[Discuss] Torrent of new spam

Wed Feb 15 13:26:06 EST 2017

On 2/14/2017 4:04 PM, Rich Braun wrote:
> Suddenly, this morning my primary email address apparently found its way onto
> that [spam] list. ...
>
> Apparently this new spammer has figured out a way to get past the RBLs and
> SpamAssassin filters that I've had a lot of success with in the past.
>
> Is this a sudden new/widespread problem, or did I just get unlucky with the
> combination of my email addresses and the (now fairly old) spam-control
> software I've been using?

We're all finding out just how tough it is to overcome the "Defender's 
Dilemma": when protecting a castle or a home or an inbox, there are 
always weaknesses we can't afford to cover. The spammers have now put 
sucker-bait ads on Craigslist and other "free" venues, advertising 
sought-after goods for low prices, and then they harvest the addresses 
of anyone who responds. There are also frequent leaks from commercial 
companies that sell their old customer lists, and "affiliated" marketing 
done by well-known web site owners. As the spam industry gains 
experience, money, and programming expertise, we can expect less and 
less help from "one size fits all" applications or services.

I've stopped using my "primary" email address anywhere I don't have to^1 
. I forward everything through my own server, and if any one address 
picks up spam, I just delete it. Having the server helps in other ways, 
too: I can send inquiries to ads on Craigslist without worrying about 
where the return address will be copied to, and it's trivial to block 
any IP address that's outside the range of countries I usually 
correspond with. Of course, that's a bit much for anyone still working 
full-time, but it's a viable solution for me.

Until there's a FUSSP, we'll have to keep patching newly found 
back-doors that bypass the moats around our various castles.

Bill Horne

1. bill at horne etc is OK here on discuss because the Mailman server 
auto-obfuscates addresses in the archives. So far, it's an effective 
measure, but of course I'll have to abandon the address if it gets on 
too many spam lists.