In The News

E-mail STD Hoax… coming to your inbox soon

Why does this just seem to be asking for a hoax to be created? Do people think at all before coming up with these ideas?

I can see it now [the following simulation email is purely fictional and has not to my knowledge been used]:


I am writing to you today from the Los Angeles County Health Department. It has come to our attention that a sexual partner of yours has been diagnosed with an Sexually Transmitted Disease (STD). To help prevent the spread of such diseases we are notifying you so that you may be tested.

Your name will be published to a website to alert potential sexual partners that you have been in contact with a confirmed STD carrier unless you arange to pay a removal fee ($100), and send away for a testing kit ($350). To inquire about how to do so and protect yourself, reply to this email with your Full Name, Address, and Back Account Information.

This just sounds like something that will be used as a hoax to scam people out of money in the near future. I’m surprised they would even attempt to do something like this.

Just wait until the Los Angeles County Health Department wants you to help them secure funds for health research during the upcoming elections by holding it in your back account, in return they will give you 10%. 😀

Just another reason why you should always be skeptical of what comes in your email. I know I wouldn’t believe one of these emails.

Some things do need to be delivered by a Postal Worker.


Habeas about to prove themselves

Habeas, an company who sells copyrighted x-header tags, known as “Habeas Warrant Mark” to companies who abide by their rules regarding spam, in return for avoiding spam filters (yes copyrights actually can benefit the internet community). It has a rather large backing from email providers and spam filters. Habeas has recently been under attack. As of about 11 AM, PST, Sunday January 11, 2004, an “unknown spammer” has been using the tags. The spam often has a title similar to “Get X(a)n@x, Valï(u)m, V|@gra, Som(a) Diet Pills Many Meds”, and is blacklisted by most DNSBL’s. Will copyright prevail and save the internet from Spam?


SpamAssassin and xbl blacklist

There’s a new blacklist in town.

Patch for SpamAssassin bug 2889:

RCS file: /cvsroot/spamassassin/spamassassin/rules/,v
retrieving revision 1.38
diff -r1.38
> # XBL is the Spamhaus Block List:
> header RCVD_IN_SBL		eval:check_rbl_txt('xbl', '')
> describe RCVD_IN_SBL		Received via an exploit in Spamhaus Block List
> tflags RCVD_IN_SBL		net

Go Me! Simple enhancement, should provide better spam filtering for all.


Update Movable Type, Blog Spam,

As the blogging community knows, MovableType (software that powers this blog) has been updated.

I upgraded this morning, and applied a little patch to replace characters such as & with their HTML entities (so the validator doesn’t bark).

If anyone notices an issue with the blog, please contact me and let me know. I don’t think there are any from what I can see.

On a side note, for a few weeks, I’ve been employing Jay Allen’s MT Blacklist. With great success I might add. One slipped by the other day, and that’s because I didn’t update the blacklist for a while. Now I’m more religious about it.

Now to tend to whatever is causing Bender to crash.

Politics Spam

Spam to increase thanks to new Law

Here’s my analysis of the new law:

1. More spammers will operate off shore. This means, even more spam, even the bad stuff (child pornography, scam’s etc.) will be out of US jurisdiction. As of now, at least some, comes from places within US law’s coverage. Now it will be less.

2. The biggest issue:

As CAUCE notes:

This legislation fails the most fundamental test of any anti-spam law, in that it neglects to actually tell any marketers not to spam. Instead, it gives each marketer in the United States one free shot at each consumer’s e-mail inbox,

Now here is where the removal clause can end up doing more harm than not:

People will be under the impression that removing email is as easy as clicking “unsubscribe”, which it may be for several US based spammers, who decide to obey the laws.

But how do you know it’s within the US, and removing? Or outside the US, and confirming your email address for spammers?

There is my issue. Congress has passed a bill that actually does the complete opposite of what it is intended to do. While it’s nice to see them caring about the issue. They have made the problem much worse. They are telling millions of people to confirm their email address with offshore spammers.

Now imagine this:

Not only is the spammer out of US law’s control, but Congress told the American people to confirm their email address with spammers outside the country.

This can actually have very negative consequences on the economy, as email is used widely throughout US businesses. Now imagine spam becoming more costly.

Are we having fun yet?

Spread the word that this bill is a very bad thing, and should be scrapped and redone. It’s flawed throughout, and poses to increase, rather than decrease spam. The complete opposite of the said intent of the bill.


Worked way to late/early

Worked way to late last night… well early this morning. Started at 6:30… finished 4:00 (a few minutes early).

It was a bad experience, and I’m not thrilled. I’m quite tired, but that nap I took helped a ton. Will take another later so I can watch South park. Then to bed.

Still, a moment of downtime, so I’m working more on that CMS.

Yet another side note: For those that don’t know already, Jay Allen’s MT-Blacklist/Comment Spam Clearinghouse is a godsend. Since I’ve been using it, nothing has gotten by so far.

I’m just waiting for perl based auto-updating of the master-blacklist. I don’t do Python here. I recommend it to all my blogging buddies. It’s a great product. And props to Jay for the release. He’s saved blogging.


Programming Butt Kicking

Sunday and Monday were great programming days. Got tons of bugs fixed on the CMS. Started Indexing, that’s now done (partly). Also got some limited search functionality. And tons and tons of stupid bugs, and odd functionality fixed. More than I noted in my change log. A lot more. It was good time. Some code cleanup, removed some bogus code, and consolidated a few things…. all was good in happy town.

Then this Computer Science & Programming Lab came around. And I feel like I took a shower in a Turkish prison, and dropped the SOAP.

It hurts. I’m tired, and I want sleep. And I want a decent grade. And this internal conflict might be the war to end all wars.

Spam Filtering is starting now on my server, so my email should be cleaning on my server, rather than client side, meaning my CPU should be free a bit more. A great thing.


Spam Filtering in Mozilla

A little discussion with David Bienvenu today regarding spam filtering in Mozilla. Allow me to summarize:

I’m a huge fan of the SpamAssassin project. I use it, and love it. It’s not perfect, but does a great job. SpamAssassin, adds a header to all email it searches, known as “X-Spam-Status” It’s “yes” if it’s spam, and “no” if it isn’t. If it’s spam, the message contains the tests that triggered (causing it to be recognized as spam), and it attaches the original message to the email.

As a result of this, the email isn’t pure spam anymore. It contains SpamAssassin markings. That’s good, and bad, depending on how you look at it. My suggestion was to acknowledge other spam products do this, and take advantage of it.

Bug 224318

Several things can be done as noted in the bug:

An option to use X-spam-status over bayes testing.
This in essence disables bayes testing in Mozilla. It uses the spam status to decide if the message is spam. The UI works the same (the little garbage icon’s and junk folder), just the actual spam checking is done by another product. Easier than configuring a filter (for end users). Cleaner UI.

Give weight to x-spam status
This would allow the mozilla to somehow give a weight to spam marked as spam.

Feed Mozilla’s Bayes
This I suggest as a default behavior, as SpamAssassin does this for it’s own bayes engine, and it’s successful. emails marked as spam are automatically acknowledge by Mozilla as spam/ham, and learned by the bayes system in Mozilla. In essence the bayes learns automatically without user interaction.

There are other possibilities as well. Regardless of the method(s) utilized in the future, there is serious room to enhance an already powerful tool. Comments on the bug would be nice. Mozilla Mail kicks butt thanks to it’s ability to provide great features. There has to be a way to utilize this to fight spam better than any other email product on the web.

In The News Politics

Do not call list

They better get the Do Not Call List working soon. Apparently there have been some legal issues.

I can’t stand telemarketers. They drive me nuts. Don’t want to buy anything from some con-artist over the phone. The fact that a company uses telemarketing makes it an invalid company in my mind.

There’s no need to call, because I will not pay, buy, or vote for anything telemarketed. It just crosses you off my list.




Finally got Net::DNS to compile and install on XP with Active Perl 5.8. Yea for me.

So I’m experimenting with DNSBL. Neat feature, seems to be working well. Still figuring out which lists are best (without slowing down mail to a halt).

Still can’t get sa-learn working properly. But that’s for tomorrow.

Less spam getting through. Much more than 95% effective now.