How do I know you're spamming?

There are a number of reasons I know that mail coming into my mailbox is spam.

  1. I get 15 copies. There are a lot of spammers out there who buy and scrape addresses and don’t do even the simplest of de-duping. Send multiple copies to a single address, you’re probably spamming.
  2. I get mail to a non-tagged address. I use tags for every signup, and have done since mid-1999 or so. If I get commercial email to a non-tagged address, I know it’s spam.
  3. I get to a tagged address from someone it wasn’t given to. As above, the tags remind me who was given my email address. If mail comes into a tagged address and it wasn’t given to the sender, then I know the mail is spam.
  4. I get mail to a poorly harvested address. Another subset of the tagged addresses, there are a couple badly written web harvesters out there which add random characters onto the end of my tags. So I get mail to -infon@ and -infonn@ and -infonnn@ addresses, and I know the sender is spamming.
  5. Someone attempts to send mail to an address that never existed at my domain. Even better, I don’t have to receive the mail for this one. If you attempt to send mail to a non-existent user here, I know without even looking that the mail was not asked for.

Am I wrong?

Related Posts

Uptick in botnet spam

There’s been a heavy uptick in botnet spam over the last few days, judging by things I’m hearing and my own mailboxes. There are a few common subject lines, but all of them are trying to get recipients to either run programs or visit malicious web pages.
The first subject line I’m seeing a lot of is “<name> wants to be friends with you on facebook!” In my mailbox most of those names have not been common European names. The give away that this isn’t actually a Facebook invite is the Reply-To address pointing to Linkedin. The URLs in the message appear to be random strings of numbers, and may actually encode recipient information in them.
The second has a subject that that is a variation on “End of July Statement.” The spammers are mixing capitals, adding in “Re:” and “FWD:” and sometimes increasing the urgency by adding required or STAT!! to the mail. These mails contain a .zip file which probably contains some virus which will turn the recipient machine into the next spam spewing bot.
The third variation has the subject line “Uniform Traffic Ticket.” The content is a citation that tells the recipient they were speeding somewhere in New York (possibly other states, I have only done a spot check of the couple hundred copies I have). There is, however, a .zip attachment with a virus.
Most people probably aren’t seeing these. SpamAssassin is doing a reasonably good job here of catching the spam and filtering it. I’m sure that the bigger ISPs are also filtering it effectively. But one person did forward a copy of the spam to a mailing list and ask if anyone knew what was going on.
If you get any of these messages, you don’t need to ask. It’s virus spam. Don’t open it and don’t forward it.

Read More

Not lazy, just annoyed

I don’t usually send in spam reports, but I submitted a couple in the last few weeks. Somehow an address of mine is on a bunch of rave / club lists in London. You want to know what is happening at London clubs this week? It’s all there in my spam folder.
This mail finally hit my annoyance threshold, so I’ve been submitting reports and complaints to the senders the last few weeks. The mail, with full headers, goes with an explanation that the address that received it was harvested off a website more than 5 years ago and never opted in to receive any mail.
One of the ISPs I sent the report to has a web form where the complainant and the customer can see the report and both can comment on it. The customer replied to my complaint on it.

Read More

Defeating spamfilters through obsession

[The harasser] was hitting me on email and twitter for more than [2100 messages], and the thing was, those all got past the filters I’ve got in place. So one obsessed crazy man with minimal technical skill and nothing but persistence outperforms all the spambots out there, at least on the scale of individuals, if not in breadth of attack.
PZ Meyers

Read More