Bluefrog under attack?
Johan
(http://www.bluesecurity.com)
i received this spammail from a bluefrog hater?
i did not notice a dramatic fall back of my received spammails yet
but it looks as Bluefrog succeeded at making some spammers really angry...
i am not even considering to give in
Johan
------------------------------------------
Hey,
You are receiving this email because you are a member of BlueSecurity
(http://www.bluesecurity.com).
You signed up because you were expecting to recieve a lesser amount of
spam, unfortunately, due to the tactics used by BlueSecurity, you will
end up recieving this message, or other nonsensical spams 20-40 times
more than you would normally.
How do you make it stop?
Simple, in 48 hours, and every 48 hours thereafter, we will run our
current list of BlueSecurity subscribers through BlueSecurity's
database, if you arent there.. you wont get this again.
We have devised a method to retrieve your address from their database,
so by signing up and remaining a BlueSecurity user not only are you
opening yourself up for this, you are also potentially verifying your
email address through them to even more spammers, and will end up
getting up even more spam as an end-result.
By signing up for bluesecurity, you are doing the exact opposite of what
you want, so delete your account, and you will stop recieving this.
Why are we doing this?
Its simple, we dont want to, but BlueSecurity is forcing us. We would
much rather not waste our resources and send you these useless mails.
Its simple, we dont want to, but BlueSecurity is forcing us. We would
much rather not waste our resources and send you these useless mails,
but do not believe for one second that we will stop this tirade of
emails if you choose to stay with BlueSecurity.
Just remember one thing when you read this, we didnt do this to you,
BlueSecurity did.
If BlueSecurity decides to play fair, we will do the same.
Just remove yourself from BlueSecurity, and make it easier on you.
Owen Wheeler
Now I must rinse.He could see it lying in there like the curved foot of
a rocking chair, pressing the tongue of the lock, holding it in place,
holding him in place.I hope she will be tried again on one of the other
counts.Chief MChibi "Beautiful One»was the Keeper of the Fire, and
inside his hut were better than a hundred torches, the head of each
coated with a thick, gummy resin..
------------------------------
lennart
otherwise we will attack you ... bluesecurity.com is down." Yeah right,
how can i unsubscribe?
And yes, there are some people really mad on bluesecurity.com ...
Daniel Mandic
> i am subscribed to the bluesecurity antispam list
> (http://www.bluesecurity.com)
>
You never watched 'yellow submarine', from the Beatles?
Just believe, most of the spammers you cannot catch on the world. ;-)
At least not, with Earthly-methods (police, cops, judge, spies, hunter
and such else....)
And those who fights them all the time w/o effort (just read the above)
are also spammer for me.
Best Regards,
Daniel Mandic
Ron May
<johan.arnout-trying...@scarlet.be> wrote:
>i am subscribed to the bluesecurity antispam list
>(http://www.bluesecurity.com)
>
>i received this spammail from a bluefrog hater?
>i did not notice a dramatic fall back of my received spammails yet
>but it looks as Bluefrog succeeded at making some spammers really angry...
>
>i am not even considering to give in
It's probably too late to give in, so unsubscribing now is pointless.
The email you received just proves the point I raised about the flaw
with Bluefrog. Asking spammers to be nice and voluntarily remove you
from their mailing list (with a veiled threat of "Denial of Service"
attack) doesn't work, and, despite Bluefrog claims to the contrary,
your email address IS compromised in the process.
It doesn't matter HOW your email was extracted from Bluefrog lists.
The fact is it WAS extracted, and spammers can apparently tell when
you UNsubscribe (although that doesn't matter much once they have your
valid address in the first place.)
--
Ron M.
Craig
> On Tue, 02 May 2006 10:27:16 +0200, Johan
> <johan.arnout-trying...@scarlet.be> wrote:
>
>
>>i am subscribed to the bluesecurity antispam list
>>(http://www.bluesecurity.com)
>>
>>but it looks as Bluefrog succeeded at making some spammers really angry...
>>
>>i am not even considering to give in
>
>
> It's probably too late to give in, so unsubscribing now is pointless.
>
> It doesn't matter HOW your email was extracted from Bluefrog lists.
> The fact is it WAS extracted, and spammers can apparently tell when
> you UNsubscribe
This could get exciting.
As of 9a35 PDT, bluesecurity.com is unreachable by ping, tracert, etc.
Now that "someone" has succeeded in taking them off line, it is a
federal offense. Maybe the feds won't find them but the stakes have
just been raised considerably.
<I'm popping the popcorn, pulling up a chair and waiting for round 2>
-Craig
SPRTh...@gmail.com
It's obvious to me now how they do it - all the must do is create 2
lists, one with all their emails on, and another that is cleaned by
BlueFrog. Then all they do is spam the ones that are on the first list
but not the second.
I'm so irritated now about bluefrog - i uninstalled it because it
sucked anyways.. now i'm paying the cost with more spam. :(
Craig
Fwiw;
Keep us posted as to Bluefrog's response. I'd hate to see them get
swamped out of existence. Btw, if that's your un-munged email, get
ready to have it harvested by spammers.
<puts popcorn down>
-Craig
Johan
i like to get kicked around with this mailadress
exited to be midst of a war
see how it will be in the next round ;)
johan
b...@nccoop.com
work at all. So far I have seen only a small improvement. I have also
been receiving the threat mail, the only thing is that it is only going
to one of my listed addresses. If they were able to crack the DNIR at
BlueSecurity, wouldn't all of my listed addresses be getting this
threat mail? Yesterday when i was still able to read the forums at
bluesecurity, many other users also reported the same occurrence.
-Bob
Morten Skarstad
>>> i am subscribed to the bluesecurity antispam list
>>> (http://www.bluesecurity.com)
>>>
>>> but it looks as Bluefrog succeeded at making some spammers really
>>> angry...
> This could get exciting.
>
> As of 9a35 PDT, bluesecurity.com is unreachable by ping, tracert, etc.
After multiple attempts I managed to get through. But even resolving the
IP address took ages, so something is obviously amiss.
maver...@gmail.com
> IP address took ages, so something is obviously amiss.
I hear that some people that have never heard of BlueSecurity and
BlueFrog are also getting hit....
meet_raman
You might be right that our emails have been compromised but just dont
be so sure of it ;)
ever heard of websites being Joe-Jabbed?
read this:
http://www.belch.com/~blog/2006/05/02/blue-security-gets-joe-jobbed/
meet_raman
also, the person above me posts:
I hear that some people that have never heard of BlueSecurity and
BlueFrog are also getting hit...
dont give up so soon... thats what spammers want us to do!
if someone like bluesecurity has taken an initiative.. support them all
the way :)
someone is really pissed... their site is under attck for 5 days now...
also read:
http://www.belch.com/~blog/2006/05/02/the-blue-independence-war/
lennart
day tons of spam. The spammer made this true ... for only one day! I
now get a normal number of spam (ok, spam isn't normal, but anyway ;-)
Bezzeb
the BF database Ron.
Verified would be accurate. I understood on day one when I signed up
at Blue Sec. that any numb nut out there who already had my e-mail
address could run the Blue Security list cleaner and do a difference
test to confirm if I'm a Blue Security member or not. It took the
spammers a YEAR to figure this out. A testament to their supreme
stupidity. I have done careful checks of my 500 spam per day - none of
the previously un-spammed accounts have been discovered by the
criminals. They are still clean and have not been compromised or
extracted. Period.
Besides - I've got nothing to hide. Even if they build quantum super
computers to factor the huge numbers required to crack the Blue
Security encrypted hash: I'm a proud Frog user and don't care if the
spammers know my affiliations - ultimately they will know not to mess
with us.
Also - please remember that each time you get a spam, you are being
INVITED to visit or call them via the advertised means!! Why does
everyone forget this??? If EVERYONE visited every site in every spam,
would that be a DDoS attack? No. It would be you exercising your
right to free communications and speech. Blue Froggers just have a
tool that allows us to automatically visit their sites as fast as they
can automatically send us solicitations. And jeeze. The Frog client
just enters polite text into their text fields. It doesn't hammer them
mercilessly all day and night.
If these opt-out requests crash their servers it's because of one of
two things.
A: They must scale their servers and ISP connections UP to be able to
handle the number of solicitations they send out. Duh. Market
economics here.
-or-
B: They must scale their solicitations (spam) down to be commensurate
with their ability to handle the traffic they generate.
Option B is their only viable choice since their profits only exists
because their costs are so damn low. (Using stolen resources most
often.) Also they are advertising to a demographic which will NEVER
give them anything but a headache. Any business man who was interested
in making money wouldn't behave as they are. They are doing these
attacks against us because they enjoy doing wicked and destructive
deeds. It's their high. They feel powerful when they cost innocent
people time, money and nuisance.
So to conclude: BF doesn't employ DDoS attacks. We don't want them to
shut down their pill, porn, mortgage, fill-in-the-blank selling sites -
we just want them to take us off their list. Is that so bad?
All the best guys, keep up the fun discussions!
Bezzeb.
Ron May
<Google...@gemstonedesigns.com> wrote:
>I think extraction and compromise are the wrong words when it comes to
>the BF database Ron.
>
>Verified would be accurate.
If "verified" suits you, so be it. At the end of the day, WHICHEVER
word you use, the result is the same: Spammers have your email
address and a pretty good idea that it's active, no mateer what method
they use to collect/harvest/compile/copy/sort.... pick one. It's a
distinction with no meaningful difference.
(...)
> I have done careful checks of my 500 spam per day - none of
>the previously un-spammed accounts have been discovered by the
>criminals. They are still clean and have not been compromised or
>extracted. Period.
I want to make sure about the claim you're making. If you're saying
that you subscribed some "pristine" (un-spammed) accounts that NEVER
got much spam in the first place, then a spammer running their
original "bulk" list head-to-head against a "cleaned" Bluefrog list
for differences probably WOULDN'T contain many "un-spammed" (or
pristine) addresses and I wouldn't expect it to. They weren't on the
original "bulk" list to begin with.
The REAL question is whether or not using Bluefrog results in a
considerable and measurable REDUCTION in spam on an existing account
that's already being spammed. That's a result thay CLAIM can be
achieved by getting spammers to cleanse/remove/filter/opt-out (again,
pick your word) Bluefrog members from their lists. I think the jury
is still out on whether it makes a difference or not.
You say you're getting 500 spams a day. How does that compare with
what you were getting BEFORE Bluefrog on the same accounts? And if
there is a decrease, can you honestly attribute it to Bluefrog and not
any other measures you might also have taken during the same time
frame?
(...)
>
>If these opt-out requests crash their servers it's because of one of
>two things.
>
>A: They must scale their servers and ISP connections UP to be able to
>handle the number of solicitations they send out. Duh. Market
>economics here.
>-or-
>B: They must scale their solicitations (spam) down to be commensurate
>with their ability to handle the traffic they generate.
>
>Option B is their only viable choice since their profits only exists
>because their costs are so damn low. (Using stolen resources most
>often.) Also they are advertising to a demographic which will NEVER
>give them anything but a headache. Any business man who was interested
>in making money wouldn't behave as they are. They are doing these
>attacks against us because they enjoy doing wicked and destructive
>deeds. It's their high. They feel powerful when they cost innocent
>people time, money and nuisance.
>
>So to conclude: BF doesn't employ DDoS attacks. We don't want them to
>shut down their pill, porn, mortgage, fill-in-the-blank selling sites -
>we just want them to take us off their list. Is that so bad?
>
Quite honestly I wouldn't care if someone found a way to turn spammer
servers into a pile of molten metal and silicon, but your "option A/B"
business plan assumes spammers OWN the hardware and have a capital
investment involved, instead of using someone ELSE'S hardware to host
throwaway domains for a few days (or even hours) before they expect to
get shut down anyway. Spammers aren't concerned about building
product identification, long term customer loyalty and repeat
business. They're out to scam whatever bucks they can in whatever WAY
they can as FAST as they can in "hit and run" fashion.
My summary reads like this:
It's ALWAYS a bad idea to provide a way for spammers to (pick a word)
your email address. Your VERIFIED (using your opening term) email
address is their most valuable commodity, and it's highly portable. To
me, using Bluefrog is on a par with responding to an "unsubscribe"
link. Best NOT to do it.
I could be wrong, but there doesn't appear to be credible evidence (as
opposed to marketing hype, wishful thinking and a barely disguised
desire to "stick it" to spammers) that the concept works IRL. It
reminds me of the "bounce" feature in mailwasher. Great concept, a
lot of people initially liked it, but they later found out it just
doesn't do any real good.
If you think Bluefrog is great, then, as the song goes "If you're
happy and you know it, clap your hands." I won't use it, and I can't
in good conscience recommend it to somebody whose thinking about it
but hasn't decided to make the leap (no frog pun intended.)
--
Ron M.
meet_raman
if it doesnt work, why
1> was the site attacked? apprently it did do "something"
2> you did not respond to my earliar post. plz do have a look :)
3> i again ask you to read something (if i may!):
http://www.realtechnews.com/posts/3011
from this very page:
This sounds scary, but it's not as bad as it sounds. Blue
Security's email address registry remains secure contrary to what
this spammer would have you believe. The way subscribers' emails were
obtained was by checking the spammer's own list of emails against the
Do Not Intrude registry. Normally spammers will get the emails of those
who subscribe returned to them and will then remove those emails from
their spamming lists. This one, however, has taken another approach.
Instead of taking those hits off of his spam lists, he is sending them
these intimidating emails.
What's so funny about this approach is that if you do remove yourself
from the Blue Security registry, you'll still receive normal spam
from this spammer. He has no intention of taking your email address off
of his spam list, he just wants you to stop fighting back against the
spam you already receive from him (Blue Security only goes after
spammers who send spam emails with no opt-outs to its members). Emails
like this are proof that Blue Security is getting noticed by these
spammers by making it unprofitable for them to continue sending their
unsolicited mail to unwilling recipients. Recently Blue Security has
made great strides toward its goal of eliminating spam for its users.
On the account where I received this email, I used to receive over a
dozen spams every day. Recently, within the past two weeks, I have seen
spam to this address slow and almost halt. Today I'm averaging just
one or two spam emails daily.
na...@drlev.com
If the spammers are motivated to use this sort of tactic I think it is
reasonable to assume that BlueSecurity has had some effect on their
invasive spamming activity, This looks more like a good reason to use
BlueSecurity than it looks like a reason to bail out.
na...@drlev.com
following text. I am not a Blue Frog user, so these spamming jerks
apparently are trying to run a bluff.
===
The Blue Frog member email database has been compromised, and is
currently being distributed worldwide to spammers and to the public.
Attached to this email, you will find a zip file of the Blue Frog
database, which includes your own personal or business email
address(es). If you have not uninstalled Blue Frog yet, we highly
suggest you do so now in order to avoid your involvement in this war
any further.
meet_raman
yea, apprently they have been Joe-Jabbed..
i again point you people to:
http://www.belch.com/~blog/2006/05/02/blue-security-gets-joe-jobbed/
and yea, i too got this email today that the last poster pointed out...
and yea, there was no attachment, lol!
here is the complete text and some easy to observe things that point
out that it is indeed an attack against Blue Security
---------
X-Apparently-To: xxxx...@yahoo.com via 68.142.199.192; Sun, 07 May
2006 01:24:38 -0700
X-YahooFilteredBulk: 80.140.227.14
X-Originating-IP: [80.140.227.14]
Return-Path: <7mnyhm-AT-vista.com>
Authentication-Results: mta353.mail.scd.yahoo.com from=vista.com;
domainkeys=neutral (no sig)
Received: from 80.140.227.14 (HELO p508CE30E.dip.t-dialin.net)
(80.140.227.14) by mta353.mail.scd.yahoo.com with SMTP; Sun, 07 May
2006 01:24:37 -0700
Message-ID: <s2989p30FD4K013Z27TQ...@80.140.227.14>
Location: 745 congestion hare
Reply-to: "Jeanie Cornelius" <7mnyhm-AT-vista.com>
From: "Jeanie Cornelius" <7mn...@vista.com> Add to Address BookAdd to
Address Book Add Mobile Alert
Content-Class: urn:content-classes:notice
Content-Class: urn:content-classes:appointment
To: Send an Instant Message "Plankeye2001" <planke...@yahoo.com>
Subject: http://www.bluesecurity.com
Date: Sun, 07 May 2006 05:18:28 -0400
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="--0904020922281559"
Content-Length: 649
Dear Blue Frog Member,
As a follow-up to our previous emails, and, as promised, we are
stepping up in the fight against Blue Security.
The Blue Frog member email database has been compromised, and is
currently being distributed worldwide to spammers and to the public.
Attached
to this email, you will find a zip file of the Blue Frog database,
which includes your own personal or business email address(es). If you
have
not uninstalled Blue Frog yet, we highly suggest you do so now in order
to avoid your involvement in this war any further.
Leaving your email address on the Blue Frog list is a risky choice, as
we will uphold our promise not only to increase your spam by 20 times
the amount you are receiving now, but to continue to make this list
publically available as well. Also, as the Blue Frog member database is
updated, we will find more creative ways in which to use it, and
frequently release it to whomever we wish.
Blue Security, Inc
-----
lol! saw the signature?
Blue Security itself is sending out these mails?!! this is fun!
rosed1
BlueFrog!Not one!So they are crappy as hell about getting all our
addresses or Im the only lucky one in the world!My luck isnt that
good!So that story doesnt add up.Spammers are liars and thiefs or we
would all have won a million dollars by now.How many spams start you
are a winner?So Im backing the frog,get a backbone if your sick of the
spam my God!
rosed1
Tries to Undermine Blue Security
May 4, 2006
By David Johnston
Contributing Writer, RealTechNews
In what appears to be a last-ditch attempt at scaring subscribers to
Blue Security's "Do Not Intrude" registry, one very prominent
spammer has started to resort to scare-tactics targeted toward members
of the Blue Security community. I received one of these emails today,
and while it sounds forboding it is, as one Blue Security community
member said, "like a sheep in wolf's clothing". Here are the
relevant contents of the email:
Update #1: The Blue Security website has been hit by a DoS attack and
is currently down, though their software is still working. If you're
interested in more reading on the subject, you can look through this
excellent article on Blue Security.
Update #2: I have yet to receive a single additional spam email to any
of my email addresses. The promised increase in spam has yet to show up
for me, though others are reporting more heavy spamming, especially of
notices similar to this one. The Blue Security website continues to be
under attack from spammers, but I was able to get through for a few
minutes to see that they have posted up a new message to spammers
saying that they will not back down and will continue to fight against
them.
Update #3: While reading the comments keep in mind that Fred, Mark,
Laurie, Ronald, Killthem, SpamKing, Rick, Frank, and Paul are all the
same person. This same spammer used the same person's computer to
post all of his comments under these various aliases. You should also
notice the similar spelling and grammar mistakes in all of his posts.
Update #4: One of my email accounts has started receiving bounced spam
messages indicating that the spammers have started using it as the
"from" address on their spams. My other 3 protected accounts have
seen no activity, I'm assuming because they weren't on this
spammer's list to begin with.
Update #5: It appears as though Blue Security is slowly but surely
bringing their site back online. I can now access the members' area
and log in. My Blue Frog software is also connecting again. If you want
to sign up, but haven't been able to, you should be able to do that
now-barring any new, unforseen attacks on the website.
Hey,
You are recieving this email because you are a member of
BlueSecurity (http://www.bluesecurity.com).
Gena Elmore
This sounds scary, but it's not as bad as it sounds. Blue
Security's email address registry remains secure contrary to what
this spammer would have you believe. The way subscribers' emails were
obtained was by checking the spammer's own list of emails against the
Do Not Intrude registry. Normally spammers will get the emails of those
who subscribe returned to them and will then remove those emails from
their spamming lists. This one, however, has taken another approach.
Instead of taking those hits off of his spam lists, he is sending them
these intimidating emails.
What's so funny about this approach is that if you do remove yourself
from the Blue Security registry, you'll still receive normal spam
from this spammer. He has no intention of taking your email address off
of his spam list, he just wants you to stop fighting back against the
spam you already receive from him (Blue Security only goes after
spammers who send spam emails with no opt-outs to its members). Emails
like this are proof that Blue Security is getting noticed by these
spammers by making it unprofitable for them to continue sending their
unsolicited mail to unwilling recipients. Recently Blue Security has
made great strides toward its goal of eliminating spam for its users.
On the account where I received this email, I used to receive over a
dozen spams every day. Recently, within the past two weeks, I have seen
spam to this address slow and almost halt. Today I'm averaging just
one or two spam emails daily.
I personally hope that this email has the opposite effect from what
this spammer wishes. Hopefully, more people will sign up for the Do Not
Intrude registry, and make Blue Security even stronger. Learn more
about how Blue Security is fighting spam here. You can also read a lot
of the current stories of success against the spammers in their blog,
here.
Ron May
wrote:
>hmmmmm... @Ron
>
>if it doesnt work, why
>1> was the site attacked? apprently it did do "something"
Try THIS on for a conspiracy theory: Maybe the emails were sent by
Bluefrog to get noticed and the site was intentionally taken down to
get gullible people to believe "Well, if spammers are going to attack
it and the subscribers, it MUST work." Far out, but makes as much
sense as accepting as an article of faith that the attacks somehow
"prove" the service works without independently verifiable evidence
that the service actually does reduce spam.
>2> you did not respond to my earliar post. plz do have a look :)
My apology for at least not making a courtesy reply. I did read the
two blogs, but found them no more convincing than the conspiracy
theory in my paragraph above. The snub was not intentional. I posted
a rather lengthy response to another post lower in the thread that I
felt covered your messages as well. In retrospect, I should have
included at least one line of acknowledgement.
>3> i again ask you to read something (if i may!):
>http://www.realtechnews.com/posts/3011
>
>from this very page:
>
I read it. I also scanned the 233 posts and while Bluefrog fanatics
seemed to be in the majority, there were mixed results from the more
moderate posters who actually addressed the issue of whether using the
service resulted in an increase or decrease in spam. (And shouldn't
THAT be the criteria for deciding to use the service or not?)
Long time readers of this group will remember many "Mailwasher"
lemmings who simply could not be convinced to turn off the "bounce"
feature because they were TRUE BELIEVERS that it actually made a
difference in the amount of spam emails they received. Mailwasher
itself was (and LFW still is) a worthy and useful program, but the
"bounce" feature did nothing but add useless traffic and often create
unintended "spam" messages to people whose email address was spoofed
by a spammer. I see the same fervor being displayed by Bluefrog
converts.
Also, I don't know the credentials of the bloggers you use as
reference, but here's Fred Langa's take:
http://langa.com/newsletters/2005/2005-10-24.htm#2
Here's what Bob Rankin (Tourbus) had to say:
http://www.askbobrankin.com/blue_security_spam_solution.html
That leads "Aunty-Spam's Internet Patrol" article:
That leads to Brian McWilliams "S*PAM KiNgS" article:
http://spamkings.oreilly.com/archives/2005/08/blue_frog_and_t.html
If a "Who's Who" list like the above isn't sold on Bluefrog, I feel
like I'm in good company. Readers of THIS newsgroup also tend to be
more wary of what kind of code a program might be executing in the
background that the average user, and how their machines might be used
by another party without THEIR understanding the process completely.
If you can find one or more RECOGNIZED and RESPECTED internet gurus
who is willing to put their credibility on the line in support of
Bluefrog, I'll follow your link, but I won't chase any more sock
puppets.
I'd REALLY be impressed if one of these credible individuals went so
far as to impartially measure whether there was an increase or
decrease in spam as a result of the service by running independent
tests.
As I said before, if you're happy with Bluefrog, then I'm happy for
you. Just don't try to get me to drink the kool-aid with you.
--
Ron M.
rosed1
read the others and the last address is unsure of its view .some for
some against.So I'm not sure of those either I got mine from Wiki a
well known source.So your afraid to act on it,then don't bitch about
getting spam.Its thats easy.I tend to take a stand on things.I'm
backing anyone who tries to fight for us!Those that don't ,don't
complain about it.
Ron May
wrote:
Well that explains a lot. <g>
(Certainlly more authoritative than Fred Langa, Bob Rankin and others.
After all, what could they possibly know compared to "Wiki.")
--
Ron M.
rosed1
Craig
> Ive heard of wiki
>
Ive heard of Santa
rosed1
Ron May
wrote:
>You could be a spammer.
Did you know that the word "gullible" isn't in the dictionary?
rosed1
less spam in the last week.If it proves to work I'm right.If it doesn't
you are.Time will tell us which is right and who is gullible wont it.:)
rosed1
Blue Security website has been running with a minimal presence
recently, a condition company CEO Eran Reshef said in a TechWeb report
had been caused by the extra publicity surrounding the story of the
spammer's threats.
That publicity included notice on both Slashdot and Digg. The heavy
tech-oriented readership of both sites can bring a website to a crawl
when they hit a linked story in massive numbers. That plus attacks by
Russian spammers have made some of the site's pages unavailable.
Blue Security's Blue Frog software works by catching spams that hit the
inbox of a Blue Frog user. Blue Security analyzes those messages and
traces them back to their senders. Then they fill out an opt-out form
if available, or generate a complaint message to the spammer.
Once that has been done, every time a spam hits a Blue Frog member
another opt-out or complaint is generated automatically and sent back
to the source. Reshef said in the article that the Blue Frog registry
numbers over 500,000 members.
Reshef also said the database of users Blue Security has is encrypted,
and the spammer does not have access to that list. "Our members are not
in any jeopardy of 'exposure' since the spammers already have their
addresses. That is why they joined the Blue Community, to stop spam at
its source," he said in the report.
The CastleCops security website summarized the attacks on Blue Security
in a recent post. Those include the spammers sending out messages faked
to look like they come from Blue Security, and hitting the Blue
Security websites with Denial of Service attacks.
Reshef observed that the mass email threats and attacks on Blue
Security indicate the Blue Frog registry and actions are working. He
said in the article four major spam rings that generate eight percent
of the world's spam have agreed to back off and leave members of the
Blue Frog registry alone. (((hmmm sounds good for my side!)))