Sunday, April 30, 2006

Ryan Pitylak's community outreach

I know several people on the internet are following this site, and I'd really like to hear from you. Post any question you have in the comments section of this post and I'll answer them. The spam industry is talked about by people on the anti-spamming side, but this is the first place I know where people can talk to someone who used to be on the side that sent the email. I look forward to your comments. :) Please utilize this anti-spam blog.

Monday, April 24, 2006

Spamming Trends - April 2006

I recently posted this on securence and thought that it might be helpful to my readers:

Unfortunately, spam should be on the rise for the distant future. As technology gets cheaper to send spam, people will send more of it. Eventually, the returns to sending spam will decrease as filters get better, but that'll only create incentives for spammers to send out more emails, because whatever few pieces of email get delivered will be very valuable. You will continue to see a trend towards off-shore emails that are hard to track, and therefore hard to immediately isolate as problematic. On-shore email blasts will continue to become more legitimate looking, and some of these companies will try to break into the opt-in email business. Unfortunately, most spammers won't handle opt-in email with care, and those lists will slowly be handled in the same way that email lists that are not opt-in are handled.

Get more information about spam blocking and the spam business here at the anti spam blog.

Spam Message April 24th, 2006

So, unlike most people, I receive very little spam. I am careful about where my email address is listed, and therefore receive virtually no spam. However, I received a spam email today. Let's talk about it. See comments in red.

Header Information:

Return-Path: <> Tall tell sign that this is spam. A hotmail account is a perfect way to mask your true identity, and therefore counts negatively towards the spam score.
Delivered-To: ryan@27196.27732
Received: (qmail 24192 invoked by uid 78); 24 Apr 2006 09:45:32 -0000
Received: from unknown (HELO ( by with SMTP; 24 Apr 2006 09:45:32 -0000
Received: from ( []) by (8.13.6/8.13.6) with ESMTP id k3O9jWLk008495 for <--------->; Mon, 24 Apr 2006 05:45:32 -0400
Received: from mail pickup service by with Microsoft SMTPSVC; Mon, 24 Apr 2006 02:45:00 -0700Message-ID: <BAY23-F104315454E70A409B46FB9B0BE0@phx.gbl>
Received: from by with HTTP; Mon, 24 Apr 2006 09:44:48 GMT But wait, could it be? Is this a hotmail server?
X-Originating-IP: []
X-Originating-Email: []
From: "willico willi" <>
Subject: urgent plea for assistance It sounds urgent! Most people don't urgently plea, but we'll let that slide.
Date: Mon, 24 Apr 2006 09:44:48 +0000
Mime-Version: 1.0Content-Type: text/plain; format=flowed
X-OriginalArrivalTime: 24 Apr 2006 09:45:00.0737 (UTC) FILETIME=[C1426B10:01C66783]
... This is starting to look like every other piece of Nigerian spam I've received.

Well, without investigating further about whether hotmail pick ups you ip address when sending out email from their network, I can't comment about whether the email went through hotmail's servers, or whether the email was sent by forging headers.

The IP address does not appear to be a hotmail IP, so if hotmail doesn't pickup the sender's ip address, then this definetly forged.

However, if hotmail does pickup the ip address of the sender, then the sender could be some guy in South Africa sending out email through hotmail.

Regardless of what happens, this emphasizes the importance of having the technology in place to detect these guys before this spam gets into the inbox. Also, reactive technology that can detect this crap and then delete all of the previously sent out email from this spammer would be helpful. Something that I think is great about the new landsapce of email is that emails do not need to be detected as spam right away. It's hard to determine if some emails are spam immediately, so taking some reactive measures after the spammer has been identified would mitigate this problem.

Of course, some email programs are real-time, and therefore making reactive decisions will not work, but ISPs where the email is stored at the same location as the anti-spam software(i.e. Aol, Hotmail, Yahoo, Gmail, etc), this will eventually be possible. This could help in the fight against spam, and only server-side email hosting solutions will be able to provide this service (unless an email add-on is created for outlook/etc).

This is probably a very arduous request however because of the sheer volume of email that large email servers receive. I think there is a middle ground somewhere. We'll just have to think, as an anti-spam community, about where that middle ground lies technologically. Maybe alternative approaches would be effective? I'd be interested to hear anyone's comments on this important issue.

body here....

Monday, April 03, 2006

Stop spam from getting into your inbox

It’s surprising easy to protect yourself from spam. Protecting yourself from getting spam has to become a mentality. There are many costs when having to deal with spam. There is the lack of employee time, which lowers employee productivity levels. Furthermore, business email that is incorrectly categorized as spam creates even larger problems then small levels of productivity loss. Email is becoming one of the main avenues for business communication, but incorrectly categorized business emails can slow down important business deals, or worse.

Several major internet service providers, such as America Online, Microsoft, and Earthlink all use Brightmail’s anti-spam technology as a part of their technological arsenal used to fight against spam. Brightmail is not the only service available, but server-side anti-spam technology ultimately works better than client-side anti-spam technology. Server-side technology consists of anti-spam software that is managed by the internet service provider. Client-side technology consists of anti-spam software that is managed by the consumer on their computer.

Also, you have to be very careful where you submit your email address. If you’re submitting your email address to any service that you don’t trust implicitly, then you should setup an alternative email account that is used specially for these transactions. That way, if spam starts to become a problem on that temporary account, you can cancel the account and setup a new username.

Do not put your email address on your website. Email spiders look across all websites looking for email addresses that can be used to spam. These are considered very good email addresses to send emails to by the spammers that are not very successful. These spammers are more likely to use spamming techniques that gets email delivered by breaking criminal law.

If you do start getting emails, unsubscribe yourself from those emails as soon as you get those emails. Very few spammers sink so low as to email their unsubscribes on a regular basis. Spammers understand that these are people who do not want to get email, and that they are vocal about it, and can therefore spammers do not typically want to email these people. By emailing these people, the spammers risk getting their internet service shut down, which is a major problem for a spammer. Ultimately, if you get into a position of getting spammed, you need to try to remove yourself from these emails. This does not always work, as some spammers will email you more after you unsubscribe, but this is not typical.

If a spammer is being persistent, then you can report the spammer to its ISP. This starts to get technical, but you can determine who are hosting the spammers by running this command in msdos (cmd.exe): tracert The last few lines will be the spammers internet service provider. Complain to those businesses by going to their website and finding their abuse section at the internet service provider’s Contact Us section. There are tools that automate this process. SpamCop offers an excellent product that allows a user to easily report spam. This is by far the most effective way to combat spam.