Inside spamlist job @ sbcglobal?
Eric C. Weaver
This past week I started receiving spam on my sbcglobal account, which I only
watched for official SBC-DSL messages. They seem to be addressed to
sequential names at the domain and have originated at 68.122.56.123 which
seems to be in PBI.net address space although the PBI.net name servers don't
recognize it.
I checked on Google for my address on groups and web pages, and came up dry.
I'm wondering if there's been an inside address-list leak, paid for by some
spammer, or (black-helicopter time) SBC is selling its addresses deliberately.
Or it could just be a "phonebook attack". Dunno. Darned annoying at any rate.
--
"Without music to decorate it, time is just a bunch of boring
production deadlines or dates by which bills must be paid." --FZ
John Higdon
"Eric C. Weaver" <we...@sigma.net> wrote:
> I checked on Google for my address on groups and web pages, and came up dry.
> I'm wondering if there's been an inside address-list leak, paid for by some
> spammer, or (black-helicopter time) SBC is selling its addresses
> deliberately.
I've had evidence of this for some time. When I mentioned it here a year
or two ago, I was roundly rebuffed with "PBI wouldn't do such a
thing"...which didn't even begin to explain how brand new virgin email
addresses were spammed within a day of creation.
FYI, our own engineering list at a certain noncomm radio station is the
target of spam. It became such within a day or two of adding one of the
members who has (you guessed it) an account with PacBell Internet. So
far, my filters have been able to keep the list relatively spam-free.
But I am completely convinced that PBI is running some sort of spammer
accommodation. It is either that, or employees are running a scam on the
side.
> Or it could just be a "phonebook attack". Dunno. Darned annoying at any
> rate.
What I have seen cannot be explained by that.
--
John Higdon | Email Address Valid | SF: +1 415 428-COWS
+1 408 264 4115 | Anytown, USA | FAX: +1 408 264 4407
Eric C. Weaver
> But I am completely convinced that PBI is running some sort of spammer
> accommodation. It is either that, or employees are running a scam on the
> side.
I am MORE than willing to believe that an employee of PBI or Yahoo (who runs
the mail operation now... I fetch from pop.sbcglobal.yahoo.com) is selling
spam lists out the back door.
When I worked on Lycos Mail, if we had caught one of our own doing that, some
VERY nasty things would have been done to the miscreant.
--
PH34R M9 WH1|\|9N355!!
Philip J. Koenig
writes...
Bear in mind that SBC, as the largest single provider of DSL service
in the USA, is going to be much more a target for various things,
including dictionary attacks, sniffing, snooping and so on, than
many other ISPs.
Now as you all should know by now, my opinion of SBC and the honesty
of its practices at its various divisions is not high, but then again
if they really and truly were pulling something like this, it would
seem all-too-easy to catch them red-handed and give them a pretty
substantial PR problem.
The simple fact that you see spam sent to sequential user names is
in fact an example of a classic dictionary attack. Dictionary attacks
are a non-issue for most local ISPs because they simply don't have a
large enough user-base to make them lucrative. But when you have
hundreds of thousands, or millions of users, then it does become more
attractive to spammers.
--
* Few people are capable of expressing with equanimity opinions which *
* differ from the prejudices of their social environment. Most people are *
* even incapable of forming such opinions. -- Albert Einstein *
* *
* To send email, remove numbers and spaces: pjkusenet64 @ ekahuna27 . com *
* Simple answers are for simple minds. Try a new way of looking at things. *
John Higdon
Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> wrote:
> Now as you all should know by now, my opinion of SBC and the honesty
> of its practices at its various divisions is not high, but then again
> if they really and truly were pulling something like this, it would
> seem all-too-easy to catch them red-handed and give them a pretty
> substantial PR problem.
How would it be that easy? Other than circumstantial evidence, I have
yet to stumble over any hard proof. But the circumstantial evidence is
too voluminous now to ignore, at least from my point of view.
What caught my attention was that a mailing list (maintained here) was
100% spam-free for years. Within a single day or two of adding an SBC
customer to the list (who swears he did nothing to attract any spam to
the list input address), the list was deluged. I have also had
associates who have set up addresses in SBC's domain space, only to
start receiving spam immediately. Dictionary attacks don't find unusual
usernames within twenty-four hours.
Fred Viles
news:absolutely-no-spam-8...@equine.announcetech.c
om:
>...
> FYI, our own engineering list at a certain noncomm radio station
> is the target of spam. It became such within a day or two of
> adding one of the members who has (you guessed it) an account
> with PacBell Internet.
The list address itself is the target? Interesting, are you thinking
that they harvest recipient addresses from thier SMTP server logs or
something?
> So far, my filters have been able to keep
> the list relatively spam-free.
I've just started experimenting with RBLs on my server. I'd like to
hear which ones you've found worth using. I think you posted the
public lists you use once before, but I can't find it.
- Fred
Philip J. Koenig
absolutel...@verislimesucks.com (John Higdon) writes...
> In article <MPG.1a3d9b031...@corp.supernews.com>,
> Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> wrote:
>
> > Now as you all should know by now, my opinion of SBC and the honesty
> > of its practices at its various divisions is not high, but then again
> > if they really and truly were pulling something like this, it would
> > seem all-too-easy to catch them red-handed and give them a pretty
> > substantial PR problem.
>
> How would it be that easy? Other than circumstantial evidence, I have
> yet to stumble over any hard proof. But the circumstantial evidence is
> too voluminous now to ignore, at least from my point of view.
I think there would be, with a company the size of SBC, altogether
too many potential witnesses and snitches to get away with something
like that without someone spilling the beans. And the stakes are high
on things like that - if SBC was doing that sort of thing in direct
contradiction of their written privacy policies, or something like TrustE
site certification, it would cause them a lot of PR headaches. I'm not
sure whatever income they'd derive from it would be worth the risk.
> What caught my attention was that a mailing list (maintained here) was
> 100% spam-free for years. Within a single day or two of adding an SBC
> customer to the list (who swears he did nothing to attract any spam to
> the list input address), the list was deluged.
Well it could have been a coincidence, or your friend's PC could
have been trojaned, etc. Stuff like that happens all the time.
Microsoft had a major network break-in that resulted in the loss of
valuable source-code that way. (Spammers have also shifted towards
distribution of malware as a tool to enhance their spamming activities,
the "MIMAIL" worm being one of the more prominent recent examples.)
Regarding addresses that have been "spam free for years", we must
all have noticed that spam is skyrocketing -- so statistically
speaking, the likelihood of every address being spammed has been
increasing precipitously as of late. (I now have customer postmaster
addresses on spam lists simply because someone received a virus
warning with that return-address. Postmaster is one of those
addresses that we don't have the luxury of just killing when they
get on spam lists, unfortunately.)
> I have also had
> associates who have set up addresses in SBC's domain space, only to
> start receiving spam immediately. Dictionary attacks don't find unusual
> usernames within twenty-four hours.
Well undoubtedly it sounds suspicious, but on the other hand it
could be similiar to what happens when you take over the telephone
number of some previously famous (or infamous) person or business.
Like telephone numbers these days, I imagine the "popular" names
at various large ISPs don't sit fallow for very long when someone
gives one up.
Philip J. Koenig
fv+a...@nospam.usen.epitools.com (Fred Viles) writes...
In case you're interested in big lists of 'em (over 130 operating
DNS BL's currently, it appears) here you are:
http://dmoz.org/Computers/Internet/Abuse/Spam/Blacklists/
http://www.declude.com/JunkMail/Support/ip4r.htm
http://www.sdsc.edu/~jeff/spam/Blacklists_Compared.html
Spamhaus seems to be one of the more reputable ones that really
ensures that they've got proof of pretty much unrepentant spam
emanating from hosts on its list.
Needless to say, certain other BL's have higher "hit rates" but
they almost without question have a higher rate of false positives
too.
Spam blocking for a single individual isn't too hard. But when
you start having to do this for large numbers of users, you quickly
find out how many people are out there who actually _want_ stuff
that you and I probably wouldn't give a nanosecond of our time
to. Thus the whole question of "false positive" takes on a new
dimension.
(Current pet peeve: established and well-known companies like
United and Alaska Airlines and Office Depot that insist on sending
out bulk mailings from the spammiest looking non-corporate sites
and hosts using non-corporate-identifiable return addresses. All
they accomplish by that stupidity is getting a lot more of that
stuff trashed without a second-glance than would already have been
the case. It's not like they're trying to hide their affiliation
with the mailings, so I fail to see the point.)
Kevin McMurtrie
Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> wrote:
> In article
> <absolutely-no-spam-C...@equine.announcetech.com>,
> absolutel...@verislimesucks.com (John Higdon) writes...
> > In article <MPG.1a3d9b031...@corp.supernews.com>,
> > Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> wrote:
> >
> > > Now as you all should know by now, my opinion of SBC and the honesty
> > > of its practices at its various divisions is not high, but then again
> > > if they really and truly were pulling something like this, it would
> > > seem all-too-easy to catch them red-handed and give them a pretty
> > > substantial PR problem.
> >
> > How would it be that easy? Other than circumstantial evidence, I have
> > yet to stumble over any hard proof. But the circumstantial evidence is
> > too voluminous now to ignore, at least from my point of view.
>
>
> I think there would be, with a company the size of SBC, altogether
> too many potential witnesses and snitches to get away with something
> like that without someone spilling the beans. And the stakes are high
> on things like that - if SBC was doing that sort of thing in direct
> contradiction of their written privacy policies, or something like TrustE
> site certification, it would cause them a lot of PR headaches. I'm not
> sure whatever income they'd derive from it would be worth the risk.
>
[snip]
I bet there are lots of people with access to their SMTP logs and user
account e-mail addresses. Customer support, software engineering, usage
analysts, network operations, system monitoring, etc. Now multiply that
by two since SBC and Yahoo are involved. There wouldn't be any hacking
and it would never be detected.
I also get the impression that the SBC work environment today makes the
Dilbert cartoon seem tame. If there was profitable fraud going on, it's
likely that managers would cash in on it rather than stop it. I've
worked at a couple of dot-bombs and you wouldn't believe how fast
corruption sweeps in once people loose faith in their employer.
Philip J. Koenig
mcmu...@dslextreme.com (Kevin McMurtrie) writes...
> I also get the impression that the SBC work environment today makes the
> Dilbert cartoon seem tame. If there was profitable fraud going on, it's
> likely that managers would cash in on it rather than stop it. I've
> worked at a couple of dot-bombs and you wouldn't believe how fast
> corruption sweeps in once people loose faith in their employer.
Good point, although actually I've encountered what appear to be
a larger percentage of loyal SBC employees than disloyal ones.
SBC is probably the polar-opposite from a dot-bomb environment:
old, huge, ponderous bureacracy where things move really slowly.
Those kinds of companies aren't the kinds of places that attract
mercurial, question-authority types that want to change the world
overnight. More like working for the civil service or the military,
and there's no chance they're going to disappear tomorrow.
Eric C. Weaver
> In article <mcmurtri-F2BBC8...@corp-radius.supernews.com>,
> mcmu...@dslextreme.com (Kevin McMurtrie) writes...
>
>
>
>>I also get the impression that the SBC work environment today makes the
>>Dilbert cartoon seem tame. If there was profitable fraud going on, it's
>>likely that managers would cash in on it rather than stop it. I've
>>worked at a couple of dot-bombs and you wouldn't believe how fast
>>corruption sweeps in once people loose faith in their employer.
>
>
>
> Good point, although actually I've encountered what appear to be
> a larger percentage of loyal SBC employees than disloyal ones.
> SBC is probably the polar-opposite from a dot-bomb environment:
> old, huge, ponderous bureacracy where things move really slowly.
>
> Those kinds of companies aren't the kinds of places that attract
> mercurial, question-authority types that want to change the world
> overnight. More like working for the civil service or the military,
> and there's no chance they're going to disappear tomorrow.
1. It only takes one, and the boss may not have the skills to notice.
2. Since Yahoo is running the mail service now, it may well be a Yahoo
employee that's selling the addresses. Pretty sure Kevin's comment still
applies to Yahoo these days.
Jeff Liebermann
<absolutel...@verislimesucks.com> wrote:
>What caught my attention was that a mailing list (maintained here) was
>100% spam-free for years. Within a single day or two of adding an SBC
>customer to the list (who swears he did nothing to attract any spam to
>the list input address), the list was deluged.
About two years ago, every time I added a new SBC/PBI DSL account, it
would receive spam within about 15 minutes. It stayed that way for
about a year when suddenly it stopped. I could create new SBC/PBI
email accounts without getting any spam. Several of my customers have
accounts but use email elsewhere. No spam.
Then, about 3 months ago, it started again with a different pattern.
I would create an account and the spam would start within a few hours.
The change seemed to coincide with the implimentation of the
SBC/PBI/Yahoo/Prodigy spam filter and requiring SMTP authentication,
but this may be coincidence. I also noticed that only the main email
account was getting spammed. If I created several additional accounts
at the same time, it would take some activity to get spammed on those
accounts, while the main account was almost instantaneous.
My guess(tm) is that someone is sniffing or reading the logs. NNTP,
SMTP, but not POP3 authentication all use the main account login and
password. It could also come from the RADIUS, SMTP, and NNTP logs.
It could also come from sniffing the web page which offers what
appears to be a non-secure user login:
http://sbcglobal.prodigy.net
which appears (not sure) to pass the login and password along
unencrypted. I don't have time to setup a sniffer today to check.
Could someone please look at the source and verify my allegation?
Another guess(tm) is that its coming via spyware. Spyware often
delivers the users address book to the perpetrator, which would end up
added to a spammers mailing list. A clue is that much of the spam I
receive is addressed to my email addresses, but often with my name
attached in a rather odd or mis-spelled manner, such as what would
appear in someones address book. There are also trojans that install
sniffers to look for login/passwords, credit card numbers, email
addresses, and such. Could be your victim had some spyware installed.
Such spyware or trojan inside an ISP's firewall would be scarey.
As far as unethical practices and selling mailing lists, I've
encountered the practice at all levels in the past 20+ years of doing
battle with computahs. Most commonly, it's a recently terminated
employee selling customer and vendor lists to competitors. I've seen
only one incident of an ISP employee selling customer lists. In
general, I've found that the uncertain economy has made employees
rather nervous which tends to improve loyalty. That's quite a change
from the heyday of the dot com, where companies were hiring anything
that dragged itself through the front door.
--
Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
(831)421-6491 pgr (831)336-2558 home
http://www.LearnByDestroying.com AE6KS
je...@comix.santa-cruz.ca.us je...@cruzio.com
John Higdon
Fred Viles <fv+a...@nospam.usen.epitools.com> wrote:
> The list address itself is the target? Interesting, are you thinking
> that they harvest recipient addresses from thier SMTP server logs or
> something?
That's certainly what it looks like. The list input address is only used
by the list participants. It does not appear in public, and there are
less than a dozen participants. For spammers to get that address,
someone, who had access to server logs, would have had to provide it. It
wouldn't be guessed in a dictionary attack in our lifetime.
> I've just started experimenting with RBLs on my server. I'd like to
> hear which ones you've found worth using. I think you posted the
> public lists you use once before, but I can't find it.
I'm currently using:
mail-abuse.org (MAPS spam, open-relay, and DUL lists)
spamhaus.org
spamcop.net
In addition, I use a private list that is publicly accessable. This is a
list to which I add sites that seem to stay under the radar of the
public sites, or are not listed due to political or court activity. For
instance, when sites got injunctions against MAPS for listing them, I
just popped them into my own list. I'll be happy to give you the pointer
in email if you are interested.
Eric Weaver
> My guess(tm) is that someone is sniffing or reading the logs.
This is my guess, too. The latest spam started coming immediately after a
SBC/Yahoo internal promo spam. Log sniffing/reading would account for that
best, if I'm not mistaken.
I bet it's happening at Yahoo rather than SBC.
Fred Viles
om:
> In article <c1c1a741e34bdadf...@news.teranews.com>,
> Fred Viles <fv+a...@nospam.usen.epitools.com> wrote:
>
>> The list address itself is the target? Interesting, are you
>> thinking that they harvest recipient addresses from thier SMTP
>> server logs or something?
>
> That's certainly what it looks like. The list input address is
> only used by the list participants. It does not appear in
> public, and there are less than a dozen participants. For
> spammers to get that address, someone, who had access to server
> logs, would have had to provide it. It wouldn't be guessed in a
> dictionary attack in our lifetime.
Have all the listmembers checked for spyware on their machines?
That's the only other possibility I can think of.
>> I've just started experimenting with RBLs on my server. I'd
>> like to hear which ones you've found worth using. I think you
>> posted the public lists you use once before, but I can't find
>> it.
>
> I'm currently using:
>
> mail-abuse.org (MAPS spam, open-relay, and DUL lists)
> spamhaus.org
> spamcop.net
Thanks. Do you have statistics on the relative hit rates you get
from these? I wouldn't mind at all paying the fee at mail-abuse if
it catches a significant amount of what gets by the various free
lists. I think it well might, but apparently there's no way to try
before you buy. :(
I already had spamhaus, but spamcop sounded like it might have too
many false positives. Are you not getting any collateral damage
from it, or are you whitelisting it as you encounter it? In any
case, I'm quarantining rather than rejecting (for a while at
least), so I've just added it.
FWIW, in a little over a day I've had the following results. RBLs
are checked in the order listed, and the numbers are
spam:legitimate.
sbl.spamhaus.org - 74:0
relays.ordb.org - 0:0
list.dsbl.org - 101:0
dnsbl.sorbs.net - 31:1
opm.blitzed.org - 0:0
proxies.relays.monkeys.com - 0:0
TOTAL=206:1. Not bad for a start. The one piece of collateral
damage was from the spam.dnsbl.sorbs.net database, which only
matched 3 spam not caught by another list.
I also experimented with a PTR record check, but collateral damage
was about 25%. Which is too bad, because in the 12 hours or so it
was active it caught another 17 spam that the RBLs missed.
> In addition, I use a private list that is publicly accessable.
> This is a list to which I add sites that seem to stay under the
> radar of the public sites, or are not listed due to political or
> court activity. For instance, when sites got injunctions against
> MAPS for listing them, I just popped them into my own list. I'll
> be happy to give you the pointer in email if you are interested.
Sure I'm interested, thanks! My email address works (or should do,
I haven't actually tested it since I updated the configuration
recently...)
- Fred
John Higdon
Fred Viles <fv+a...@nospam.usen.epitools.com> wrote:
> Have all the listmembers checked for spyware on their machines?
> That's the only other possibility I can think of.
It's a possibility.
> Thanks. Do you have statistics on the relative hit rates you get
> from these?
I haven't tabulated anything, but a cursory examination of the log gives
the order of hits:
From the most to least hit:
SpamCop
MAPS
My own list
SpamHaus
Of course, things may appear on more than one list, but the first one
that finds a match gets the log entry. I'm pretty sure that most of the
MAPS hits are from the DUL, one of the best blockers since it stops a
lot of the kids who spam from home.
> I wouldn't mind at all paying the fee at mail-abuse if
> it catches a significant amount of what gets by the various free
> lists. I think it well might, but apparently there's no way to try
> before you buy. :(
I have it primarily for the DUL.
> I already had spamhaus, but spamcop sounded like it might have too
> many false positives. Are you not getting any collateral damage
> from it, or are you whitelisting it as you encounter it? In any
> case, I'm quarantining rather than rejecting (for a while at
> least), so I've just added it.
Yes, the first and only collateral damage from RBLs I have experienced
has been from SpamCop. I signed up for a free Yahoo account (don't ask
why) and never got the "confirmation" email so that I could "verify". A
later examination of the logs revealed that SpamCop was the reason. I
took that as a wakeup call and reconsidered having any dealings at all
with Yahoo.
> FWIW, in a little over a day I've had the following results. RBLs
> are checked in the order listed, and the numbers are
> spam:legitimate.
>
> sbl.spamhaus.org - 74:0
> relays.ordb.org - 0:0
> list.dsbl.org - 101:0
> dnsbl.sorbs.net - 31:1
> opm.blitzed.org - 0:0
> proxies.relays.monkeys.com - 0:0
>
> TOTAL=206:1. Not bad for a start. The one piece of collateral
> damage was from the spam.dnsbl.sorbs.net database, which only
> matched 3 spam not caught by another list.
If you handle any kind of volume at all, you will find that MOST of your
traffic is rejected by the RBLs. That's spam for you these days.
> I also experimented with a PTR record check, but collateral damage
> was about 25%. Which is too bad, because in the 12 hours or so it
> was active it caught another 17 spam that the RBLs missed.
I gave up on that years ago. It has been a long time since sites have
had crisp DNS. It is sloppy as hell now. I've even got stuff that needs
cleaning up.
DMF
> What caught my attention was that a mailing list (maintained here) was
> 100% spam-free for years. Within a single day or two of adding an
> SBC customer to the list (who swears he did nothing to attract any spam
> to the list input address), the list was deluged. I have also had associates
> who have set up addresses in SBC's domain space, only to start receiving
> spam immediately. Dictionary attacks don't find unusual usernames within
> twenty-four hours.
I have a Pacbell email account associated with my DSL account that I
never used. I check it occasionally and all I receive is Pacbell newsletters
(aka spam). Since it was created in 1996-1997 I have never received
anything that did not come from Pacbell. (I have not converted it to
SBC/Yahoo). On the other hand, I had a client who has Pacbell DSL
(also unconverted) and her primary inbox was swamped with spam
(~200+ per day!). She's a LOL and not computer savy so instead of
trying to get her to use a spam-filter I convinced her to abandon her
main email since she mostly corresponds with 4 friends. We created
a new mail box and almost immediately she was getting spam, around
20 per day already after only about 6wks. She swears up and down
that she did not give it out to anyone but her friends (and when we
created it I gave her the tips on what to do and not do to protect her
mailbox). I don't think she is lying to me.
I have no idea what this implies but for those of you trying to figure
this out here are two more data points. Also, I think that it is unlikely
that either SBC or Yahoo is actually selling email lists and its also
unlikely that someone is selling lists out the back door.
BTW, I thought I read somewhere that the committee in charge of
the SMTP standards was working on a new revision that will include
more features to block and prevent spam. Any truth to that, and if
so, when is the new standards going to be released?
Regard,
David
John Higdon
"DMF" <m...@sans.spam.com> wrote:
> BTW, I thought I read somewhere that the committee in charge of
> the SMTP standards was working on a new revision that will include
> more features to block and prevent spam. Any truth to that, and if
> so, when is the new standards going to be released?
No, Yahoo is working on an authentication scheme. I'm skeptical that
such a thing will be effective. After all, anything a small business can
do (most businesses handle their own email), a spammer can do as well.
BTW, once a scheme is proposed, it will have to be applied to millions
of servers worldwide. That's not going to happen overnight. Consider
that there are STILL servers acting as open relays, and how many years
has it been since we learned not to do that?
Now that Congress has finally passed its "spam legalization act", watch
for spam levels to skyrocket. I'm willing to bet that many messages will
carry verbiage to this effect: "This message complies with Federal law
and cannot be considered spam."
Clueless idiots! And the spammers aren't much better.
Philip J. Koenig
fv+a...@nospam.usen.epitools.com (Fred Viles) writes...
>
> was about 25%. Which is too bad, because in the 12 hours or so it
> was active it caught another 17 spam that the RBLs missed.
At first glance it sounds useful to do checks on things like that,
checks on compliance with SMTP RFC's etc, but you quickly realize
that A) there are a lot of innocent sites who have systems that are
misconfigured or noncompliant in various ways and B) preventing
communication with any site not 100% compliant in every way ends
up blocking lots of legit/desirable traffic.
When you say you were using a "PTR record check", were you simply
checking for the existence of any PTR record, or that it exactly
matched the A record for that host?
Obviously the former is less draconian than the latter. Unfortunately
lots of sites have mismatching A/PTR records on mail hosts. (Some
ISPs won't allow smaller customers to customize their PTR records)
Philip J. Koenig
fv+a...@nospam.usen.epitools.com (Fred Viles) writes...
> I wouldn't mind at all paying the fee at mail-abuse if
> it catches a significant amount of what gets by the various free
> lists. I think it well might, but apparently there's no way to try
> before you buy. :(
Bear in mind that at least as of last year, MAPS was allowing
"hobbyist/personal" use (single host) of basic MAPS BL's for
free. Be patient though - it can take a while to get a response
from them after you make a request.
Philip J. Koenig
absolutel...@verislimesucks.com (John Higdon) writes...
> In article <HxcBb.1460$XF6....@typhoon.sonic.net>,
> "DMF" <m...@sans.spam.com> wrote:
>
> > BTW, I thought I read somewhere that the committee in charge of
> > the SMTP standards was working on a new revision that will include
> > more features to block and prevent spam. Any truth to that, and if
> > so, when is the new standards going to be released?
>
> No, Yahoo is working on an authentication scheme. I'm skeptical that
> such a thing will be effective. After all, anything a small business can
> do (most businesses handle their own email), a spammer can do as well.
There is indeed a working group of the IETF having discussions about
architectural changes to internet standards in order to better address
the spam problem.
You can read about the group and find out how to get onto or read
archives of their mailing list here:
http://www.irtf.org/charters/asrg.html
John Higdon
Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> wrote:
> There is indeed a working group of the IETF having discussions about
> architectural changes to internet standards in order to better address
> the spam problem.
Yes, you're right. That started some months ago, and I made the same
point then. Anything that can be done by a small business to continue
doing email can be done by spammers. And, as you know, some spammers are
actually BIG business.
John Higdon
Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> wrote:
> Bear in mind that at least as of last year, MAPS was allowing
> "hobbyist/personal" use (single host) of basic MAPS BL's for
> free. Be patient though - it can take a while to get a response
> from them after you make a request.
Or to make any changes in such an account. One of the reasons for my
exceedingly contorted DNS arrangement is to preserve the appearance of
DNS queries from my registered address.
John Higdon
Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> wrote:
> Obviously the former is less draconian than the latter. Unfortunately
> lots of sites have mismatching A/PTR records on mail hosts. (Some
> ISPs won't allow smaller customers to customize their PTR records)
On the other hand, some ISPs will allow smaller customers to serve their
own PTR records.
Fred Viles
wrote in news:MPG.1a3f67a5b...@corp.supernews.com:
> In article <c8a875b28383370f...@news.teranews.com>,
> fv+a...@nospam.usen.epitools.com (Fred Viles) writes...
>
>> I also experimented with a PTR record check, but collateral
>> damage was about 25%. Which is too bad, because in the 12
>> hours or so it was active it caught another 17 spam that the
>> RBLs missed.
>...
> When you say you were using a "PTR record check", were you
> simply checking for the existence of any PTR record, or that it
> exactly matched the A record for that host?
I assume by "the A record for the host" you mean the EHLO/HELO
name, since otherwise your question makes no sense. In which case,
no.
My server (exim) does the usual follow-on check that the PTR name
owns a matching A record. But it certainly doesn't expect it to
match the name given on the EHLO/HELO message. That name
frequently doesn't even own an A record, so the collateral damage
would be substantial.
There doesn't seem to be a way in exim to flag only the case where
a sending host's IP has a PTR record but the PTR name doesn't own
an matching A record. That would be interesting to try.
>...
- Fred
Fred Viles
wrote in news:MPG.1a3f686ea...@corp.supernews.com:
> In article <c8a875b28383370f...@news.teranews.com>,
> fv+a...@nospam.usen.epitools.com (Fred Viles) writes...
>
>
>> I wouldn't mind at all paying the fee at mail-abuse if
>> it catches a significant amount of what gets by the various
>> free lists. I think it well might, but apparently there's no
>> way to try before you buy. :(
>
> Bear in mind that at least as of last year, MAPS was allowing
> "hobbyist/personal" use (single host) of basic MAPS BL's for
> free.
Still does, according to thier web site. But that doesn't apply to
me.
- Fred
Philip J. Koenig
absolutel...@verislimesucks.com (John Higdon) writes...
> In article <MPG.1a3f6aa51...@corp.supernews.com>,
> Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> wrote:
>
> > There is indeed a working group of the IETF having discussions about
> > architectural changes to internet standards in order to better address
> > the spam problem.
>
> Yes, you're right. That started some months ago, and I made the same
> point then. Anything that can be done by a small business to continue
> doing email can be done by spammers. And, as you know, some spammers are
> actually BIG business.
I don't think it's a question of whether spammers are technically
capable of doing X or Y.
I'm not up on the current topic of discussion on ASRG because
I haven't had time to follow it lately, but I have maintained for
a long time now that there are a variety of technical measures that
could be taken to make it much more difficult for spammers to do
what they do.
People are fed up with spam, and it has precipitated a cottage anti-
spam industry that has exploded over night - no less than 6-10 companies
in the Bay Area alone who have sprouted up over the last 2 years who
do nothing but anti-spam products. Together with recently (however
flawed) legislation, I do think the walls are going to start closing
in on them pretty soon.
Philip J. Koenig
absolutel...@verislimesucks.com (John Higdon) writes...
> In article <MPG.1a3f67a5b...@corp.supernews.com>,
> Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> wrote:
>
> > Obviously the former is less draconian than the latter. Unfortunately
> > lots of sites have mismatching A/PTR records on mail hosts. (Some
> > ISPs won't allow smaller customers to customize their PTR records)
>
> On the other hand, some ISPs will allow smaller customers to serve their
> own PTR records.
The irony here is that I would guess one of the primary reasons that
some ISPs disallow customer control over PTR records is to minimize
abuse by customers, ie spamming from hosts that resolve to rotating
spammer domains du jour.
Philip J. Koenig
> Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid>
> wrote in news:MPG.1a3f67a5b...@corp.supernews.com:
>
> > In article <c8a875b28383370f...@news.teranews.com>,
> > fv+a...@nospam.usen.epitools.com (Fred Viles) writes...
> >
> >> I also experimented with a PTR record check, but collateral
> >> damage was about 25%. Which is too bad, because in the 12
> >> hours or so it was active it caught another 17 spam that the
> >> RBLs missed.
> >...
> > When you say you were using a "PTR record check", were you
> > simply checking for the existence of any PTR record, or that it
> > exactly matched the A record for that host?
>
> I assume by "the A record for the host" you mean the EHLO/HELO
> name, since otherwise your question makes no sense. In which case,
> no.
>
> My server (exim) does the usual follow-on check that the PTR name
> owns a matching A record. But it certainly doesn't expect it to
> match the name given on the EHLO/HELO message. That name
> frequently doesn't even own an A record, so the collateral damage
> would be substantial.
>
> There doesn't seem to be a way in exim to flag only the case where
> a sending host's IP has a PTR record but the PTR name doesn't own
> an matching A record. That would be interesting to try.
As I said, rejecting any host without a PTR record is going to
catch some "innocent" hosts, but rejecting hosts where the PTR
record doesn't match the A record is going to reject a lot more
hosts. (as I said, there are a lot of MTAs whose PTR record
doesn't match their forward record)
As for HELO/EHLO greeting name, there are plenty of MTA's where
that string doesn't match their PTR record, particularly for
hosts which handle mail for many domains. Some MTA's don't even
use a HELO/EHLO preamble at all when sending mail, IIRC.
Fred Viles
wrote in news:MPG.1a3fe9ac8...@corp.supernews.com:
>...
>> I assume by "the A record for the host" you mean the EHLO/HELO
>> name, since otherwise your question makes no sense. In which
>> case, no.
>...
> As I said, rejecting any host without a PTR record is going to
> catch some "innocent" hosts,
Yes, you were agreeing with the observation I reported. I got that
part.
> but rejecting hosts where the PTR
> record doesn't match the A record ...
But not this part. What A record are you talking about?
- Fred
John Higdon
Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> wrote:
> The irony here is that I would guess one of the primary reasons that
> some ISPs disallow customer control over PTR records is to minimize
> abuse by customers, ie spamming from hosts that resolve to rotating
> spammer domains du jour.
That's possible, although I have yet to run into such a provider. SBC
allows it, as well as my provider.
Cubit
My SBC email name is not likely to be in a dictionary and includes a
numerical sequence. (The SPAM started before I used it on eBay.)
Some years ago, I orderred two unlisted numbers in my new apartment. A few
days later the same telephone soliciter called both numbers within a few
hours of each other. The numbers were on different prefixes and numericaly
unrelated. I figure they had to get the numbers from someone at Pacific
Bell (now SBC).
John Higdon
"Cubit" <n...@no.not> wrote:
> Some years ago, I orderred two unlisted numbers in my new apartment. A few
> days later the same telephone soliciter called both numbers within a few
> hours of each other. The numbers were on different prefixes and numericaly
> unrelated. I figure they had to get the numbers from someone at Pacific
> Bell (now SBC).
Without a doubt. I have unlisted numbers that have never been given to
anyone, ever. When they ring, it is guaranteed to be a wrong number or a
telemarketing call. Some of the telemarketing callers address me by
name. There is only one place that information could have come from.
Philip J. Koenig
absolutel...@verislimesucks.com (John Higdon) writes...
> In article <MPG.1a3fe874d...@corp.supernews.com>,
> Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> wrote:
>
> > The irony here is that I would guess one of the primary reasons that
> > some ISPs disallow customer control over PTR records is to minimize
> > abuse by customers, ie spamming from hosts that resolve to rotating
> > spammer domains du jour.
>
> That's possible, although I have yet to run into such a provider. SBC
> allows it, as well as my provider.
Seems to me that various hosting companies do not allow this,
particularly with low-cost hosting plans.
Philip J. Koenig
fv+a...@nospam.usen.epitools.com (Fred Viles) writes...
> Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid>
> wrote in news:MPG.1a3fe9ac8...@corp.supernews.com:
>
>
> > record doesn't match the A record ...
>
> But not this part. What A record are you talking about?
Let's say you have an MTA with an IP of 192.168.1.1, and an A record
of "mail.example.com". The MX record for example.com also points to
"mail.example.com".
It's quite common for the PTR record (1.1.168.192.in-addr.arpa.) to
not resolve to the same hostname as the A record. ("mail.example.com"
in this case)
It may resolve to something like "1-1-168-192.ip.webhoster.com"
instead.
Technically this is an allowable configuration, although personally
I consider it less than ideal. Nonetheless, people are often forced
to do this because their hosting provider or ISP may not allow them
control over their reverse resolution. This is particularly common
outside the USA, or on low-cost/bulk hosting accounts.
Fred Viles
wrote in news:MPG.1a406ec96...@corp.supernews.com:
> In article <7f6fe0a37e6dab8e...@news.teranews.com>,
> fv+a...@nospam.usen.epitools.com (Fred Viles) writes...
>> Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid>
>> wrote in news:MPG.1a3fe9ac8...@corp.supernews.com:
>>
>>
>> > but rejecting hosts where the PTR
>> > record doesn't match the A record ...
>>
>> But not this part. What A record are you talking about?
>
> Let's say you have an MTA with an IP of 192.168.1.1, and an A
> record of "mail.example.com".
OK. Of course there may be any number of additional A records with
other names that also have the same IP address.
> The MX record for example.com
> also points to "mail.example.com".
>
> It's quite common for the PTR record (1.1.168.192.in-addr.arpa.)
> to not resolve to the same hostname as the A record.
> ("mail.example.com" in this case)
Of course it is common. There is generally only one PTR record for
a given IP address, but there can be and often are any number of A
records in any number of different domains that all have that same
IP address. However, this is irrelevant to the point.
I think you are missing the point of my question, let me put it a
little differently:
You're saying the *receiving* mail server might choose to compare
the value name from the PTR record to the owner name of some A
record ("mail.example.com" in your example). Where did the
receiving mail server *get* that name from, if it didn't get it
from the EHLO/HELO message?
>...
- Fred
Philip J. Koenig
writes...
> Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> writes:
>
>
> > As for HELO/EHLO greeting name, there are plenty of MTA's where
> > that string doesn't match their PTR record, particularly for
> > hosts which handle mail for many domains. Some MTA's don't even
> > use a HELO/EHLO preamble at all when sending mail, IIRC.
>
>
> Pure curiosity on my part.
>
> -jav
I assume you're just referring to not sending HELO/EHLO at all.
If so, offhand I don't know which MTA's don't send that, but I
suspect they are typically older/obscure products.
As for the HELO/EHLO not matching the PTR record, I've used
a few of those myself. One of the common flaws are server
products which aren't flexible enough to allow that setting
to be configured - ie the software will only identify as the
hostname that matches the primary IP or interface, etc.
Wouldn't life be simple if we could force everyone in the world
to always have the latest/best tech.. :-)
Philip J. Koenig
writes...
> Some years ago, I orderred two unlisted numbers in my new apartment. A few
> days later the same telephone soliciter called both numbers within a few
> hours of each other. The numbers were on different prefixes and numericaly
> unrelated. I figure they had to get the numbers from someone at Pacific
> Bell (now SBC).
Telemarketers have been automatically "war-dialing" phone numbers
sequentially for many years. Oftentimes I'll get one of these sleaze
on line one, give them the boot, watch them ring line 2, then line 3...
Bear in mind that phone numbers don't "lie fallow" very long any
more.
In the olden days, phone companies would not re-assign a phone
number that was recently disconnected for quite some time, in
order to lessen the problem with wrong numbers by people calling
the old number owners.
Nowadays, numbers are in such short supply that they don't lie
dormant for much time at all. The result: lots more wrong numbers
and callers that think they're calling the people who used to have
the number than in the old days. (especially with auto-dialers on
fax machines and so on)
Jeff Liebermann
<absolutel...@verislimesucks.com> wrote:
>In article <kNxBb.68718$wx7....@newssvr25.news.prodigy.com>,
> "Cubit" <n...@no.not> wrote:
>
>> Some years ago, I orderred two unlisted numbers in my new apartment. A few
>> days later the same telephone soliciter called both numbers within a few
>> hours of each other. The numbers were on different prefixes and numericaly
>> unrelated. I figure they had to get the numbers from someone at Pacific
>> Bell (now SBC).
>
>Without a doubt. I have unlisted numbers that have never been given to
>anyone, ever. When they ring, it is guaranteed to be a wrong number or a
>telemarketing call. Some of the telemarketing callers address me by
>name. There is only one place that information could have come from.
There's another possibility. I've seen reverse telephone directories
advertised that seem to include unlisted numbers. Detectives and
hackers have been advertising the service on the internet. For
example:
<http://www.google.com/search?sourceid=navclient&q=reverse+phone+directory+unlisted>
shows quite a few URL's that claim to include unlisted numbers.
24,000 hits. It is possible that a telemarketer was assigned a block
of numerical phone numbers, and used a reverse phone directory lookup
to obtain your name.
--
Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
(831)421-6491 pgr (831)336-2558 home
http://www.LearnByDestroying.com AE6KS
je...@comix.santa-cruz.ca.us je...@cruzio.com
John Higdon
Jeff Liebermann <je...@comix.santa-cruz.ca.us> wrote:
> There's another possibility. I've seen reverse telephone directories
> advertised that seem to include unlisted numbers. Detectives and
> hackers have been advertising the service on the internet. For
> example:
> <http://www.google.com/search?sourceid=navclient&q=reverse+phone+directory+unl
> isted>
> shows quite a few URL's that claim to include unlisted numbers.
> 24,000 hits. It is possible that a telemarketer was assigned a block
> of numerical phone numbers, and used a reverse phone directory lookup
> to obtain your name.
I just tried every one that I could find. My unlisted numbers failed to
produce any results from any of the RNDs that I could find on the web.
That's not to rule out the possibility that the pay editions have
listings the free services don't. But it would appear that info on my
unlisted numbers is not casually available.
do...@insidexspa.usenet.us.com
> Without a doubt. I have unlisted numbers that have never been given to
> anyone, ever. When they ring, it is guaranteed to be a wrong number or a
> telemarketing call. Some of the telemarketing callers address me by
> name. There is only one place that information could have come from.
When I had a second line for modem/fax, I didn't want to pay to have it
unlisted, so I just listed it with a strange first name and no address.
The last name had to be the same as the primary line, and it's supposed to
be a real first name, but they probably can't challenge the spelling of the
name. "Ziggy" would be good, as it would be listed after my main number
alphabetically.
I would get the occasional hangup on the fax machine, but I think fax
tone is probably more effective than a TeleZapper for getting your number
delisted from telemarketing firms.
--
---
Clarence A Dold - Hidden Valley (Lake County) CA USA 38.8-122.5
John Higdon
wrote:
> I would get the occasional hangup on the fax machine, but I think fax
> tone is probably more effective than a TeleZapper for getting your number
> delisted from telemarketing firms.
Right...a fax tone gets you on the junk fax lists. I don't know who
started the rumor that some junk fax law has eliminated junk faxes, but
I'm here to tell you that it is complete baloney. I get about three to
five junk faxes A DAY. They run the gamut from mortgage offers to
printer cartridge sales. I get offers to call 900 numbers to vent on
political issues. Stock scams abound. I get several times more junk
faxes than legitimate ones.
I tried tracking some of the purveyors down and found that these guys
are professionals. Unless someone's time is worthless, there is no way a
reasonable person can find out who these people are without either
revealing a lot about himself, or expending considerable resources
investigating. I assume that fax.com is responsible for the actual
delivery, but as fax.com says: they have more legal resources than the
average fax recipient.
A word of caution: once your voice line ends up on the fax lists, good
luck. You will be awakened at all hours with CNG tones in your ear.
Privacy manager is the only defense against that sort of annoyance.
do...@insidexspa.usenet.us.com
> In article <br7i4i$1q2$1...@blue.rahul.net>, do...@InsideXspa.usenet.us.com
> wrote:
>> I would get the occasional hangup on the fax machine, but I think fax
>> tone is probably more effective than a TeleZapper for getting your number
>> delisted from telemarketing firms.
> Right...a fax tone gets you on the junk fax lists. I don't know who
I don't get much junk fax. In fact I don't think I've ever received a junk
fax on my home machine or my store's machine. I get some via eFax, but
that's fairly painless.
At work, I see some in the fax room, lying on the table, but probably not
even one per day.
Fred Viles
news:86brqgpu...@skylane.kjsl.com:
>...
> Speaking of MTA's, I recently switched to Postfix, away from
> sendmail, on the Unix servers. How refreshing. For example, the
> config file is --get this-- in English rather than modem line
> noise.
LOL - great characterization! I recently switched to exim for the
same reason. Both are very good choices, by all accounts.
- Fred
Philip J. Koenig
Good point. On the receiving end all you have to go on is
the IP address (and associated PTR record) or the HELO/EHLO
greeting.
However I have found that oftentimes there is no matching A
record for an existing PTR record. This is frequently the
case with router interfaces, I don't know how often it happens
with PTR records assigned by hosting companies to customers.
Philip J. Koenig
> Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> writes:
>
> > In article <86he097...@skylane.kjsl.com>, jav...@KJSL.COM (Javier Henderson)
> > writes...
> > > Philip J. Koenig <See_email_@ddress_below.This_one_is.invalid> writes:
> > >
> > >
> > > > As for HELO/EHLO greeting name, there are plenty of MTA's where
> > > > that string doesn't match their PTR record, particularly for
> > > > hosts which handle mail for many domains. Some MTA's don't even
> > > > use a HELO/EHLO preamble at all when sending mail, IIRC.
> > >
> > > Do you know which one(s) don't do that?
> > >
> > > Pure curiosity on my part.
> >
> >
> > If so, offhand I don't know which MTA's don't send that, but I
> > suspect they are typically older/obscure products.
>
> first sending HELO/EHLO (but I didn't try too hard, either, and I'm
> talking about running configs, maybe some MTA's can be configured to
> not mandate the HELO/EHLO preamble).
You can test it yourself using telnet to port 25. I have sent
email through MTA's on many occasions without that prefix, manually
testing running port commands via telnet (modern MTAs tend to be
less likely to trust what you claim to be however - many now run
dns checks on your IP, or on your claimed hostname to cross-check)
> Speaking of MTA's, I recently switched to Postfix, away from sendmail,
> on the Unix servers. How refreshing. For example, the config file is
> --get this-- in English rather than modem line noise. Blanks and tabs
> can be used interchangeably. There is a plethora of sample configs in
> the standard distribution, and the supporting website is easy to
> navigate. And the list goes on.
Lots of people doing that nowadays. I never really learned either
one in depth, but I do have postfix running on one box and I intend
to learn more about it because it is definitely easier to work with.
(and reputedly more secure, although I must admit it's simpler in
a way to work with something that only has a single executable
instead of a bunch of small ones. One of the reasons I never warmed
up to Qmail and djbdns much... besides Bernstein's attitude :-)
Philip J. Koenig
The downside is that you may find yourself on junkfax lists
instead. :-)
Fred Viles
>...
> Good point. On the receiving end all you have to go on is
> the IP address (and associated PTR record) or the HELO/EHLO
> greeting.
Correct, that's what I was trying to point out ~six posts ago.
> However I have found that oftentimes there is no matching A
> record for an existing PTR record.
Meaning that the value (RHS) name from the PTR record either doesn't
own an A record, or owns A record(s) with different IP(s). Yes, for
some definition of "often".
FWIW, I saw it several times in a few hours of logs, but much less
often that no PTR record. That's why I said I wished I could try
that test in exim, to see if it correlates with spam better.
- Fred
ab...@mix.com
> Without a doubt. I have unlisted numbers that have never been given to
> anyone, ever. When they ring, it is guaranteed to be a wrong number or a
> telemarketing call. Some of the telemarketing callers address me by
> name. There is only one place that information could have come from.
Yes sbc has done the exact same thing to me, amongst other places on
the number only I use to dial in to my own place when I have nothing
better available.
Billy Y..
Philip J. Koenig
You have the choice to opt out of these reverse telephone directories,
which, at one time, were only available to law-enforcement.
Now they're available to anyone who will pay, and IIRC they include
unlisted numbers as well.
I guess this "opt out" stuff works so well, lawmakers got the bright
idea to sponsor an email law ("I CAN SPAM") that mandates the same
thing for email. :-)
ka...@rahul.net
<See_email_@ddress_below.This_one_is.invalid> wrote:
>You have the choice to opt out of these reverse telephone directories,
>which, at one time, were only available to law-enforcement.
That's been a hell of a long time. I know they were available
to businesses in my area thirty five years ago.
>Now they're available to anyone who will pay, and IIRC they include
>unlisted numbers as well.
That's likely not true, the last I heard, but they're
meaningless in any case in the era a=of wardialers. I know at least
three people who have had unlisted numbers called by telemarketers
before anyone being told what the number was.
I also got my second spam phone call since the first of the
year from another "research" outfit.
John R Pierce
> I also got my second spam phone call since the first of the
>year from another "research" outfit.
let me guess.... 'push' polling, like "Would you be more or less likely to
vote for candidate XYZ if you knew he was a convicted child molester?"
I've gotten several of these posing as public opinion surveys that start
out perfectly ordinary then start asking more and more loaded questions
packed with false assumptions and outright lies.
ka...@rahul.net
wrote:
I have no idea what was said after the word "research".
ka...@rahul.net
wrote:
>May I recommend SBC's "Privacy Manager"?
>
>It bugs me to no end to have to pay for what is a software feature
>on the switch, but it's worth the savings in aggravation.
I probably should. I have the same objection. Originally I got
both of my phone lines blocked and have had to do the incantation on
only two occasions to get past the privacy guard on outgoing calls.
(Tells you how few people are using it, though.) But it's become
obvious blocking doesn't work for crap since the people whom I'd like
to keep my number from will get it anyway -- all 800 numbers.
You can't *69 on them either. Anyone other than me ever wonder
why *69 was chosen for the callback function?
John Higdon
Javier Henderson <jav...@KJSL.COM> wrote:
> It bugs me to no end to have to pay for what is a software feature
> on the switch, but it's worth the savings in aggravation.
Privacy Manager has a flaw. When these automated junk call machines dial
your number, Privacy Manager attempts to screen the call. In the
meantime, the sales pitch is droning on. The PM default choice to the
caller is to "record your name to announce you to the called party". PM
dutifully records a snippet of the sales pitch, and then rings your
telephone.
"To hear who's calling, press 1", and when you do you get something
like, "and the sooner you take advantage of..." followed by the choices
of accepting or rejecting the call. In other words, your phone still
rings, you still have to get up to answer it, and your time is still
wasted.
I suggested to an SBC manager that they have NO default and just hang up
on the caller in the absence of any choice selection by the caller.
That's what I did when I had my own local version of that running here.
Fat chance.
Philip J. Koenig
absolutel...@verislimesucks.com (John Higdon) writes...
> In article <86smirt...@skylane.kjsl.com>,
> Javier Henderson <jav...@KJSL.COM> wrote:
>
> > It bugs me to no end to have to pay for what is a software feature
> > on the switch, but it's worth the savings in aggravation.
>
> Privacy Manager has a flaw. When these automated junk call machines dial
> your number, Privacy Manager attempts to screen the call. In the
> meantime, the sales pitch is droning on. The PM default choice to the
> caller is to "record your name to announce you to the called party". PM
> dutifully records a snippet of the sales pitch, and then rings your
> telephone.
>
> "To hear who's calling, press 1", and when you do you get something
> like, "and the sooner you take advantage of..." followed by the choices
> of accepting or rejecting the call. In other words, your phone still
> rings, you still have to get up to answer it, and your time is still
> wasted.
>
> I suggested to an SBC manager that they have NO default and just hang up
> on the caller in the absence of any choice selection by the caller.
> That's what I did when I had my own local version of that running here.
Nonetheless, it helps immensely. Mostly because it treats "out of
area" calls just like "blocked" calls. Telemarketers and various
other slippery entities discovered long-ago that with the right
T-1/PRI trunk setup, they could make all their calls to anyone
appear as "out of area", which neatly circumvented them having to
look as if they were obviously trying to coverup who they are.
I do believe that recent regulations seek to close that loophole,
requiring all callers to provide valid and useful CID info on
outgoing calls.
Philip J. Koenig
(ka...@rahul.net) writes...
> On Wed, 7 Jan 2004 15:45:02 -0800, Philip J. Koenig
> <See_email_@ddress_below.This_one_is.invalid> wrote:
>
> >You have the choice to opt out of these reverse telephone directories,
> >which, at one time, were only available to law-enforcement.
>
> That's been a hell of a long time. I know they were available
> to businesses in my area thirty five years ago.
Well I only got a notice about this from SBC, and the need to "opt
out" of it, sometime within the last year or 2 as I remember.
SBC is making money on this service, BTW:
http://www.smartpages.com/whitepages/?wppage=reverse-phone
Of course, I can never find anything about these sorts of policies
on SBC's webpages, natch.
> >Now they're available to anyone who will pay, and IIRC they include
> >unlisted numbers as well.
>
> That's likely not true, the last I heard, but they're
> meaningless in any case in the era a=of wardialers. I know at least
> three people who have had unlisted numbers called by telemarketers
> before anyone being told what the number was.
Yes, but the issue someone mentioned were telemarketers who already
knew who you were when calling you at an unlisted number.
ka...@rahul.net
<See_email_@ddress_below.This_one_is.invalid> wrote:
>
>SBC is making money on this service, BTW:
>
>http://www.smartpages.com/whitepages/?wppage=reverse-phone
>
Not sure how unless you're referring to the cents per hit
option at the bottom of the page or the services listed at the right
side. Another option --
http://www22.verizon.com/utilities/reverselookup/?loc=HP
Philip J. Koenig
(ka...@rahul.net) writes...
Yes, they are charging people to give them bulk lookups of
reverse listings. Not to mention, they sell the print or
electronic directories as well.