From: Amara Graps (amara@amara.com)
Date: Wed Apr 10 2002 - 15:06:20 MDT
a few more thoughts, re: spammers.
It's educational (and entertaining) to read the sb-* filter files,
unpacked in the tar file: about 35 filter files for different kinds
of spam, through which each incoming mail passes. You learn alot
about spammers: their techniques, names, and their spamming history.
For example, from the spambouncer "sb-rogue.rc" filter file:
# DM1.com
#
# Updated and domains verified 6/10/00
# Last reported spam: 6/04/00
# Other Relevant Info:
# Old time spamhaus, has gotten more discreet in its old age, but
# is definitely opt-out and not opt-in. :/ Hosted by clever.net,
# also old-time spammers. (Sagenetworks is owned by the same people
# who own clever.net.) These are the kind of idiots that lead
# one to believe certain crooks can't be reformed. (There is also
# a report of at least one late-night, threatening phone call to
# someone who reported these slimeballs.) :(
# Status: Active Spammers
The Hitman (Dan Hufnal)
#
# Updated and domains verified 10/20/00
# Last reported spam: 10/04/00
# Other Relevant Info:
# Disconnected 12/29/97 by ACSI :)
# Reconnected 1/15/98 by SOS Internet Services (sosis.com)
# www.thehitman.com live at home.net
# www.onlinebiz.net live at home.net :(
# 7/31/99 -- thedeaa.com live at cetlink.com. I haven't heard of any direct
# spam from Hufnal for some time, but I suspect he's just learned to use
# throwaway accounts and relays effectively.
# Status: Active Spammer
# Jones, Dana (Golfballsunlimitedusa.com/we-deliver.net)
#
# Updated and domains verified 6/10/00
# Last reported spam: 12/24/99
# Other Relevant Info:
# Disconnected 1/26/98 by ACSI! :)
# Reconnected at some point prior to 4/15/98 by Digex. :(
# Reconnected at some point prior to 10/14/98 by AGIS. :(
# Actively spamming through throwaway accounts :(
# Is forging David Taylor's t-1net.com domain onto spams.
# Is forging MAILER-DAEMON addresses onto spams.
# This is a =REAL= jerk.
# 2/25/99 -- back in action through infohwy.com :(
# 6/10/00 -- appears to exist, but no record of spamming for the
# last 6 months or so. We'll see if he's gone....
# Status: Unknown
# Krazy Kevin (Tempting Tearouts)
#
# Updated and domains verified 2/18/00
# Last reported spam: 2/08/00
# Other Relevant Info:
# 2/18/00:
# Notorious spammer and scammer of phony newspaper/magazine
# deals, already been in trouble with New York area DA
# once. Incorrigible.
# 6/10/00:
# Hasn't been heard of since February. Fingers crossed...
# Status: Active Spammer
# Melle Brothers (formerly Connectup/NOIC/TSF/Fannin Industries)
#
# Updated and domains verified 6/10/00
# Last reported spam: 5/09/00
# Other Relevant Info:
# (These are the loosers who threatened to post several million AOL
# addresses to the Internet early in 1998 if AOL didn't quit
# blocking their mail. They forge spam, mailbomb people, and
# sue ISPs who try to stop them -- among the most abusive spammers
# out there now.)
# 2/25/99 -- forging Ron Guilmette's e-scrub.com domain. Jerks.
# 6/10/00 -- has turned to relay-rapes and other fly-by-night tactics,
# but still spamming.
# Status: Active Spammer
# Premier Services (Rodona Garst and company)
#
# Updated and domains verified 8/03/01
# Last reported spam: 7/26/01
# Other Relevant Info:
# Very prolific sleazeball spammer foolish enough to have a domain
# and address we can complain about and to. :)
# Status: Active Spammer
-- ******************************************************************** Amara Graps, PhD email: amara@amara.com Computational Physics vita: ftp://ftp.amara.com/pub/resume.txt Multiplex Answers URL: http://www.amara.com/ ******************************************************************** "Take time to consider. The smallest point may be the most essential." Sherlock Holmes (The Adventure of the Red Circle)
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:13:23 MST