Comments on: How did Microsoft avoid spamming? http://spamhuntress.com/2005/10/28/how-did-microsoft-avoid-spamming/ Just another WordPress weblog Fri, 25 Jul 2008 17:53:24 +0000 http://wordpress.org/?v=2.0.7 by: Search Engines Web http://spamhuntress.com/2005/10/28/how-did-microsoft-avoid-spamming/#comment-1847 Thu, 17 Nov 2005 22:50:38 +0000 http://spamhuntress.com/2005/10/28/how-did-microsoft-avoid-spamming/#comment-1847 <b> Here is the latest release on their Anti Phishing Tool</b> Today Microsoft announced agreements with three new data providers – Cyota Inc., Internet Identity and MarkMonitor – who will regularly supply information to us on thousands of confirmed phishing Web sites to help ensure the URL reputation service that helps power the Phishing Filter is running with the latest information on known attacks that the industry can provide. ... In fact, the service is actually updated several times an hour to help ensure the protection is pushed to users as quickly as possible. http://blogs.msdn.com/ie/archive/2005/11/17/494040.aspx Here is the latest release on their Anti Phishing Tool

Today Microsoft announced agreements with three new data providers – Cyota Inc., Internet Identity and MarkMonitor – who will regularly supply information to us on thousands of confirmed phishing Web sites to help ensure the URL reputation service that helps power the Phishing Filter is running with the latest information on known attacks that the industry can provide. … In fact, the service is actually updated several times an hour to help ensure the protection is pushed to users as quickly as possible.

http://blogs.msdn.com/ie/archive/2005/11/17/494040.aspx

]]> by: Brian http://spamhuntress.com/2005/10/28/how-did-microsoft-avoid-spamming/#comment-1679 Fri, 28 Oct 2005 23:59:09 +0000 http://spamhuntress.com/2005/10/28/how-did-microsoft-avoid-spamming/#comment-1679 I'm not sure they did. The article linked from Slashdot didn't say they stopped the spam from going through. Personally, I'd set the firewall to just ignore all outbound traffic trying to connect to port 25. (And I'd probably use a sniffer to capture the requests.) Or... if they needed to make the spammer think the emails werre sent, I'd forward all port 25 traffic to a machine that pretended to be a working SMTP server and just accepted the messages without forwarding them out. This could be scripted in a couple hours or less depending on how robust you wanted it. I’m not sure they did. The article linked from Slashdot didn’t say they stopped the spam from going through.

Personally, I’d set the firewall to just ignore all outbound traffic trying to connect to port 25. (And I’d probably use a sniffer to capture the requests.)

Or… if they needed to make the spammer think the emails werre sent, I’d forward all port 25 traffic to a machine that pretended to be a working SMTP server and just accepted the messages without forwarding them out. This could be scripted in a couple hours or less depending on how robust you wanted it.

]]> by: Joe http://spamhuntress.com/2005/10/28/how-did-microsoft-avoid-spamming/#comment-1678 Fri, 28 Oct 2005 21:03:07 +0000 http://spamhuntress.com/2005/10/28/how-did-microsoft-avoid-spamming/#comment-1678 Probably not how MS did it, but SMTP Tarpits are an option: http://www.benzedrine.cx/relaydb.html Probably not how MS did it, but SMTP Tarpits are an option:
http://www.benzedrine.cx/relaydb.html

]]> by: John http://spamhuntress.com/2005/10/28/how-did-microsoft-avoid-spamming/#comment-1677 Fri, 28 Oct 2005 20:38:45 +0000 http://spamhuntress.com/2005/10/28/how-did-microsoft-avoid-spamming/#comment-1677 Transparent proxy? Lots of providers here do that now, to control spamming (limiting outbound mails to a certain number / timeframe, even if they don't go through the "official" smtp server). It's easy to set up and the zombie doesn't care if the mail really makes it all the way through anyway, it just keeps on sending. Transparent proxy? Lots of providers here do that now, to control spamming (limiting outbound mails to a certain number / timeframe, even if they don’t go through the “official” smtp server). It’s easy to set up and the zombie doesn’t care if the mail really makes it all the way through anyway, it just keeps on sending.

]]>