mariovaldez.net

MV.net forums
It is currently 14 Jul 2016, 00:35

All times are UTC - 7 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 4 posts ] 
Author Message
PostPosted: 27 Aug 2005, 03:16 
I just installed this spam poison and it looks great. It could be very useful.

I was just wondering two things...

Is there any chance that spammers may be able to find out that your site messed around with their bot, and then launch an attack?

Also, what are the chances of a genuine search engine bot getting snagged?

TIA


Report this post
Top
  
Reply with quote  
 Post subject: Spammer retaliation...
PostPosted: 02 Sep 2005, 19:37 
User avatar

Joined: 06 Mar 2003, 03:21
Posts: 447
Location: Monterrey, NL, Mexico
Guest:

> just installed this spam poison and it looks
> great. It could be very useful.

Great! :)

> I was just wondering two things...
> Is there any chance that spammers may
> be able to find out that your site messed
> around with their bot, and then launch an
> attack?

Of course there is a chance for spammer retaliation. You can divide spammers in three groups: a) evil spammer, b) blind spammer, and b) clueless spammer.

The Clueless Spammer is a poor fellow who is told that spamming is Ok for doing bussiness and then start doing it. Poor guy. He/She pays for a email harvester software (or worst, pays for an email database) and then start sending spam. This kind of spammer will not even know that the harvested list is messed up. And hopefully, when he/she finds out that Spamming Is Not Right, will stop doing it. I personally know a few good people that were once this kind of spammer (but now they are not).

Blind Spammer is a different beast. He/She is sure spamming is good, that everybody complaining about spam is just trying to destroy his/her bussiness, and that spamming is protected by Free of Speech laws. Go figure. They may think you are "The Enemy" and then may try to attack you. Expect some kind of retaliation from them; mail bombing, more spamming, etc. But they can only know the addresses were from your site if they have the skills, most don't.

Evil Spammer is someone who thinks that spamming may not be right but he/she will do it anyway because abusing the system is ok. Or because money is more important than being a good citizen. Or just for fun. Usually they will not retaliate you because they are too busy sending spam, and sending a ten millions messages is more important even if only 1% of the recipients are good addresses.

Some Evil Spammers don't send emails themselves, but only sell email addresses databases. For them, the most cost-effective way to deal with your site is just to avoid it. That's great for you as all addresses in your site will not be harvested.


I've been using this for a couple of years and nothing bad has happened. I know some friends who use this (or any other) poisoner and they are Ok. I think most harvester won't even know where does the bad addresses came from.


> Also, what are the chances of a
> genuine search engine bot getting
> snagged?

Null. A genuine search engine will obey the NOINDEX metatag and the sentences in the robots.txt file. If a search engine ignore those, they have more important problems than your fake-email pages.


As a final note, the spamming problem will not be solved by simple poisoners like this. I don't know what will happen in the future, but as of today, a good spam filter for your email (like SpamAssassin) is your best bet. Poisoners can help but in a macroecological way (will not help you a lot, but will help everybody a bit).


Regards,

Mario A. Valdez-Ramirez.


Report this post
Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: 29 Jan 2007, 21:20 
i'd seen cgi script somewhere that implement this delay in the script.

i think, this script also should include some delaying value to make the loading slower and to avoid attack on the script.

when certain scripts is attacked by spambot, it almost like DOS attack and increasing high cpu loads.


Report this post
Top
  
Reply with quote  
PostPosted: 30 Jan 2007, 16:52 
User avatar

Joined: 06 Mar 2003, 03:21
Posts: 447
Location: Monterrey, NL, Mexico
Guest user:

> i'd seen cgi script somewhere that implement this delay in the script.
> i think, this script also should include some delaying value to make
> the loading slower and to avoid attack on the script. when certain
> scripts is attacked by spambot, it almost like DOS attack and
> increasing high cpu loads.


Hi. The PHP Spam poison script also use a delay when being loaded. This delay is random from 10 to 30 seconds (by default). You can modify this sleep time by changing the pwp_minsleeptime and pwp_maxsleeptime variables.


Regards,

Mario A. Valdez-Ramirez.


Report this post
Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 4 posts ] 

All times are UTC - 7 hours


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group