Spam: August 2005 Archives

SPIM Prevention

SPIM (Spam over IM) Prevention techniques from the IMLogic threat center: Set your client to not accept messages from people not on your buddy list.

IM Client How to stop messages from anonymous users
AOL IM (v5.9.3690) Sign in
Click "My AIM" > "Edit Options" > "Edit Preferences"
Click "Privacy" in the left-hand column
Click "Allow only users on my Buddy List" under the "Who can contact me" heading

ICQ Lite (v4.1) Sign in
Click "Main" > "Preferences and Security"
Click "Spam Control" in the left-hand column
Check "Accept messages only from users on my Contact List"
Ensure both options under "Not in List Messages" are checked
Check "Do not accept World Wide Pager Messages"
Check "Do not accept Email Express Messages"

ICQ Pro (v2003b) Sign in
Click "Main" > "Security and Privacy Permissions"
Click "Communication Events"
Select the yellow check mark for each line item (be sure to scroll)

MSN Messenger (6.2.0137) Sign in
Click "Tools" > "Options"
Click on Privacy Tab
Check "Only people on my Allow List can see my status and send me messages"
Ensure the "Alert me when other people add me to their contact lists" is checked

Windows Messenger (v4.7.3000) Sign in
Click "Tools" > "Options"
Click on Privacy Tab
Ensure the "Alert me when other people add me to their contact lists" is checked

Yahoo! Messenger (v6.0.0.750) Sign in
Click "Messenger" > "Preferences"
Click "Ignore List" in the left-hand column
Click "Ignore anyone who is not on my Messenger List."

By Roger on August 26, 2005 4:18 PM |

PowWeb adds SPF to mail servers

I was pretty happy today to see that my webhost has added SPF to their spam fighting techniques. This needs to see more widespread adoption.

Right now if someone sends out 10 million spams from my domain to 5 million servers on the internet, roughly 80% of the spam will be to a bad address. An NDR would be generated and sent to me. Its a rather effective denial of service attack, assuming you can insulate your self from identification as the attacker. If those servers implemented SPF they would see that the message isn't from a valid sender for my domain, and hopefully drop it. Instead many senders send an NDR without enough of the original message, so it doesn't get caught by my spam filters. Not sure if I've explained that well or not, its pretty late. It is too easy to get your mail servers DoSed indirectly by some spammer.

By Roger on August 12, 2005 12:10 AM |
« Spam: July 2005 | Main Index | Archives | Spam: October 2005 »

Search