T1s or T3s (enough to >provide b/w to several office buildings, his monthly ISP bill was like >USD30,000, and, he was making millions if not squilions > >when he got busted, he claimed to be broke, but feds looked up his >pre-nuptials where he declared something like USD10m worth Yep, shows the mentality/stupitidy of a spammer..... Wonder what he was doing with all that local bandwidth ? Direct spamming ? Bragging rights ? 99% of spammers use someone elses bandwidth, so they only need their regular internet access to gain access to open proxies/infected PC's and Botnets. Some of the big spammers were/are using a simple cable connection, guess they could call it a "Business Expense" :-) >it was claimed he was 2nd or 5th largest spammer Probably right, the list changes weekly, though beneath the identities they are probably the same people. Cheers Ian Manners Tech Fossil (Often called a Dinosaur) - ancient animal that gets things done http://www.os2site dot com/ Message on a leaflet: IF YOU CANNOT READ, THIS LEAFLET WILL TELL YOU HOW TO GET LESSONS ---------------------------------------------------------------------------------- **= Email 6 ==========================** Date: Sat, 30 Dec 2006 13:43:12 +1100 (EST) From: "Voytek Eymont" Subject: Re: Mystified >> few month ago, there was a story in the news about some guy in US that >> got busted, I don't recall correct details, but, he had like 10 T1s or >> T3s (enough to >> provide b/w to several office buildings, his monthly ISP bill was like >> USD30,000, and, he was making millions if not squilions >> >> >> when he got busted, he claimed to be broke, but feds looked up his >> pre-nuptials where he declared something like USD10m worth > > Yep, shows the mentality/stupitidy of a spammer..... > Wonder what he was doing with all that local bandwidth ? > Direct spamming ? > Bragging rights ? that guy was big time business, he was flat out spamming across the his entire bandwidth > 99% of spammers use someone elses bandwidth, so they only need > their regular internet access to gain access to open proxies/infected PC's > and Botnets. Some of the big spammers were/are using a simple cable > connection, guess they could call it a "Business Expense" :-) -- Voytek ---------------------------------------------------------------------------------- **= Email 7 ==========================** Date: Sat, 30 Dec 2006 03:49:29 +1100 From: Alan Duval Subject: Re: Mystified Hi Ian & Voytek, Thanks for the explanations. I'm now a lot wiser. Regards, Alan Duval ---------------------------------------------------------------------------------- **= Email 8 ==========================** Date: Sat, 30 Dec 2006 18:26:28 +0000 From: Glenn Montgomery Subject: Re: Problem with eCS3 beta Hello all, Thanks for your replies. It appears that one of my hard disks died coincidentally at the time I was doing the install. I removed it and the machine could boot. So -- amazing. Thanks again for your help Glenn Montgomery ----------------------------------------------------------------------------------