Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

British anti-spam legislation 1

Status
Not open for further replies.
GwydionM

GwydionM

Programmer
Oct 4, 2002
742
GB
Interesting things are happening over here. [2thumbsup]
"From the end of this year, it will be an offence for a British firm to send unsolicited junk mail to personal email accounts - but business addresses will remain unprotected" - see and for details.

There is valid concern that businesses are not protected. But when was your small business last offered a penis enlargement?[noevil]

Companies get harassed by people offering them things that they might occasionally want. Also someone [profile] gets paid for sifting them and passing them on to a manager who might be able to say yes or no.

If advertisers have to check who they are writing to, filter out the business from the personal, that will stop the worst abuse.
 
Sort by date Sort by votes
manarth:
Then all I have to do is play DNS games and I can still send spam. And in the meantime, we're generating more traffic.

In any regard, reverse-DNS is very very slow and network-intensive.

This also means that I can no longer use my personally-leased domain name through my ISP. The IP address will be of my ISP, which will not match my domain name. Think of how many companies using business DSL will be in the same boat.


Want the best answers? Ask the best questions: TANSTAAFL!!
 
Upvote 0 Downvote
Aye Stevehewitt that's what I meant, I'm not the clearest of people unfortunately.

There must be a solution in there somewhere, I've always believed that there is an answer to everything.

Exactly how network intensive is R-DNS?
 
Upvote 0 Downvote
As much as I am no genius on SMTP I am sure there could be RFC for this sort of thing. If I send a mail to someone who doesn't have a valid address I get a mail back from the server. Well instead (or as well) of this would it not be possible for the same to happen but just in handshake terms? E.G. mail comes into server, server send a handshake requesting authentication of address.

There is a real problem with this being that a spammer just has to spoof a real address, but this with many of the solutions listed would really cut it down.

sleipnir214
As much as I appreciate constructive critisim, would it not be more productive to suggest new ideas instead of pointing out the faults of the ones mentioned? If you have a better solution please post it.
 
Upvote 0 Downvote
Grenage:
Real DNS lookups using forward and reverse DNS, assuming DNS caches are cleared.

Forward DNS, getting IP address of mail1.microsoft.com:
Using known address, ask h.gtld-servers.net for NS record for mail1.microsoft.com. Reply of a number of server names and IP addresses.

Send "A" query of mail1.microsoft.com at one of the provided IP addresses of a Microsoft name server. Get address.


Reverse DNS, getting name of IP address 131.107.3.125:
Send "PTR" query for 125.3.107.131.in-addr.arpa to h.name-servers.net using known IP address. Get reply of a number of DNS servers in the ARIN.net domain without IP addresses. Pick server name "dill.arin.net".

Send "NS" query for "arin.net" to h.gtld-servers.net. Get nameserver and IP address return.

Using provided nameserver IP address, send "A" query for "dill.arin.net" to nameserver. Get back IP address.

Using IP address of dill.arin.net, send "PTR" query for "125.3.107.131.in-addr.arpa" to server. Get back reply of "DNS1.CP.MSFT.net".

Send "A" query for "DNS1.CP.MSFT.net" to h.gtld-servers.net. Get back IP address.

Send "PTR" query for "125.3.107.131.in-addr.arpa" to IP address from previous step. Get reply of "mail1.microsoft.com".


Where a forward DNS lookup took 2 queries, a reverse DNS lookup to 6.

We get the two converse parts of a single question ("Are mail1.microsoft.com and 131.107.3.125 the same thing?") for one of Microsoft's mail servers beause they have their own point of presence on the internet. If I were to perform the reverse DNS for the IP address of a legitimate, non-spamming bellsouth.net commercial DSL customer, chances are that the reverse DNS would not match the name provided by the customer's server. I'd get a reverse DNS report of something like "dsl-34.atlanta.foo.bellsouth.net", and it could take more DNS queries to get that answer.



Stevehewitt:
I'm not the one saying that legislation is unnecessary because there are techological solutions. If I can come up with an exploit that quickly, trust me, at least one spammer will come up with three in the same amount of time. Abuse of the internet mail system is, after all, their profession.

I've stated previously that there is no way to do without inventing a parallel set of protocols. I figure you're going to need some kind of server registry which provides tokens to all registered servers. Kinda like the SSL certificate signing authorities, who vet organizations to set up a hierarchy of trust. Then every mail server is going to provide in headers the token and a unique message ID.

You're also going to need a query protocol where an entity receiving a message can query the registry to insure the token has not been revoked, and can query a sending mail server to insure that it did, indeed, send the message, given a token an unique ID.

The registry is going to have to field reports from customers about receiving spam with valid tokens, so that they can make decisions about token revocations.

Of course, the registry is going to have to make enough money to pay all the people they have on staff to field spam reports and make decisions about revoking tokens. My ballpark figure is that they'll probably have to charge about 4 times what an SSL certificate signing costs per year: ~ US $600.

Of course, my idea isn't foolproof. A spammer can send out 10 million emails in a day, so all he'd have to do is get a token and send as many emails as he can before the token is revoked. And all this extra infrastructure does not give you a way to tell whether an email is spam. It just sets up a hierarchy of trust as to the intentions of the sender.

So we get back to my original thesis that legislation is a necessary part of the solution. Let each country make it illegal to send spam and have consistent rules as to what constitutes spam. If someone anywhere spams, then let his local judiciary deal with him.

Want the best answers? Ask the best questions: TANSTAAFL!!
 
Upvote 0 Downvote
I completly agree with the education side of things.

I went round my mothers today and she told me that she is getting 15 or so mails a day about viagra etc. Obviously spam.

The real tragic thing is that she is that she still thinks that spam comes in a tin - let alone the rules and filters avaliable in Outlook.

Then again, this is the same person who has decided not to purchase Anti Virus software ever again as she has been infected...

...Don't suppose 100 day old DAT files helped much.


Some times I just give up... [sigh][/sigh]
 
Upvote 0 Downvote
Spam looks for vulnerable and unhappy people. Those who look for a chemical fix to an unhealthy lifestyle. Those who think the solution to debt is to borrow more. Such people do need to be protected, and the rest of us have a right not to have our time wasted by con-men.

Someone with a lot of technical knowledge can probably protect themselves. Some of them have been discussing the matter on this thread and offering solutions - but how can one be sure that these are not spoofs that will make the machine vulnerable to some other sort of abuse. As a graduate, MENSA member and computer professional, I do not have enough knowledge to be sure. So I mistrust everyone I don't know, undoubtedly missing out on much helpful advice and useful Freeware and Shareware.

Only the state can handle the matter, however imperfectly. And the British legislation is a good beginning.
 
Upvote 0 Downvote
sleipnir214,

Thankyou for the explanation. Not so practical after all perhaps.
 
Upvote 0 Downvote
I have one email address which gets 60 junk emails a day. I never just delete them, lately about 10% have had worms attached. When occasionally I try and work out the sender the origin is either a spoof IP address or an non existent domain. 9 in 10 spam emails are from the USA.

The UK legislation cannot touch the USA sourced spam, there needs to be a concerted legislation that is reciprocal around the world, so I can finger these idiots and they can be prosecuted.

Spam is indiscriminate, pointless and as has been pointed out clogs up the internet, maybe not at the backbone but certainly at the receivers end.

It should be made illegal to pass a list of email addresses to another person or company for the express purpose of marketing unless with the approval of the owners of all email addresses on the list. In the UK this could be achieved by use of the data protection act. Chain of evidence should be sufficient proof.

Harvesting for emails should also be made illegal. software that sends email to every address from aaa@hotmail.com to zzz@hotmail.com.

A recent BBC report revealed something over half the spam in the world comes out of Florida and the perpetrators are known but cannot be prosecuted because the state has no such legislation.

 
Upvote 0 Downvote
AFAIK spoofing addresses is already illegal in the US under federal law (FTC regulations I think which are federal statutes).

Problem is that it's all but impossible to track the origin of the spam.
You may find it comes from Florida but does it? Quite possibly that's just the point where the trail goes dead or the place the spoof leads you too that you didn't detect.

As such it's almost certainly not admissable proof.

As an example quite a lot of spam seems to come from servers in the PRC.
When someone checked those out they turned out to be compromised with trojans and backdoors installed by someone at some point so they could be taken over remotely to serve as proxies for sending spam.
The sender could be anywhere, dialing in from a laptop using the broadband internet connection on an intercontinental flying aircraft. All he needs is a minute or so to log in to his compromised machine, upload the message he wants to send and maybe a fresh list of email addresses, and start the sending daemon.
If he also goes through ip anonymisers (as he almost certainly would) he can't be traced at all.
Not only does he use a one time account on a wireless network, but the ip address he got from that account was spoofed to be something else by a service that doesn't keep logs.

Unless and until it actually costs more money to send email than it does to receive it all legitimate users are at risk, and at that time the only benefit of email over snailmail will be the time benefit as email would cost as much as or more than regular mail.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Remou
  • Locked
  • Question
Anti-Counterfeiting Trade Agreement
Replies
2
Views
41
Opieo
Opieo
wahnula
  • Locked
  • Question
Update on spaces.live.com redirection spam... 2
Replies
6
Views
106
wahnula
wahnula
wahnula
  • Locked
  • Question
Spam for sites at spaces.live.com…who is to blame?
Replies
5
Views
61
brettuthius
brettuthius
ecobb
  • Locked
  • Question
Feds Overthrow Spam King
Replies
13
Views
82
mrdenny
mrdenny
johnherman
  • Locked
  • News
Data Privacy Legislation
Replies
4
Views
50
alexhu
alexhu

Part and Inventory Search

Sponsor

Back
Top