List of sites being monitored
Spam Quick Reference -- who's who in spamming
Glossary
The Spam
Diaries -- latest news
Older News
UDP's in the News
SLAPP Lawsuit History
How
to Shield Yourself from Sophisticated Spam.
How-Tos
Interesting Reading
Spam-fighting tools
Blocklists
Spam-related Links
Blogs and other news sources:
Older resources:
CancelMoose statistics (bottom of page)
| Track netnews spam to its source. |
Tutorial A practical example, by Lysander Spooner. |
| Track email spam to its source. |
Tutorial Tracking Spam -- Spam-L mailing list. Spam-tracking 101 -- email, by Bill Mattocks Fighting E-Mail Spammers -- tutorial by Todd Burgess, including excellent information on reading sendmail logs. Finding Hidden Senders in All That E-mail Gobbledygook -- New York Times |
| Identify a site |
Spam-tracking 102 -- Deja News,
by Bill Mattocks Spam-tracking 103 -- Whois, by Bill Mattocks More on whois Arin.net whois server Dnsqueries.com — various tests and lookups. Sam Spade. |
| Identify a spammer |
Spam-tracking 104 -- spammer unmasked,
by Bill Mattocks Look up a spammer's P.O. Box at Mail Boxes Etc. use nbtstat to identify a spammer while online. For an excellent case study, read "Jonah Klimack -- THIS WAS YOUR LIFE!". |
| Read obfuscated code |
Use the HayWyre Nullifyer
to decode web pages encoded with
HayWyre See these notes from sam@email-scan.webcircle.com |
| Reporting Spammers | Put a Spammer in the Slammer, by Phil Agre |
| Identify a canceller | Proof of Unauthorized Cancellations, by Julie Haugh |
| Blocking netnews spam at the personal level. |
KILL files for rn and trn Block Spam with Internet Explorer 4 filtering under Windows with Nfilter for Agent, Outlook Express, Netscape, etc.. |
| Blocking email spam at the personal level. |
Procmail Workshop
UIUC ACM Procmail Recipes Blocking junkmail with Netscape, by George Eby. Blocking spam with procmail, MH, Eudora, Netscape, W95/NT, etc. Mail Filtering by Infinite Ink |
| Blocking netnews spam at the site level. |
Cleanfeed
spam filter (INN, Cyclone, Typhoon, Breeze, NNTPRelay). spam blocking info for INN. Aliasing: A practical example -- ACSI.net (INN) HighWind Software has a number of anti-spam filters. (INN) INN software and configuration [John Milburn] Perl INN Spam Filter [Jeff Garzik] Panix News Gizmo (INN). Spam Hippo (INN). Joe's INN Patch Shop Cyclone newsrouter spam filtering [John Milburn] Cyclone Spam Filter [Jeff Garzik] NNRP Filters narf: Usenet spam filtering for CNews Diab-Filter (Diablo) Disabling relaying in post.office MTA (software.com) |
| Blocking email spam at the site level. |
For UNIX: install sendmail 8.9 or
better. Use the MAPS Realtime Blackhole List -- realtime tracking of email spam sources which your ISP can use to block incoming spam. IMRSS -- Internet Mail Relay Services Survey More aggressive than the RBL, more responsible than ORBS. RRSS -- Radparker Relay Spam Stopper. More aggressive than the RBL, more responsible than ORBS. ORBS -- Open Relay Blocking System The admins at ORBS use random relay testing. If you ask them not to probe your systems, they respond by adding them to the blocking list out of spite. ORBS is excessively aggressive and probably should not be used. Radparker.com "LOSER" Filtering System -- list of systems you should block; in sendmail "access" format. Blackberries Yet Another realtime blocklist. Blackberries acts as a multiplexer for querying a configurable list of DNS-based blocklists. Blocking third-party relaying (excellent reference!) Configuring Sendmail Stop Relaying info at Monash Unversity. Spamdomains and Spamusers -- Chuck Pitre Securing your mail server with sendmail and procmail, from gulf.net Disabling incoming SMTP connections with TCP Wrappers, blocking spam with sendmail, etc. from spam.abuse.net Blocking spam with zmailer, PMDF, MMDF |
| Defend against Distributed Denial of Service (DDOS) attacks. | Preventing Distributed Denial Of Service (DDOS) attacks. -- Avleen Vig |
| Managing an email list | Basic Mailing List Management Principles for Preventing Abuse -- vix.com |
| Reporting spam to news.admin.net-abuse.sightings. | news.admin.net-abuse.sightings charter |
| Blocking all IP connections at the site level. | Blocking IP connections, from spam.abuse.net. |
| Securing against hijacking |
Securing Email:
MAPS anti-relay info. -- an excellent resource; read this first.
Securing your NNTP server Anti-Spam Provisions in Sendmail 8.8 Securing your NNTP 1.5.1x server Securing your DNEWS server DNEWS server manual Securing Email: Sendmail anti-relay rules Securing Email: Simpler anti-relay rules Blocking email with sendmail, by David J.N. Begley Disabling relaying through smail Help Desk -- Brett Glass Email server authorization, aka "pop before smtp": Dynamic Relay Authorization Control in Japanese |
These are sites which maintain on-line lists of known spam sites. By using one or more blacklists to block email and/or web access, you can drastically reduce your spam load. These databases can all be queried in real-time.
There's an excellent article about block lists by Quaestor: What are blocklists, what are they about, how do they work, and do they work?
And a compendium of information from Bill Cole.The opinions expressed on this page are solely those of Ed Falk and do not necessarily represent those of any other organization, (although I hope they do). I wish to thank Rahul.net for hosting this web page.