Least significant byte:
- .1 Spam sending domain
- .2 Multi-hop relay
- .4 Dialups not in MAPS DUL
- .8 Wants spam compainers to jump through hoops
- .16 No working abuse address
- .32 Hosts spamers web sites
- .64 Hosts spammers email dropboxes
- .128 breakin attempts
Second least significant byte:
- 1. sued or prosecuted DNSBL lister
- 2. DOS attack
- 4. supplier of spamware
- 8. knowingly supports spammers
- 16. Legal threats
- 32. attempted mail relay exploits
- 64. attempted formmail exploits
One thing that Blars doesn't have is an automated removal screen. I would have thought that this would have eased his workload. He could manually over-ride and not allow removal requests of confirmed spamming domains, but accidental inclusions could be remedied by users (plus he'd have a record of the removal request in his log files). That's probably why the major lists use this approach.
I see that he has already listed our Polish spammers. He has given them a lookup of: 127.1.0.17.
Which according to his list, means they are guilty of spamming and of not having a working abuse address. And I concur fully with his listing. This Polish spam should be served on toast! Major lists, please take note ... you might as well list these guys now! I'm sure it won't be long before we see them in spamcomp and dnsbl.
Go get 'em Blars!
And while on the topic of spam, I received some HAM from www.bizwiz.com. I did actually subscribe to their list, when I was setting up this site. The email was not HTML-only and was only 5.6K in size. But it did have a rather hammy flavour. I thought I had requested to be removed from their list, but I can't remember. Whatever, they had a removal request which I used. The removal screen came back and said that I had been removed.
So I just thought I'd make an entry in my blog to make note that Clickit Add-a-link, BizWiz, should not be sending me any more e-mails. (Take care, BizWiz!)
The worst offenders, in this area have been TechRepublic. About eighteen months ago, I wanted to view a document on their site and they would not allow me to see it until I signed up.
I carefully checked the boxes saying that I did not want to receive any e-mail (apart from the one with my password) from them, and I did not want to receive promotional materials or any other communication. This displayed the usual notice that they would "still respect me in the morning".
A week later my first promotional e-mail arrived from TechRepublic. And continued each month thereafter, despite repeated requests from me to stop sending e-mail. Eventually (about Jan 2004) TechRepublic's MX was listed and I did not get any more e-mail. They struggled for a while to get unlisted. And then when they did, resumed sending me e-mail! Typically, these were HTML-only documents advising me to upgrade to Service Pack 2 or that the latest version of MS-Access was available now. Here is a sample of the last one that got through:
[ lots of graphics ... ] Security. For such a simple word it causes so many headaches. Attending the Microsoft Security Summit 2005 can help. This year's Summit will include topics as diverse as `Fighting SPAM', `Defending against Malicious Software' and `Tools for Quality Code'. We'll focus on practical skills, processes and technology that can help with your day-to-day security challenges. Whether you are an IT Professional or a Developer this event is also an opportunity to get an update on the latest developments from Microsoft. It's running in Sydney, Melbourne, Brisbane, Adelaide, Canberra and Perth. Best of all it's complimentary - with no charge to attend. So you can come all day or just to the sessions in the [1]agenda which interest you. Places are strictly limited and filling fast. ©2004 Microsoft Corporation. All rights reserved. Microsoft, the Microsoft logo, MSDN and the MSDN logo are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. [ more graphics ... ] You have been selected to receive this e-mail because you indicated you wanted to receive valuable information and product updates from technology vendors when you provided your e-mail address to [ ... blah, blah, blah, etc, etc ... the usual weasel words ] [ and more graphics ... ]
In December, I manually added them to my permanent block list. I haven't heard from them since however ... perhaps they've got the message now?