Will Monster.ie get away with spamming?

Oh dear. Monster.ie is the latest company to spam bloggers. Both Michele and Tom were spammed as part of an email campaign targeting it@Cork members. Monster harvested the emails from a members list on the it@Cork website which has since been removed.

Stewart Photo Supplies spammed a large number of photography related email addresses a few weeks back, but then they apologised which is great. Unfortunately someone from a Monster IP address left defensive and abusive comments so I don’t think an apology will be forthcoming.

Damien has dugg the post so give it a digg if you can! Tom has a new post including a voicemail he received from Monster threatening legal action. That’s bad, really bad.

Just say sorry John, it’ll help (a small bit).

The legislation surrounding this kind of behaviour is very clear, data can only be used for the purposes for which it is obtained. We in it@cork were obviously naive in publishing the members directory (since taken offline) but that doesn’t confer on anyone permission to harvest that address list and spam them.

The Irish Data protection Commissioner takes a very dim view of this and has the power to levy fines of up to €3,000 per address spammed (so potentially €570,000 in this case).

Update! Monster apologised and Tom has the email.

Why not let Google filter your spam?

I’ve been running Spamassassin and Postgrey on my mail server for the past few months. It was only since the server was upgraded that I had enough juice to run the very intensive SA processes (even using spamd), but still on occasion the server would grind to a stop when a particularly nasty Rumpelstiltskin attack was underway.

So, last week I met Mark for a coffee and he showed me his Nokia N90 (or N80, I can’t remember) and the gmail app that was installed on it. He collects his gmail email on his phone, after it’s filtered for spam, and what with the cost of GPRS data, that’s quite a saving. I don’t intend reading my email on my phone (I hate my W810i anyway), but he did give me the idea of sending my email through Google and then popping it off into Thunderbird!

googlespam.gif

Now, I have a simple .forward to send on my email. I was able to shut down Postgrey and Spamassassin and email is delivered quickly and with few false positives or spams getting through. When I think of it, I can use the web interface to check what’s due to come down the line. You also get the added bonus of encrypted pop3 data, useful when you’re at a conference or simply on public wifi.

I’m sure everyone else has been doing this for ages and ages but hopefully this will inspire at least one person to follow suit and rid themselves of spam once and for all!

Filter spam through Postfix and Spamassassin

It has been a long time since I used and configured Sendmail, and I don’t miss it one bit now that Postfix is on the scene, but the amount of spam I receive does bother me. My Junk folder had reached 160MB, mostly due to some idiots sending huge spam attachments, but also because spam still works and a majority of the email circulating is spam and not legitimate.

Spamassassin is how we fight back. Unfortunately it needs a reasonably powerful server, gobs of memory and CPU when there’s a lot of incoming email and time to configure. Using spamd/spamc makes things easier on your server but it’s still a hefty price to pay for being spam free.

Here are a few pages I found useful this morning when getting things up and running on my Ubuntu server:

I also recommend running Postgrey to stop some junk mail before it gets into your system at all.

Now, if only there was a Spamassassin for the junk mail and clothes collection leaflets we get to the front door. How’s about a Defense Tower that would fire pellets when it noticed someone with leaflets calling to the door?

Edit: Justin talks about one of Spamassassin’s honeypot traps and about goings on at Blacklist.ie

Is Flickr under attack by spam?

Has anyone else noticed an increase of spam comments on Flickr lately? I noticed my first spam comment there only last week, complained about it, and the comment and user were both deleted shortly afterwards. I thought nothing more of it.

This morning I got an unwelcome shock when I checked my Flickr comments through Bloglines. More spam comments. There’s a screenshot below. When I clicked through to the photos in question both comments had been deleted but later on another spam comment appeared and I now suspect any comment left by users with usernames starting with “a” with a mixture of upper and lower case characters and digits. Maybe it’s time they invested in an Akismet license for Flickr.com? Thanks Lloyd for the reminder!

Continue reading “Is Flickr under attack by spam?”

Is spam now self defeating?

distasteful.gif Has anyone else noticed that the new generation of gif based stock-trading spams are getting really hard to read? In the last one I had to squint and look really carefully to find out what stock was hot and a sure-buy today!

For a moment I was reminded of the times when I left comments on a Typepad or Blogspot blog before hitting J to junk the thing. Pretty backgrounds too.

Thinkhouse PR – what's up?

As Damien’s post is missing from Google I think it’s up to the rest of us to spread the word.

Despite contacting them several times over the course of a few weeks Thinkhouse PR continued to spam Damien with product announcements and press releases. On August 23rd he sent a formal complaint to the Data Protection Commissioner and being a blogger, wrote about it too. It is this post that has disappeared from Google’s search. It might be something as innocent as a Google refresh or it might be banned.

If you live outside Ireland, please search for “Thinkhouse PR” and leave a comment here if you see Damien’s post on the front page. Thanks.

Tom has also covered this issue and found out that the Data Protection Commissioner apologised to Thinkhouse PR for investigating them.

Bizarrely, Jane McDaid of Thinkhouse PR in a comment on James‘ site said that the Data Protection Office had apologised for having to follow up the complaint!

Later.. Damien posted the letter he received from the Commissioner. They did investigate, but I think someone in Thinkhouse PR needs to come up with another reason. They stated that it took up to 2 days to remove a user from their lists. Unfortunately for them Damien received his last spam correspondence from them 14 days or more after contacting them. Someone should get a slap on the wrist for this.

Spam Spam Spam, Come on up and get your spam!

Here’s an updated list of recent spam to this list. It’s updated every few minutes so you can see a snippet of the spam that’s being deleted automatically here by Kitten’s Spaminator and diligent updating of keywords. Go wild!

I need to think about this a bit more. WPMU supports multiple blogs, run by multiple different people, all of whom can update their spam word lists. Wouldn’t it be useful to have a “I trust the following blogs” list so that spam words can be shared between blogs?

Slightly related, I started using PEAR Cache to cache frequently used database calls. Stuff like the “last posts” and other plugins now use that. It’s working very well and load on the server has gone down!

Oh, and when you’re updating to the latest CVS version of WordPress, a database table has changed. I ran the following to update my tables:
cd wp-inst/wp-content/blogs; for i in *; do echo "ALTER TABLE wp_"$i"_users CHANGE dateYMDhour user_registered DATETIME DEFAULT '0000-00-00 00:00:00' NOT NULL "| mysql wordpress_db; done