Results 1 to 7 of 7
  1. #1
    Affiliate Marketing Consultant Andy Rodriguez's Avatar
    Join Date
    January 18th, 2005
    Location
    Sunny Miami
    Posts
    8,384
    Tuesday, May 28, 2002

    China and the Threat of Spammers
    By Tom Hespos

    We need to do something about spam, and we need to do it now.

    When I've written about spam in the past, my problems with junk email were pretty much limited to trust issues - if spammers didn't ease up, nobody would ever consider email to be a trustworthy commercial medium. These trust issues could destroy legitimate email marketing.

    But now we have bigger problems. Spammers are threatening the very infrastructure of ISPs and other email providers.

    I used to wonder why my Hespos.com mail account is flooded with Chinese-language spam almost every day, while my various free email accounts are completely free of the stuff. As it turns out, some of my free email accounts can't get mail from China, period. Chinese domains have been blocked at the router level. No mail from a Chinese domain gets through.

    You might expect this to be the work of an oppressive Chinese government, but that's not the case. Email from China is often blocked because a good percentage of the email coming from Chinese domains is spam. Some network administrator weighed the costs and benefits of delivering this mail and decided (without asking the end user) that it would be better if Chinese domains were blocked.

    It's important to note that this is more of a bandwidth issue than a censorship issue. Spammers send so much mail that many ISPs and email providers simply can't handle the volume. If they don't take steps to keep the deluge of spam from flooding their infrastructure, legitimate email will suffer. An influx of several million pieces of spam, if not dealt with proactively, might cause a delivery failure in your legitimate email. It's not too much of a problem if the dropped email happens to be a casual correspondence to your Aunt Bessie in Little Rock, but what if it's an important business contract?

    The conflicts over bandwidth occur continuously. A spammer sends a giant blast of unsolicited emails, and it clogs up the ISPs. The ISPs block the spammer's IP and the spammer moves to another provider or steals bandwidth from legitimate Internet companies or individuals. They send more email, the ISP blocks them again and the whole process keeps going in circles.

    One of the spammers' more insidious tactics involves hacking Formmail Scripts. Formmail.pl is a Perl script that many ISPs give to their customers. It is one of the most popular CGI scripts in use today. When called, this script takes data submitted via form pages on the web, wraps up the responses in an email, and mails the data to the e-mail address specified by the form. I use Formmail.pl all the time. Formmail sends me an email when someone has signed the guestbook on my personal website, or when someone submits an application to join one of my mailing lists.

    Spammers hack Formmail.pl and use it to send spam. There are several reasons why this is bad. First of all, the spam appears to originate from the domain at which the Formmail script is hosted. If a spammer hacked my script, I would know immediately, because I would be getting hundreds or thousands of angry responses to the spam. Thus, the spammer gets off scot-free while legitimate e-mail users take the heat for their transgressions. Secondly, if enough email is sent via the script, ISPs may choose to block its domain. So a spammer can get a legitimate online business blocked by multiple ISPs. It is very difficult for ISPs to determine the difference between legitimate email sent via Formmail and spam. This works in the spammer's favour.

    The Formmail script's original author has implemented some changes that prevent outside domains from accessing the script. However, old versions are still in place at many domains, so the spammers still have plenty of ammo. You can tell when you get spam generated by a Formmail script when it reads, "Below is the result of your feedback form" or something similar at the top of the mail.

    The tactics used by spammers to operate "under the radar" result in email blocking by ISPs. As spammers get more sophisticated, it becomes harder for ISPs to discern the difference between spam travelling across its network and legitimate e-mail communication. How long will it be before the situation devolves into one where a significant portion of legitimate e-mail traffic is halted because one major ISP blocks another in an effort to reduce spam? Can you see the political nastiness that could take place as a result? What would happen if AOL were to block mail from Yahoo? Would Yahoo retaliate and block AOL in return?

    We need to impose penalties for spamming now. Or the situation may escalate and the interconnectivity we've enjoyed since the Internet debuted will be a thing of the past.

  2. #2
    ABW Ambassador
    Join Date
    January 17th, 2005
    Posts
    2,160
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>The Formmail script's original author has implemented some changes that prevent outside domains from accessing the script. However, old versions are still in place at many domains, so the spammers still have plenty of ammo. You can tell when you get spam generated by a Formmail script when it reads, "Below is the result of your feedback form" or something similar at the top of the mail.<HR></BLOCKQUOTE>For those interested in more info this page has further details and an updated formmail script: http://www.monkeys.com/anti-spam/fil.../formmail.html

    I can't vouch for it's security as I have not used it and don't run formmail scripts myself.

    Maybe some of you perl experts can give it a once over.

    Having said that I don't run formmail scripts, does anyone know of any other scripts such as, 'tell a friend' and 'postcard' scripts that may be vulnerable to this type of spam abuse.

  3. #3
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    SpamCop ($3 per month, no this isn't an affiliate link) includes various optional filters, one of which is to block all email originating from China, Korea, Formmail scripts and open relays and proxies.

    Of course this means that the tiny proportion of legitimate email I receive from Korea (umm like about 2 ever) will get blocked. Oh well.

    Works pretty well - I redirect some of my other "public" email addresses through it too and it cuts out virtually all spam.

  4. #4
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Aside from all legit USA ISP's needing to bann e-mail from Far East & china servers like Kornet.net and chinanet.com ..the following companies use their own servers to blast over 100 Billion spams for branding and lame e-mail merchant con games. If you spot some major Duperaffiliates in this list and you have links to them on your sites your just adding fuel to the spammers.

    The List of known spamming company domains.

    Domain Listed for Listing Date
    2clk.net SMTP bombardment 2001-05-24
    advertising.com SMTP bombardment 2001-05-24
    amazon.com SMTP bombardment 2001-05-24
    arcamax.com SMTP bombardment 2001-07-26
    bay9.com SMTP bombardment 2001-05-24
    bidbay.com SMTP bombardment 2001-07-22
    boldfish.com SMTP bombardment 2001-07-22
    bonus.com SMTP bombardment 2001-07-22
    caligari.com SMTP bombardment 2001-07-22
    cardmktplace.com SMTP bombardment 2001-07-22
    cheetahmail.com SMTP bombardment 2001-07-26
    datamg.com SMTP bombardment 2001-07-22
    edirectnetwork.net SMTP bombardment 2001-05-24
    em5000.com SMTP bombardment 2001-07-22
    etracks.com SMTP bombardment 2001-05-24
    euniverse.com SMTP bombardment 2001-07-22
    expedia.com SMTP bombardment 2001-07-22
    ezsweeps.com SMTP bombardment 2001-07-22
    flonetwork.com SMTP bombardment 2001-07-22
    flowgo.com SMTP bombardment 2001-05-24
    freeservers.com SMTP bombardment 2001-07-22
    getresponse.com SMTP bombardment 2001-05-24
    giantrewards.com SMTP bombardment 2001-07-22
    gozilla.com SMTP bombardment 2001-07-22
    greatlifetoday.com SMTP bombardment 2001-07-22
    grouplotto.com SMTP bombardment 2001-05-24
    huntingmail.com SMTP bombardment 2001-05-24
    iexpect.com SMTP bombardment 2001-05-24
    ign.com SMTP bombardment 2001-07-22
    internet.com SMTP bombardment 2001-07-22
    iwin.com SMTP bombardment 2001-07-22
    kimo.com.tw SMTP bombardment 2001-05-24
    launch-media.net SMTP bombardment 2001-07-22
    leadgreed.com SMTP bombardment 2001-05-24
    lycos.com SMTP bombardment 2001-05-24
    macromedia.com SMTP bombardment 2001-05-24
    mp3.com SMTP bombardment 2001-07-22
    muffmail.com SMTP bombardment 2001-07-22
    musicmatch.com SMTP bombardment 2001-07-22
    mypoints.com SMTP bombardment 2001-07-22
    nbci.com SMTP bombardment 2001-07-26
    neopets.com SMTP bombardment 2001-07-22
    netflip.com SMTP bombardment 2001-07-22
    oin3.net SMTP bombardment 2001-07-22
    ombramarketing.com SMTP bombardment 2001-05-24
    opinionsurveys.com SMTP bombardment 2001-05-24
    opthost.com SMTP bombardment 2001-07-26
    opthost2.com SMTP bombardment 2001-05-24
    optinrealbig.com SMTP bombardment 2001-07-22
    ourhouse.com SMTP bombardment 2001-07-22
    peel.net SMTP bombardment 2001-07-22
    planetofmusic.com SMTP bombardment 2001-05-24
    pm0.net SMTP bombardment 2001-05-24
    postageshop.com SMTP bombardment 2001-07-26
    prospero.com SMTP bombardment 2001-07-22
    ramibourse.com SMTP bombardment 2001-07-22
    ramibourse.fr SMTP bombardment 2001-05-24
    sitesmith.com SMTP bombardment 2001-07-22
    smallworld.com SMTP bombardment 2001-05-24
    snowball.com SMTP bombardment 2001-05-24
    sony.com SMTP bombardment 2001-07-22
    textmessenger.com SMTP bombardment 2001-07-22
    totale-mail.com SMTP bombardment 2001-07-22
    winzip.com SMTP bombardment 2001-07-26
    worldpay.com SMTP bombardment 2001-07-22
    yesmail.net SMTP bombardment 2001-07-26

    No merchant on this list should be allowed on a major affiliate network if those networks had any ethics. Many of these are the so called super affiliates who haven't tried to hide their names from all affiliate BBS forums.

    [ 05-28-2002: Message edited by: EcomCity.com ]

  5. #5
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    551
    I earn 2/3 of my living from working with China, Korea, Malaysia, if my isp was to ban all Chinese or eastern sources, I would be walking the streets. Unlike Dynamoo, I receive about 5 legitimate emails per day from the Far East.

    Where do you think that most of the technology goods come from? If you stop the emails, how would your real suppliers supply you?

    I am pretty surprised at you Andy for starting this, you are one of the people who live from the electronics trade.

    By all means, have a go at the spammers, but leave the innocents alone

    [ 05-28-2002: Message edited by: Wayder ]

  6. #6
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Legitimate e-mail coming from those Far East areas is less than 1/10th of one percent. If those governments and hosting/ISP services won't shut down the spammers they will cease to reach the rest of the online world with their legit messages. Damn shame that GM and Ford Motor Co also ban Far East servers and their clients their have to send e-mail from private USA accounts. Their cost for just processing spamms run over 5.00 per spam and they refuse to absorb that expense.

    The more of those named above as BANNED domains from many ISP services and VPNs, for multiple complaints of 24/7 spamming practices, who close shop the more money us web site owner affiliates will make. If iWon was closed down as a spammer at Linkshare the merchants using them there would have to rely on conversion ratios...not eyeballs... and even Walmart would have to convert.

    [ 05-28-2002: Message edited by: EcomCity.com ]

    [ 05-28-2002: Message edited by: EcomCity.com ]

  7. #7
    Guest
    You are too kind Mike. I do some business with the far east, but it's more like 1/1,000,000th of a percentage is legitmate email. I get 200-500 spam A DAY. On weekends, about the only mail I get is spam. About 50% comes from Korea and China. I also have a few legitimate emails from Korea, but it's miniscule. I already block .cn and about to block .kr as well. Its just not worth it. It's to the point now that I'm accidently deleting legimate customer emails more than I am getting legimate emails from cn or kr. So it's actually costing me money.

  8. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Toolbar Threat?
    By Kellie aka Ms. B in forum Midnight Cafe'
    Replies: 33
    Last Post: December 8th, 2003, 09:35 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •