A Bulgarian thinks I made it up
I got a comment on my How I tracked down a spammer post today:
# Tony (Bulgarian) Says:
July 19th, 2005 at 2:34 pm eLike many others I came to this site googling for something containing “bulgarian”…
After reading the way you track spammers, I can only say:
Guys, what a shame! You absolutelly do not know and do not undersrtand the spamming techniques and still you have the bravery of labeling the whole Bulgarian nation as spammers!Let me give you some explanations:
- no spammer uses its own IP address
- all spammers use forged IP addresses
- the IP addresses the spammers use are usually IPs of vulnerable un-pached servers and workstations on the internet, thus allowing the spammer to use it.Well, let me ask you some questions:
- how exactly you are tracking a forged IP address? If you have a real answer for this, you can become very rich by pattenting this, your first client will be FBI…Best (Bulgarian) regards…
So I replied. You guys are of course free to get your two cents in as well:
# Administrator Says:
July 19th, 2005 at 4:04 pm eWell, Tony, I guess it’s you who don’t understand spam tracking.
Forget what you learned about tracking mail spammers. Linkspammers are a different breed entirely. Currently their favored method is using a server they lease or colocate as their spambot. Most of them don’t even layer a proxy on top of that spambot.
Why? Because webhosts don’t understand linkspam, and some of the big colocation/leasing facilities are spam supporters when it comes to linkspam.
Also, while linkspammers learn, they often use their own ISP connections when spamming.
I stand by my conclusions. And no, I don’t think Bulgarians are all spammers. In fact, there are extremely few Bulgarian spammers. Most are Russians…