• Quick note - the problem with Youtube videos not embedding on the forum appears to have been fixed, thanks to ZiprHead. If you do still see problems let me know.

Curious About Spam Technique

theprestige said:
I'm saying it's no trouble to generate the emails and the arbitrary email "from" addresses to go with them. Sending them in bulk without getting caught is a separate problem. You made it sound like just creating random bogus "from" addresses was troublesome - perhaps even more trouble than it's worth to scammers. I'm saying that part is no trouble at all.


Exactly.
Click to expand...

And of course if your email server is in a country that doesn't care about little things like spam and scams so long as the bill gets paid, you're golden.
 
P.J. Denyer said:
And of course if your email server is in a country that doesn't care about little things like spam and scams so long as the bill gets paid, you're golden.
Click to expand...
Not quite golden. Misbehaving mail servers get added to widely-used blocklists. The company or country hosting your mail server could be absolutely sanguine about your shenanigans, and you still won't get anywhere because nobody else is accepting or forwarding your messages.

I think nowadays the trick is to find email servers wherever you can, and run them until someone notices and blacklists them. I wouldn't be surprised if email spammers are big buyers of botnets for sale on the dark web.
 
theprestige said:
Not quite golden. Misbehaving mail servers get added to widely-used blocklists. The company or country hosting your mail server could be absolutely sanguine about your shenanigans, and you still won't get anywhere because nobody else is accepting or forwarding your messages.

I think nowadays the trick is to find email servers wherever you can, and run them until someone notices and blacklists them. I wouldn't be surprised if email spammers are big buyers of botnets for sale on the dark web.
Click to expand...

True, and I should have remembered this since one of the first IT 'puzzles' I solved (while I was still an accountant, before I moved across) was a mail server that suddenly started rejecting everything. Turned out it was pointing to a blacklist server that was no longer maintained and the providers had decided that the best way to make sure anyone still trying to use it updated to a new one was to set literally everyone in the entire world as spam.
 
theprestige said:
Not quite golden. Misbehaving mail servers get added to widely-used blocklists. The company or country hosting your mail server could be absolutely sanguine about your shenanigans, and you still won't get anywhere because nobody else is accepting or forwarding your messages.

I think nowadays the trick is to find email servers wherever you can, and run them until someone notices and blacklists them. I wouldn't be surprised if email spammers are big buyers of botnets for sale on the dark web.
Click to expand...
A few years back now I got a bizarre email from a friend. Random text that it turned out was pulled from files on his PC. The attachment tried to install a simple SMTP agent (IIRC) pulled email addresses from webpages you browsed and forwarded copies of itself.
 
theprestige said:
I'm saying it's no trouble to generate the emails and the arbitrary email "from" addresses to go with them. Sending them in bulk without getting caught is a separate problem. You made it sound like just creating random bogus "from" addresses was troublesome - perhaps even more trouble than it's worth to scammers. I'm saying that part is no trouble at all.
Click to expand...
Agreed. I should clarify that that was the "yes" part of the "yes and no" that started my previous answer.

To expand further, there are several "from" addresses associated with an email. When you submit a mail to a mail transfer agent (MTA) or mail submission agent (MSA) you provide a sender address and a recipient address (or a list of recipient addresses). The sender address can be a little bit hard to fake in that the MSA/MTA may check it to ensure it is legitimate and may even require authentication. However, the "from" address that you see in your email client is not this, it's merely a header in the email text itself. This is ridiculously easy to forge, and, as fr as I am aware, i never checked for legitimacy at all.
 
You must log in or register to reply here.

Similar threads

G
Robert Anton Wilson.
2
Replies
37
Views
4K
RonPrice
R

Back
Top Bottom