List of sites being monitored
Spam Quick Reference -- who's who in spamming
Diaries -- latest news
UDP's in the News
SLAPP Lawsuit History
to Shield Yourself from Sophisticated Spam.
What You Can do.
Blogs and other news sources:
Older resources:CancelMoose statistics (bottom of page)
|Track netnews spam to its source.||
A practical example, by Lysander Spooner.
|Track email spam to its source.||
Tracking Spam -- Spam-L mailing list.
Spam-tracking 101 -- email, by Bill Mattocks
Fighting E-Mail Spammers -- tutorial by Todd Burgess, including excellent information on reading sendmail logs.
Finding Hidden Senders in All That E-mail Gobbledygook -- New York Times
|Identify a site||
Spam-tracking 102 -- Deja News,
by Bill Mattocks
Spam-tracking 103 -- Whois, by Bill Mattocks
More on whois
Arin.net whois server
Dnsqueries.com — various tests and lookups.
|Identify a spammer||
Spam-tracking 104 -- spammer unmasked,
by Bill Mattocks
Look up a spammer's P.O. Box at Mail Boxes Etc. use nbtstat to identify a spammer while online.
For an excellent case study, read "Jonah Klimack -- THIS WAS YOUR LIFE!".
|Read obfuscated code||
Use the HayWyre Nullifyer
to decode web pages encoded with
See these notes from email@example.com
|Reporting Spammers||Put a Spammer in the Slammer, by Phil Agre|
|Identify a canceller||Proof of Unauthorized Cancellations, by Julie Haugh|
|Blocking netnews spam at the personal level.||
KILL files for rn and trn
Block Spam with Internet Explorer 4 filtering under Windows with Nfilter for Agent, Outlook Express, Netscape, etc..
|Blocking email spam at the personal level.||
Blocking junkmail with Netscape, by George Eby.
Blocking spam with procmail, MH, Eudora, Netscape, W95/NT, etc.
Mail Filtering by Infinite Ink
|Blocking netnews spam at the site level.||
spam filter (INN, Cyclone, Typhoon, Breeze, NNTPRelay).
spam blocking info for INN.
Aliasing: A practical example -- ACSI.net (INN)
HighWind Software has a number of anti-spam filters. (INN)
INN software and configuration [John Milburn]
Perl INN Spam Filter [Jeff Garzik]
Panix News Gizmo (INN).
Spam Hippo (INN).
Joe's INN Patch Shop
Cyclone newsrouter spam filtering [John Milburn]
Cyclone Spam Filter [Jeff Garzik]
narf: Usenet spam filtering for CNews
Disabling relaying in post.office MTA (software.com)
|Blocking email spam at the site level.||
For UNIX: install sendmail 8.9 or
Use the MAPS Realtime Blackhole List -- realtime tracking of email spam sources which your ISP can use to block incoming spam.
IMRSS -- Internet Mail Relay Services Survey More aggressive than the RBL, more responsible than ORBS.
RRSS -- Radparker Relay Spam Stopper. More aggressive than the RBL, more responsible than ORBS.
ORBS -- Open Relay Blocking System The admins at ORBS use random relay testing. If you ask them not to probe your systems, they respond by adding them to the blocking list out of spite. ORBS is excessively aggressive and probably should not be used. Radparker.com "LOSER" Filtering System -- list of systems you should block; in sendmail "access" format.
Blackberries Yet Another realtime blocklist. Blackberries acts as a multiplexer for querying a configurable list of DNS-based blocklists.
Blocking third-party relaying (excellent reference!)
Stop Relaying info at Monash Unversity.
Spamdomains and Spamusers -- Chuck Pitre
Securing your mail server with sendmail and procmail, from gulf.net
Disabling incoming SMTP connections with TCP Wrappers, blocking spam with sendmail, etc. from spam.abuse.net
Blocking spam with zmailer, PMDF, MMDF
|Defend against Distributed Denial of Service (DDOS) attacks.||Preventing Distributed Denial Of Service (DDOS) attacks. -- Avleen Vig|
|Managing an email list||Basic Mailing List Management Principles for Preventing Abuse -- vix.com|
|Reporting spam to news.admin.net-abuse.sightings.||news.admin.net-abuse.sightings charter|
|Blocking all IP connections at the site level.||Blocking IP connections, from spam.abuse.net.|
|Securing against hijacking||
MAPS anti-relay info. -- an excellent resource; read this first.
Securing your NNTP server
Anti-Spam Provisions in Sendmail 8.8
Securing your NNTP 1.5.1x server
Securing your DNEWS server
DNEWS server manual
Securing Email: Sendmail anti-relay rules
Securing Email: Simpler anti-relay rules
Blocking email with sendmail, by David J.N. Begley
Disabling relaying through smail
Help Desk -- Brett Glass
Email server authorization, aka "pop before smtp": Dynamic Relay Authorization Control
These are sites which maintain on-line lists of known spam sites. By using one or more blacklists to block email and/or web access, you can drastically reduce your spam load. These databases can all be queried in real-time.
There's an excellent article about block lists by Quaestor: What are blocklists, what are they about, how do they work, and do they work?And a compendium of information from Bill Cole.
The opinions expressed on this page are solely those of Ed Falk and do not necessarily represent those of any other organization, (although I hope they do). I wish to thank Rahul.net for hosting this web page.