GEEKNOTE: My longstanding recommendation to businesses regarding spam filtering is “don’t”. The risk of missing that million dollar deal, though small, is generally too great a risk compared to the annoyance of spam.
I had to break my own rule this week after the Russians started flooding my mailbox with “enlargement” ads. I get a LOT of business emails, often 100 or more a day, not counting various automated alerts and reports generated by our monitoring system.
Suddenly, I started getting four or five ads from the Russians for every legitmate message. Every time I would open up Outlook, there would be another 250 or 300 messages for “enlargement” products.
I briefly considered setting up a filter to forward all these messages to the members of the US House that are currently exhibiting feelings of inadequacy, but then thought better of it. They are having enough problems doing anything useful without distracting them further. I wouldn’t want to be responsible for a government shutdown.
I’m not quite sure why the Russians have taken a sudden interest in my love life, but I suspect it may have been because one of my male customers clicked on a link they shouldn’t have and got their address book stolen.
How do I know the primary culprits are the Russians? Check this out:
Sep 21 21:53:08 [188.8.131.52:58692][RU]SMTP Server: DNSBL Reject from firstname.lastname@example.org To: email@example.com (ru.countries.nerd.dk.)
I solved the issue by removing the spam filtering exemption for my email address. The message shown above, one of over 650 that came in yesterday, was rejected by a DNS Blacklist that identifies and blocks everything from Russia. For good measure, I also blocked it with a GEOBLOCK that blocks Russia. The two references to “ru” show where the filters caught this message. I don’t have any friends in Krasnoyarsk, so it’s a pretty safe bet that it is garbage.
We utilize a multi-level spam defense on our servers. While it doesn’t catch everything, it definitely cuts down the clutter. I’ve only gotten a few enlargement ads today, as compared with hundreds a day early this week.
Just to avoid the risk of missing that proverbial million dollar deal, I tweaked our server filters to allow mail from badly misconfigured mail servers in the US to get through. I’d still like to get those emails, since I might be able to sell them my services in fixing their IT mess.
For what it is worth, the Russians aren’t in this alone. We also see large amounts of junk mail coming from Romania, China, and Vietnam. Proving that even communists and former communists are capitalists at heart, there is an economic motive in sending out these emails. First off, with no pun intended, some small percentage of men will actually click on the links and even send in money in search of a cure for their perceived problem. More often than not, clicking on the links downloads malware onto the poor fellow’s computer, stealing email address, credit card numbers and other identifying information. If they thought they had a problem BEFORE they clicked on the link, they haven’t seen anything until the Russians, Romanians, Chinese, and Vietnamese get their information!
When this sort of spam first started coming some years ago, there were a like number of messages offering breast enhancements. I think it says something about the relative gulibility of guys and gals that the breast enhancement ads have pretty much disappeared. Apparently, the ladies aren’t quite as likely to fall for this sort of offer.
I’ll close by saying that the only thing I’m interested in enlarging is our customer base, so please let us help you when you need computer or IT help and refer us to your friends.
Rob Marlowe, Senior Geek
Gulfcoast Networking, Inc.