SpamBully

Top of the morning to you! Oops! Top of the afternoon, and evening for
everyone else.

I would like to know YOUR opinions about SpamBully by Axaware?

Thanks!

99% of the spam flitting about the Internet has forged sender email
addresses. Therefore, 99% of the SpamBully "punishment" will be
bullying innocent victims of forgery. Don't do it

I agree 100%. One of my e-mail domains is curently being spoofed in a
spam attack that appears to be originating from two PCs, one in Thailand
and the other in Texas but could well be from another location all
together. I'm currently receiving well in excess of 4,000 bounces and
rejections per hour and this has been going on for some hours now.
Fortunately the vast majority of the bounces and rejections I'm receiving
can be easily filtered on the server since the actual spoofed addresses
used are nearly always non existent accounts.
--
Mike Maltby



N. Miller wrote:

On Mon, 8 Oct 2007 10:17:05 -0500, SGB wrote:

Top of the morning to you! Oops! Top of the afternoon, and evening
for everyone else.

I would like to know YOUR opinions about SpamBully by Axaware?

Found their web site. Their writeup says:

Punish/Bounce/Report/Challenge - Get back at spammers by increasing
their costs, returning their spam, and reporting them to the servers
they came from and the FTC. Email a special password to an
unfamiliar sender that they must correctly type in before their
email is allowed to your Inbox.

99% of the spam flitting about the Internet has forged sender email
addresses. Therefore, 99% of the SpamBully "punishment" will be
bullying innocent victims of forgery. Don't do it.

I you need a Naive Bayesian filter, try one of these:

K9: http://keir.net/k9.html
POPFille: http://popfile.sourceforge.net/

Over 4,000!!! Oh my gawd, Mike. I am so sorry your computer has been
invaded. I know how frustrating and aggravating and... it is. :-(

"Mike M" wrote in message
...
99% of the spam flitting about the Internet has forged sender email
addresses. Therefore, 99% of the SpamBully "punishment" will be
bullying innocent victims of forgery. Don't do it

I agree 100%. One of my e-mail domains is curently being spoofed in a
spam attack that appears to be originating from two PCs, one in Thailand
and the other in Texas but could well be from another location all
together. I'm currently receiving well in excess of 4,000 bounces and
rejections per hour and this has been going on for some hours now.
Fortunately the vast majority of the bounces and rejections I'm receiving
can be easily filtered on the server since the actual spoofed addresses
used are nearly always non existent accounts.
--
Mike Maltby

Fortunately it's not my computer that's been invaded. What I'm seeing is
the result of someone else's PC having been taken over by a bot and
spewing forth unwanted spam using one of my e-mail domains as the spoofed
"From" address. It looks as if it is dying off now as most of what I am
seeing now is delivery delayed messages. Based on previous experience,
this has happened to me before, there will probably be two or three more
spells of activity before the infected machine(s) get cleaned up and the
spamfest stops.

Cheers,
--
Mike M


SGB wrote:

Over 4,000!!! Oh my gawd, Mike. I am so sorry your computer has been
invaded. I know how frustrating and aggravating and... it is. :-(

You have been 'nuked', 'SpamBully' !!!

It ain't me, Mike!
Heirloom, old and Texas is a big place

"Mike M" wrote in message
...
99% of the spam flitting about the Internet has forged sender email
addresses. Therefore, 99% of the SpamBully "punishment" will be
bullying innocent victims of forgery. Don't do it

I agree 100%. One of my e-mail domains is curently being spoofed in a
spam attack that appears to be originating from two PCs, one in Thailand
and the other in Texas but could well be from another location all
together. I'm currently receiving well in excess of 4,000 bounces and
rejections per hour and this has been going on for some hours now.
Fortunately the vast majority of the bounces and rejections I'm receiving
can be easily filtered on the server since the actual spoofed addresses
used are nearly always non existent accounts.
--
Mike Maltby



N. Miller wrote:

On Mon, 8 Oct 2007 10:17:05 -0500, SGB wrote:

Top of the morning to you! Oops! Top of the afternoon, and evening
for everyone else.

I would like to know YOUR opinions about SpamBully by Axaware?

Found their web site. Their writeup says:

Punish/Bounce/Report/Challenge - Get back at spammers by increasing
their costs, returning their spam, and reporting them to the servers
they came from and the FTC. Email a special password to an
unfamiliar sender that they must correctly type in before their
email is allowed to your Inbox.

99% of the spam flitting about the Internet has forged sender email
addresses. Therefore, 99% of the SpamBully "punishment" will be
bullying innocent victims of forgery. Don't do it.

I you need a Naive Bayesian filter, try one of these:

K9: http://keir.net/k9.html
POPFille: http://popfile.sourceforge.net/

ROFL!!!!!!!!!!!!!!!

The thought had never even crossed my mind but now that you've mentioned
it I'm going to check any further headers very very carefully and if I
find r74-192-242-63.tyrdcmta02.tylrtx.tl.dh.suddenlink.net you're in real
trouble. I'll have to dig out some very special chilli for you. :-)))))
--
Mike M


Heirloom wrote:

It ain't me, Mike!
Heirloom, old and Texas is a big place

N. Miller wrote:

I wasn't even getting that many in a day when my 'yahoo.com' account
was forged as sender a while back. I saved four MailWasher bounces as
ammunition in debates about phony bounces. They impersonate their
ISP's Mailer-DAEMON, which is usually a TOS violation.

At least they have virtually stopped now. I started up this morning to
find just the one "unable to deliver" message so hopefully the machine(s)
involved is now clean or the bot has decided to use someone else's e-mail
domain. I don't use MailWasher, perhaps I should, but instead am using
MagicMail which while not being necessarily as configurable as MailWasher
normally is enough to suit my needs.
--
Mike Maltby

the bouncer, not
the forgery victim, would be the target of the provider's wrath

Oh how I agree. Sadly most that are bouncing seem to have little control
of their systems and even less knowledge about how to detect spoofing and
the like.

Sorry to read that your domain is also suffering. Mine seems to be OK for
the moment but have suffered three, no four, major bounce/undeliverable
"attacks" in the last couple of months due to false addresses in my domain
having been used as the spoof "From" address. The worst went on for
almost five days.

It's for this reason that I don't use MailWasher and won't be using
SpamBully.
--
Mike Maltby



N. Miller wrote:

On Tue, 9 Oct 2007 12:20:47 +0100, Mike M wrote:

N. Miller wrote:

I wasn't even getting that many in a day when my 'yahoo.com' account
was forged as sender a while back. I saved four MailWasher bounces
as ammunition in debates about phony bounces. They impersonate their
ISP's Mailer-DAEMON, which is usually a TOS violation.

At least they have virtually stopped now. I started up this morning
to
find just the one "unable to deliver" message so hopefully the
machine(s)
involved is now clean or the bot has decided to use someone else's
e-mail
domain. I don't use MailWasher, perhaps I should, but instead am
using
MagicMail which while not being necessarily as configurable as
MailWasher
normally is enough to suit my needs.

I just went looking in my MTA log for evidence for a discussion at
DSLReports on spam zombies. Good grief! My log is fast filling with
rejected bounces! The sources of the bounces are, mostly mail hosts;
apparently trying to bounce email to non-existent users in my domain.
It looks like my domain is under a forgery attack by some spammer.
Hundreds of entries, in just a few hours, like this:

T 20071009 110156 470b5d38 Connection from 87.106.82.85
T 20071009 111033 470b5d38 HELO leladax.de
T 20071009 111033 470b5d38 MAIL FROM:
T 20071009 111042 470b5d38 RCPT
E 20071009 111042 470b5d38 RCPT from 87.106.82.85 - user
not known. T 20071009 111042
470b5d38 QUIT
T 20071009 111042 470b5d38 Connection closed with 87.106.82.85, 526
sec. elapsed.

I may attempt to count the number of these made-up email addresses.

For the OP, SpamBully wouldn't work on these. Whichever mailhost
tried to send the "punishing bounce" would be stuck with the
SpamBully bounce; my MTA is rejecting them. The abuse is directed at
my mail server from the Internet. The email provider whose customer
tried to send the SpamBully bounce is only contributing to the abuse.

Please be aware that I have no way to tell whether any of the rejected
bounces I am logging are MailWasher, or SpamBully, or some other kind
of phony bounce. But, if the provider whose mail server is stuck with
an undeliverable SpamBully bounce should get ****y, the bouncer, not
the forgery victim, would be the target of the provider's wrath.

THIS IS MY OPINION.

SPAM is not going to stop.

Why bother to bounce the emails? Just delete them.
Besides, there is no reason to cause a traffic jam on the internet highway
trying to bounce them back, especially with so many accidents happening. You
are comprising too much with bounce backs.

I do not bounce emails as a rule of thumb.

It is a waste of life. it is way too stressful, aggravating and frustrating
trying to control what one has no power over.

I have used MailWasher Pro for over four years. The software program has not
caused me any problems. The way I have it configured has been an asset to my
sanity. I like it very much with a few exceptions.

The reason I asked about SpamBully was that it seemed more comprehensive
with the additional features as did Spam Eater by Spam Blocker Software. I
will be staying with the tried and true.

Peace!

"Mike M" wrote in message
...
the bouncer, not
the forgery victim, would be the target of the provider's wrath

Oh how I agree. Sadly most that are bouncing seem to have little control
of their systems and even less knowledge about how to detect spoofing and
the like.

Sorry to read that your domain is also suffering. Mine seems to be OK for
the moment but have suffered three, no four, major bounce/undeliverable
"attacks" in the last couple of months due to false addresses in my domain
having been used as the spoof "From" address. The worst went on for
almost five days.

It's for this reason that I don't use MailWasher and won't be using
SpamBully.
--
Mike Maltby