[Moogs]

OK. So I've always been an Entourage user and version 2004 has some nice improvements to the SPAM filtering. I've set up my account so that nearly every piece of spam ends up directly in the trash, whereupon I have to delete it manually. Not bad, but still a waste of my time.

I've decided that somehow, even though I don't have the automatic "display HTML" thing set up, and even though I don't click directly on emails in the preview panel, that one particular spammer knows that they have "found me". I forward much of my SPAM to comcast's "missed spam" address, and it works sometimes but this latest round is from some diabolical spam-fuck. Every day I get at least 6 or 7 of these things.

The emails are from faked comcast addresses, and contain gibberish subject lines to confuse spam filters (i.e. they don't say anything about pr0n, viagra, online trading, etc). Everything is like "Bob enthusiastic raking marshmallow shovel" type crap. Just a jumble of words. And Entourage *does* catch it, but I want to BOUNCE this shit right back in their face. I looked up SPAM and bounce on VerstionTracker and MacUpdate, but those tools don't actually bounce anything, they just learn your email habits and send stuff to the trash.

Is there a way using freeware or Terminal tricks or something where I can specify that anything not in my accepted sender list (or even anything resembling these SPAM lots) get bounced, as if my address doesn't exist? I want to fill their fucking server up. And furthermore, if anyone knows a way to detect the actual IP a SPAM comes from using header info, etc.. and knows a free spam-bomb tool... I am truly tempted.

[Banana]

An extreme fix,

but in some apps, (should be in Entourage as well but i've never used it), you could set up your mailbox to accept only mails that's on the list.

That'll be a problem for online shopping or other services that needs your email, but you don't have their emails, though.

I just grin and bear it on my work's Outlook.

[DMBand0026]

I know you probably don't want to hear this, because in my experience most Entourage users are fiercely loyal to that app. However, Apple's mail.app has a bounce feature that is built into the spam filter that comes with Mail. Although many feel that mail.app is an inferior program to Entourage, I use it everyday with no trouble at all. Sorry I couldn't be more help in Entourage, I just know Mail.app.

[atomicbartbeans]

I try to bounce spam sometimes... but it comes back with a "delivery failed" error.

Any way we can fry these idiots' computers over the interweb?

[rasmits]

Quote:

Originally Posted by DMBand0026 However, Apple's mail.app has a bounce feature that is built into the spam filter that comes with Mail.

Where is that? I haven't seen it.

edit: I'm all for Spamming back at them with their IP address. I tried using .Mac email aliases for a long time, but my real address still gets out there when my friends add me to stupid WAYN and MySpace invites.

[Moogs]

I think we make spamming a federal offense, punishable by consecutive life sentences for each verified instance of mass spamming. Same with identity theft. Make 'em all prison bitches and there won't be any spam for miles after the first TV movie comes out. Fuckers....

[rasmits]

I completely agree. It's god dang frustrating.

I really wanted that "Make love not spam" screensaver, but it was taken down because spammers found it too "harsh". I hate them all...

[chucker]

Quote:

Originally Posted by rasmits Where is that? I haven't seen it.

Customize your toolbar and add "Bounce". I think that's what it's called, at least. I haven't used Mail.app in an eternity.

E-mail sucks.

[rasmits]

Quote:

Originally Posted by chucker Customize your toolbar and add "Bounce". I think that's what it's called, at least. I haven't used Mail.app in an eternity.

OOOOOOO!!!! Thank you!!!!

[pilot1129]

wow that threads feature is great! makes it feel much more like gmail. thank you for mentioning that customize toolbar part!

[Brad]

Quote:

Originally Posted by pilot1129 wow that threads feature is great! makes it feel much more like gmail. thank you for mentioning that customize toolbar part!

Realize, of course, that most Mac apps with toolbars can be customized this way. One of the first things I do when trying a new app is check what other items are available for the toolbar.

[scratt]

Unfortunately as we all know most Spam comes from 'hijacked' addresses or ones that are not even real.. But..

A script of some sort to reply to Spam from a bogus (or even their own address) with a generic Title like - "Yes please I'd like to order" and then 1/2 a meg or so of rubbish in it, that you can selectively use would be great to combat the smaller spammers and the people that use them, as it would at least slow them down a bit, and perhaps make them stop using Spam services.

[T-Man]

I agree with making it illegal and/or fighting back.

Mail was one of the few apps I didnt look to customize my toolbar, now: THANKS A LOT!!!! I have no room on it!!!

[Moogs]

If I didn't have loads of archived mails in Entourage and liked Mail's crayola interface a little better I might try the bounce feature but... I just figured there might be a way to track these bastards down with freeware and bomb them into oblivion. I'd even go low-tech on them.

[dryeraseonstallwall]"For a great blow job, email spambitch at Ilikecattleprods.rec, and tell your friends!"[/dryeraseonstallwall]

[Koodari]

No matter what you do, do *not* bounce spam. Spammers either use a non-existing address in which case you'll get a "message not delivered" reply for your trouble, or someone else's real address, in which case the people who reply or bounce mail are collectively mailbombing an innocent person. It stands to reason that the spammers don't read the mail from the address they use to "sign" the spam: the automated replies (address doesn't exist, vacation, ...) alone will swamp the mailbox of the address' real owner. They use a second reply address in the body of the message, or (most often) just advertise a website and do all the business or scamming through that.

If I were you, I'd try to set up a button to one-click forward the spam to Comcast.

[scratt]

I am working on the pyramid scheme idea...

If my bounced mail going to a 'real' persons email address bugs them enough they might complain too.. I'm just bringing in support for my cause.. It's kind of like how they got sailors in Victorian times.....

[Moogs]

Update: anyone else getting phony password update messages that are sent to an address at SmartDisk.com? I think one of their disgruntled employees has taken their customer email list and added it to one of their internal addresses, so that they all get dozens of (probably also bogus) password reset requests every day. And if they bounce it "back" to this legit address, it comes right back at them because they are part of the address list.

Just a theory I wanted to share on this day of SPAM hell. How ironic I came in here looking for SPAM advice and found my own, old thread.

NOW I am wondering if there is a way not to bounce but simpy *reject* at the server level, so that it never even hits my inbox and basically whoever sent it gets the "cannot deliver" message or whatever.

[Dave]

Quote:

Originally Posted by Moogs NOW I am wondering if there is a way not to bounce but simpy *reject* at the server level, so that it never even hits my inbox and basically whoever sent it gets the "cannot deliver" message or whatever.

You could run your own mailserver and set it up however you want. That's probably a bit extreme, but AFAIK it's the only way to have server-level control over what gets through to your inbox. Also, it requires you to have a static IP, which is generally more expensive.

[Moogs]

Yah, you know I am ramping up a business right now and eventually will get a new Mac Pro, which means existing Mac could be used for web / mail servage. I wonder if comcast can / will assign a static IP. I'm using DHCP which I guess by definition means I do not have a static IP address right? Or can the modem itself have one if Comcast sets it up that way?

[danielsza]

Quote:

Originally Posted by Dave You could run your own mailserver and set it up however you want. That's probably a bit extreme, but AFAIK it's the only way to have server-level control over what gets through to your inbox. Also, it requires you to have a static IP, which is generally more expensive.

No you don't need to have a static IP, you can use a service like dyndns.com. And either use the free service and get an email address like user@domain.dyndns.org (they have names that you can choose). Or you can get custom dns, which works like the free server but you can use it with your own domain. and your email address would be user@domain.com

I use custom dns for my website, and it works well, I think it's about $25.00 a year, plus the cost of the domain. so it's a lot less per year then most static ip address.

Quote:

Originally Posted by Moogs Yah, you know I am ramping up a business right now and eventually will get a new Mac Pro, which means existing Mac could be used for web / mail servage. I wonder if comcast can / will assign a static IP. I'm using DHCP which I guess by definition means I do not have a static IP address right? Or can the modem itself have one if Comcast sets it up that way?

Many ISP's will give you a static ip address for about $10/month. But the bigger problem you might have is if they blocked port 25. And more and more ISP's are blocking ports, at least for residential service .
But in that case dyndns.com also a service called MailHop forward for $40.00 a year.

That would still work out to be less then the cost of a static ip address

[Enki]

Quote:

Originally Posted by atomicbartbeans I try to bounce spam sometimes... but it comes back with a "delivery failed" error. Any way we can fry these idiots' computers over the interweb?

Not really. Almost all the spam sent today is via bot zombies, the previously legit spammers are being caught for technical violations of various laws and shut down. Now overseas bot-lords rent out their zombie nets and the zombies are just a few ten thousand bozo's who are dumb enough to open things that they shouldn't have and don't even have a clue. Even if you fried one, the bot-net would add more faster than you can shut them down.

[drewprops]

Quote:

Originally Posted by scratt I am working on the pyramid scheme idea... If my bounced mail going to a 'real' persons email address bugs them enough they might complain too.. I'm just bringing in support for my cause.. It's kind of like how they got sailors in Victorian times.....

I once got a threatening email from some fucker who thought that I had spammed him. His email was full of half-cocked rantings about email and IPs and such. My first thought was "Alright asshole, if you're so bloody smart why have you never heard of spoofing? Git." (and I'm not even a Britlander)

Anyone who's ever had their email address (or domain) spoofed are AT LEAST a big a victim as the email recipient because their online reputation has been besmirched. It's identify theft and no good will come of lashing out at the victim of the identity theft because THEY haven't a clue how to stop the people sending the spam using their name.

Spammers don't need ANY privvy information to pose as you when sending mail... just your email address or your domain name.

The SOAP thing that Chucker pointed me to awhile back seemed interesting... something you can do at the DNS level (of your domain) that allows other SOAP-aware email servers to verify the orgination of an email message. Why this isn't being implemented en masse, worldwide, is beyond me.

[WrestleEwe]

Quote:

Originally Posted by drewprops Spammers don't need ANY privvy information to pose as you when sending mail... just your email address or your domain name.

Yup... I get about a 100 "Mail Delivery Failed" spam messages a day in my mailbox...

Somewhere there is some asshole who is sending spam with "random name"@"mydomain" as reply-to address, every message that gets bounced gets sent to me.

That REALLY sucks, because most of the time the message body is stripped, so mail.app doesn't flag it as spam. AND if an email sent by me gets bounced I will not know about it because I don't have the time to check all bounce-messages.

The worst part, however, is that there is not a damn thing I can do about it because anyone can can set the reply-to header anyway he likes.

I think that email in it's current implementation should be replaced with something more secure as soon as possible.

[Bryson]

So, what about this 1c or even 1/10c charge for every e-mail idea? What do people think of that?

Linkage

[Enki]

Quote:

Originally Posted by Bryson So, what about this 1c or even 1/10c charge for every e-mail idea? What do people think of that? Linkage

So you want to get charged every time some spammer asshat hijacks your email address and sends a few thousand mails a day? And don't say some miracle address resolution/verification scheme will work since an increasing number of those are sent via bots from the address owners computer. All without the victims knowledge.

[ThunderPoit]

Quote:

Originally Posted by WrestleEwe ... Somewhere there is some asshole who is sending spam with "random name"@"mydomain" as reply-to address, every message that gets bounced gets sent to me. ...

This happened to me once. Took me forever to find out who it was, turned out to by my sisters computer with a nasty virus. It would look up all the email addresses in your mail app and pick one to start spamming itself out with. Lucky me it picked mine. I finally figured it out when the emails comming back to me were variations of ones that she had in her address book.

Don't know if that will help you, but pay close attention to the addresses that they are attempting to send to.

[drewprops]

Quote:

Originally Posted by ThunderPoit This happened to me once. Took me forever to find out who it was, turned out to by my sisters computer with a nasty virus. It would look up all the email addresses in your mail app and pick one to start spamming itself out with. Lucky me it picked mine. I finally figured it out when the emails comming back to me were variations of ones that she had in her address book. Don't know if that will help you, but pay close attention to the addresses that they are attempting to send to.

These are definitely "bad guys" who are ripping peoples' domains, not siblings with infected PCs. Charging victims of virtual identity theft ANYTHING is the wrong way to skin that cat.

[Banana]

Banana's proposal:

Make spamming and stealing domain or email a federal crime that will be investigated by FBI, and subject up to ten years of imprisonment and/or $500,000 fine.

Hey, if hollywood can make it a federal crime to copy movies, why not for identify theft?

[RowdyScot]

Too bad there's no mandate that could make them automatic cellmates with Bubba or Big Jim.

[drewprops]

Here's an old thread that I started back in '04 about "email countersigns". Read it and see if you understand the concept. Chucker pointed me toward the Sender Policy Framework (SPF), which may be a similar idea to my "email countersigns" post... not sure.