» Show this page in : LOSABL

In the course of 2002 and 2003, spammers using illegal transmission methods have progressively adopted the practice of interposing consumer computers located on broadband connections between their servers and the spam victims, of course without the computer owners being aware of that.

The purpose of such massive computer hijackings is twofold: cover their tracks (the true IP address of the spammer does not appear in the messages), and evade filters and blocking lists by constantly changing the IP address the spam is apparently coming from. At the beginning this was done by exploiting 'proxy' software products, designed to be accessible only by other computers in the internal LAN and not by the external world, but incorrectly configured by the user. Later, spammers found a way to create a large number of these 'open proxies' by designing and distributing trojan programs designed for this purpose. Trojans are distributed as email virus/worms, or as clickable links on certain web sites. Any user inadvertently launching one of these programs will make his/her computer part of the pool controlled by a spammer (the so-called "botnet"). Spam is then massively sent by the thousands of slave computers under the control of the spammer's master server (for further technical informations see the CERT Advisory CA-2004-02).

In conjunction with the known security weaknesses of the most common family of operating systems on the market, and with the diffusion of broadband connections all over the world, this caused the IP addresses corresponding to residential broadband connections to become by large the main source of spam in 2004. As a matter of fact, such connections are usually on dynamically assigned IP addresses, where no legitimate mail servers are expected. Users on consumer-grade connections are generally instructed to use the SMTP servers of their provider to send mail. For this reason, blocking mail directly emitted from such ranges usually stops just spam and viruses.

Based on these premises, in 2002 we have started a project consisting of classifying in a database areas of the Internet used for consumer-grade connectivity, or with a poor level of security. In january 2004 this database was reorganized as a blocking list called LOSABL, an acronym meaning LOw Security Areas Blocking List. This database contains several millions of IP addresses. The word also sounds like losable, meaning "IP addresses that one can happily lose, from the point of view of SMTP (that is of receiving mail)". It is in fact a design intent of LOSABL to be a no-collateral damage database.

Approaching 100% spam block: Spamhaus releases the Domain Block List

Fonte: The Spamhaus Project »
1 March 2010: The Spamhaus Project is proud to release its newest spam-blocking advisory list to the world's internet users, th... [...]

State of Maine AG OKs Spam List

Fonte: The Spamhaus Project »
The idea of "opt in" is central to the legitimate, non-spam use of bulk e-mail. Without "opt in" policies, any and all e-mail [...]

DarkMarket "loner" soon to have many new friends

Fonte: The Spamhaus Project »
Unfortunatly for Renukanth Subramaniam, the "loner with a modest lifestyle" who helped run the secretive website where cybercrim... [...]
[tutte le notizie]