|
|
| Author |
Message |
bdh3
|
|
'Net' identity.
| 
May 9 07:28 UTC 2002 |
Do you use your real name and email ID on the Internet?
|
| 105 responses total. |
bdh3
|
|
response 1 of 105:
|
May 9 07:46 UTC 2002 |
I currently use a pseduonym online on the Internet.
In my browser I have specified that ID/Name as it cuts down
on 'spam' as sites I visit occasionally 'scarf' that information
to sell to spammers. (When will backtalk support unicode?)
This tends to direct all viagra/natural-viagra and debt-consolidation
email to an account that doesn't fill up my work email.
(Is it just me or do spammers think that folk are financial
deadbeats that can't get it up?)
No, its not porn sites (I prefer TV video quality/frame rate
thankyou) but seemingly 'safe' sites such as local town
newspapers that 'scarf'. We had a discussion about this at
work and all the 'bit-heads' said they used 'pseudos' on the
Internet but claimed that most people they know actually use
real names online. What do you do in general (not just
on Grex)?
|
mdw
|
|
response 2 of 105:
|
May 9 10:00 UTC 2002 |
Spammers are going after stupid people. Apparently, stupid people get
into financial trouble more easily, and are willing to pay sleazoids for
sexual stimulation. Can you argue with the spammer's logic?
I use my real name on the internet, but my browser doesn't normally
advertise this. I think the viagra/debt-consolidation spam addressed to
me comes as a result of my being listed in umich.edu's ldap directory
and having participated in several mailing lists that are probably
publically archived somewhere. There's not much I can do about ldap;
the people who run it got interested in fixing spam too late.
|
mary
|
|
response 3 of 105:
|
May 9 13:18 UTC 2002 |
Desperation breeds this stuff. Impotency and high debt are both pretty
personal and frustrating problems. The problem isn't getting people
interested in what you offer it's simply finding the hidden clients.
Hence spam.
|
brighn
|
|
response 4 of 105:
|
May 9 13:39 UTC 2002 |
SInce I subscribed to my online debt consolidation service, I now pay $300
less per month to my creditors. Of course, I have that obligatory $350
"donation" to the debt consolidtation service every month, but no plan is
perfect. =}
I use my real name online. I have a delete button for spam.
|
gull
|
|
response 5 of 105:
|
May 9 14:46 UTC 2002 |
I noticed a big increase in spam right after I registered a domain name.
Unfortunately this is a situation where you pretty much have to use a real
name and email address, and spammers know this and troll the WHOIS database
on a regular basis. There was some talk of closing it to the general public
a while back but it didn't go anywhere.
|
slynne
|
|
response 6 of 105:
|
May 9 17:29 UTC 2002 |
I use my real name. I just delete the spam and it is no big deal. I
have been thinking about maybe using two different email addresses so I
can have my personal email go to a different box than my spam email and
all the email from the mailing lists I subscribe to but even that seems
more bother than just deleting the mass emails.
|
jep
|
|
response 7 of 105:
|
May 9 18:25 UTC 2002 |
I use my real name, and always have. I don't get that much spam. It
doesn't bother me much.
|
gull
|
|
response 8 of 105:
|
May 9 20:01 UTC 2002 |
The worst account I have for spam is my ameritech.net one. Most
accounts I've had took a while to start getting spam after they were
created, but that one had spam messages in it the first time I
connected. I suspect Ameritech sells their user list.
|
michaela
|
|
response 9 of 105:
|
May 9 20:16 UTC 2002 |
I use my real name on Yahoo since that's where I receive work-related email.
I use pseudos in some Grex cfs and only my first name in my AOL profile.
|
ric
|
|
response 10 of 105:
|
May 9 22:02 UTC 2002 |
I generally use my real name and email address.
|
keesan
|
|
response 11 of 105:
|
May 10 03:11 UTC 2002 |
Earthlink (aka onemain) account received spam on the day that I changed me
email address to avoid spam from the old account. I think the larger ISPs
are targeted at random - they find some login and try it with all the likely
@'s. I have received keesan@XXXXX (about 20 wrong guesses and they missed
my brother at a little-known provider with unix mail). usol is spam free so
far, for months now.
|
gelinas
|
|
response 12 of 105:
|
May 10 04:47 UTC 2002 |
Marcus, I disagree: the Directory folks have been worried about mass-mailing
since Day One. Most of the spam I get goes to addresses that have been used
for Usenet News.
|
mdw
|
|
response 13 of 105:
|
May 10 07:54 UTC 2002 |
Well, I know you are one of the directory services folks, Joe, and I'm
sure you folks do worry some about spam and other sorts of mass mail,
but from a close but external standpoint, I can say you guys worry more
about basic functionality and ferpa than you do about spam. I also knew
the "day 1" directory services folks, as you did, whom have since run
away to netscape. I agree, those folks were perhaps even more worried
about various forms of mass mail than people today. I also know that
your directory services boss, who was not then in charge of what was
then called X.500, but was in charge of the campus-wide redirection
machines (both then and now), had no effective anti-spam defenses "day
one", and that the current anti-spam rules on those machines are very
limited compared to, say, grex.
UM's relatively lax efforts are is not necessarily unreasonable; I'm
sure grex's relatively draconian rules would draw quite a bit of ire if
they were deployed globally at UM. Even grex's rules pale in some ways
compared to, say Ford.com, where apparently they like to do things like
block *all* incoming e-mail with attachments. At UM, I think 90%+ of
the e-mail complaints are about spam. On grex, I'd say we average about
50% complaints about spam (yes, other, I know) and blocking legitimate
mail. At ford, I think it may be 90% "lost mail". Different
organizations, different priorities. And yes, I need to sharpen
sendmail's fangs.
|
keesan
|
|
response 14 of 105:
|
May 10 12:19 UTC 2002 |
How does grex attempt to block spam?
|
gull
|
|
response 15 of 105:
|
May 10 14:02 UTC 2002 |
At the place I work for, we block all mail with executable attachments. (A
very long list that includes BAT, EXE, SCR, CMD, COM, VBS, and many other
beasties.) We also have a few anti-spam rules, such as blocking mail with
hotmail.com return addresses that lacks Hotmail's unique header lines. And
we have a few blocking rules that target specific email virii. If we
blocked all attachments business would come to a halt, though.
|
jmsaul
|
|
response 16 of 105:
|
May 10 16:44 UTC 2002 |
UM could never get away with the kind of rules Grex uses. It's a fact of life
at an educational institution.
|
other
|
|
response 17 of 105:
|
May 10 16:51 UTC 2002 |
Moi? Marcus, I don't mean to pester you, honest. :)
I really do appreciate the work you do. Every single one of the dozens
of emails I have sent to uce@cyberspace.org over the last several weeks
has been completely unique, despite the identical subject and attached
file headers, I assure you. ;)
|
keesan
|
|
response 18 of 105:
|
May 11 02:52 UTC 2002 |
I sometimes get mail that I want with .exe or .zip files attached.
|
gelinas
|
|
response 19 of 105:
|
May 11 03:36 UTC 2002 |
OK, I can agree that spam filtering is not a (high) priority. I was mostly
objecting to your statement that being listed in the Directory was cause for
spam.
The Online Directory is a good source for *internal* spam, but it doesn't
seem to attract much *external* spam. (Exception: groups that get included
in an 'everyone in the world' address list tend to come to the attention of
folks outside the U, and then all bets are off.)
|
mdw
|
|
response 20 of 105:
|
May 11 05:34 UTC 2002 |
I regularly see spam sent to several X.500 groups I'm a member of,
including ones that are not widely advertised. I'm pretty sure there
have been spammers that have harvested "X.500" groups from UM, either
via ldap, or via the web. If you are really curious, I can find and
print examples of such spam.
Grex blocks spam based on a bunch of rules that look for various things.
Some of the simpler rules look for irregularities in RFC 821 protocol
handling (how the mail is shipped). Another rule looks for sites that
we "block", which are listed in /var/adm/badsys . This is great for
known spammer sites, but does no good for most spammers who find and use
new relays each time. Most rules read through the mail and look for
various patterns specific to various spammers or spam software. Most of
these rules only look for irregularities in RFC 822 header lines. A few
rules actually read through the body of the message to look for specific
things. Nearly all of these rules result in bounce messages with bible
quotes in them. That is because we'd rather not teach the spammers how
to get around our anti-spam rules, but we hope the messages will be
memorable enough that legitimate users will tell us. (Even so, an
amazing number of users tell us "it didn't get through" and expect us to
use ESP to figure out the details.) Also, because of spammers, I don't
want to get too specific about details.
I suppose the content filtering needs explanation, and this is probably
safe to describe now, so: the most complicated content filtering we do
is to look for the S.1618 paragraph that used to show up in a lot of
spam. This was never official US law, but spammers wanted you to think
it was, so at one point this showed up in about 50% of spam. I got
annoyed with this, so I eventually sat down with about 20 variations on
the paragraph and wrote something that would match variations on them,
without rejecting other real mail. The variations did make it harder to
write the code (I'm sure that was intentional), but it was *so*
satisfying to watch it in action afterwards. I still very occasionally
see this, but generally only in spam that's been chewed up enough by
html or mime to not match. It's not very common today anyways, so I'm
sure the spammers have mostly caught on.
|
keesan
|
|
response 21 of 105:
|
May 11 12:51 UTC 2002 |
Would anyone on grex object to filtering out email with Viagra in the subject
line? Or the names of Nigerian politicians anywhere in the text?
|
cmcgee
|
|
response 22 of 105:
|
May 11 13:01 UTC 2002 |
Yes, I object to that.
|
jmsaul
|
|
response 23 of 105:
|
May 11 15:10 UTC 2002 |
Me too.
Learn to use procmail, instead of censoring the rest of us.
|
keesan
|
|
response 24 of 105:
|
May 11 17:00 UTC 2002 |
I was not censoring the rest of you, I was asking a question. Would you stop
jumping on me? Would you like it if I attacked everything you posted? Does
it make you feel important to call other people stupid?
|