Addresses created in my account not by me!

Use this forum to get help.

Addresses created in my account not by me!

Postby tcgraham » Tue Dec 11, 2007 4:33 pm

I had two addresses:

woot.XXpostaXXl@dfgh.net
tcg.XXpostalXX@dfgh.net

I had zeroed out these addresses because of spamming.

Suddenly today I find two new addresses in my account which I did NOT create.

net(new)woot.postaXXl@dfgh.net
net(new)tcg.postalXX@dfgh.net

Please investigate and explain. THX Tom Graham

EDIT by Syskoll: I have added XXs in your addresses so that they aren't collected by address scapers.
tcgraham
 
Posts: 16
Joined: Mon Oct 27, 2003 7:51 pm
Location: Florida

Postby lwc » Tue Dec 11, 2007 11:55 pm

RTFFAQ.
lwc
 
Posts: 455
Joined: Sat Aug 28, 2004 9:09 am

Postby tcgraham » Wed Dec 12, 2007 1:50 pm

I have no idea what RTFFAQ means.

I looked at it for a moment and finally speculated that it meant Read The Fuc---- FAQ. Not sure if that is the correct interpretation of the acronym. I did read the FAQ but I did not find anything. Sorry I bothered somebody. I was simply looking for some help. That's not the kind of reply that Josh would provide. I apologize to anyone who was offended by my question.
tcgraham
 
Posts: 16
Joined: Mon Oct 27, 2003 7:51 pm
Location: Florida

Postby lwc » Wed Dec 12, 2007 3:26 pm

Come on, you haven't offended anyone. The FAQ would have told you anyone could guess your username and start writing messages to whatever.yourusername@spamgourmet

Your only way to stop it is to start using prefixes or watchwords.

BTW, did you read the forum's FAQ or the site's FAQ? The forum's FAQ is a technical FAQ for the forum's software.
lwc
 
Posts: 455
Joined: Sat Aug 28, 2004 9:09 am

Postby SysKoll » Thu Dec 13, 2007 2:07 pm

lwc wrote:RTFFAQ.


Let's keep the discussion civilized, shall we?

tcgraham, lwc is right, unfortunately. A lot of people have started getting messages to disposables they never released. It seems to be a side effect of some bug in spambot software. Not much spamgourmet can do about that except if you use prefixes and watchwords.

I have neutered your addresses in the initial post. No need to feed the address collectors.
-- SysKoll
SysKoll
 
Posts: 893
Joined: Thu Aug 28, 2003 9:24 pm

Postby josh » Thu Dec 13, 2007 2:53 pm

I've had one or two messages like that in the last few months, which is more than before.

Because the volume is so low, it really does appear to be due to bugs in bulk mailer software -- if it turns into a problem, we have watchwords to fall back on.

I've been waiting for the shoe to drop on this for 7 years, and it really hasn't, but that's a lot of time to think about how to use watchwords. I think that it will somewhat increase the learning curve, but only very marginally increase the maintenance aspect -- if you use two or three watchwords to start, and then every three months or so, *come back to the site and change them*, then I don't see how even intentional address creators (should they ever appear) can be successful at getting through. It's the coming-back-and-changing-them-every-once-in-a-while part that is easy to forget about when you're thinking through it, but would make the approach so effective.
josh
 
Posts: 1371
Joined: Fri Aug 29, 2003 2:28 pm

Postby sg-since03 » Thu Dec 13, 2007 9:37 pm

I've been waiting for the shoe to drop on this for 7 years, and it really hasn't, but that's a lot of time to think about how to use watchwords.


Is the "negative watchwords" idea practical to implement? It would be easier to use.

Current situation:
I forget I'm using watchwords. The sg address I give out doesn't get created/I don't get my confirmation email or whatever. Oops.

Desired situation:
No watchwords to remember. When necessary - i.e, when a particular existing sg address is being hit - I can add a "negative watchword." As in, "-spammyco," meaning "don't create an address containing the word 'spammyco.'"

Negative watchwords con: they're reactive. Pro[s]: one, no "forgetting"; two, odds are they'd require less maintenance.

(Of course, standard watchwords would still be needed for the situation where entirely new spam addresses are being created. As suggested by Warren [?], the two watchword systems could coexist. With luck, we'd never have to use "standard" watchwords if we didn't want to bother.)
sg-since03
 
Posts: 46
Joined: Sun Sep 02, 2007 9:11 am

Postby SysKoll » Fri Dec 14, 2007 12:30 am

A negative watchword is a blacklist. How would blacklisting a string prevent creation of addresses, when this is done by (accidentally) mangling existing disposables?
-- SysKoll
SysKoll
 
Posts: 893
Joined: Thu Aug 28, 2003 9:24 pm

Postby sg-since03 » Fri Dec 28, 2007 9:36 am

A negative watchword is a blacklist. How would blacklisting a string prevent creation of addresses, when this is done by (accidentally) mangling existing disposables?


Huh?? How does it differ [logically] from the watchword mechanism?

Watchwords: "Do not create an sg address if the address does NOT contain the string 'xyz.'" Negative Watchwords: "Do not create an sg address if the address DOES contain the string 'xyz.'"

Why does the mechanism creating the spurious addresses matter? As long as an address contains the user-specified string, then any random padding characters should be irrelevant - the address just won't/shouldn't get created. At a loss here... After all, it's not your server/software doing the mangling; it's the spammers' software, yes?
sg-since03
 
Posts: 46
Joined: Sun Sep 02, 2007 9:11 am

Postby SysKoll » Sun Jan 13, 2008 1:26 am

I understand your blacklist concept. But how does one use it in practice?

Suppose that you have N disposable addesses floating around. Any one of them (you don't know which) might be captured by a spambot with the mangling bug. If this happens, you will be sent a message with a slight variation of one of your N addresses.

What string do you put in your blacklist to prevent that?

Or do you mean that the blacklist could at least prevent variations for one given disposable?
-- SysKoll
SysKoll
 
Posts: 893
Joined: Thu Aug 28, 2003 9:24 pm

Postby sg-since03 » Sun Jan 13, 2008 3:10 am

Suppose that you have N disposable addesses floating around. Any one of them (you don't know which) might be captured by a spambot with the mangling bug. If this happens, you will be sent a message with a slight variation of one of your N addresses.

What string do you put in your blacklist to prevent that?


So the difficulty is, there would be an impossibly large number of strings to blacklist, is that it? But we are not asking for a blanket blacklist, i.e, a blacklist of variations of *every* address.

(That would be impractical in any case - do we want to hamstring the ability to create variations of our own?)

Or do you mean that the blacklist could at least prevent variations for one given disposable?


Yes.

Addresses given to iffier sites are the exclusive cause of this problem; having the ability to blacklist unique strings from those addresses would solve it.

EDIT:
It's as I wrote in a previous post - modified a bit for clarity: When necessary - i.e, when a particular existing sg address is being hit - I can add a "negative watchword." As in, "-xyzstring," meaning "don't create an address containing the word 'xyzstring.'"
sg-since03
 
Posts: 46
Joined: Sun Sep 02, 2007 9:11 am

Postby josh » Wed Jan 23, 2008 3:24 pm

If we had negative watchwords, what would be the rule where a negative watchword overlapped a positive watchword -- that is, which would prevail?
josh
 
Posts: 1371
Joined: Fri Aug 29, 2003 2:28 pm

Postby sg-since03 » Wed Jan 23, 2008 10:45 pm

If we had negative watchwords, what would be the rule where a negative watchword overlapped a positive watchword -- that is, which would prevail?


Negative.

Negative follows logically. Say the positive watchword is "go." (Too trivial, but this is an example, si?) So the idea is to prevent this:

gobuyatiffysite.<etc>
*********************from turning into this:
spamgobuyatiffysite.<etc>

by saying this:
"Negative watchword = '- gobuyatiffysite.'"
Obviously, the negative watchword "-gobuyatiffysite" trumps the positive watchword "go."

OT: This topic has a footer with the option to "Stop watching this topic"; ergo, I *am* currently watching this topic. Didn't get a notice of your reply, though...
EDIT: Just got the topic notification email. Delay is a function of SG, I guess.
sg-since03
 
Posts: 46
Joined: Sun Sep 02, 2007 9:11 am

Postby mysticturner » Sat Jan 26, 2008 3:32 am

The problem with your negative watchword is that it won't stop what is going on. I've gotten a couple of spams and here's what the spammers are (in my opinion) doing based upon my experience. First off, they've developed a list of our domains: spamgourmet.com, dfgh.... all of them ( or maybe only some of them ). When they see an address from that domain (using your example):

gobuyatiffysite.userid @ ... (some domain)

they have altered it to be:

Totallynew.userid @ ... (same domain)

Your idea of locking out 'go' or some variation of gobuyatiffysite won't stop this because all they need is the userid. Sorry, but I don't see any value except to make trouble for yourself years later when you forgot your negative watchword and tried to create a new address with it in it.
mysticturner
 
Posts: 57
Joined: Sun Jun 12, 2005 6:38 am
Location: Dallas, TX

Postby sg-since03 » Sun Jan 27, 2008 4:59 am

negative watchword[s]...won't stop what is going on ...because all they need is the userid.


Yes, true. That is why I started using watchwords.

If you are correct - and I believe you are - then watchwords still have a loophole: using your watchword exposes it to these fiends. Negative watchwords would solve that problem.

make trouble for yourself...when you [forget] your negative watchword and [try] to create a new address with it in it.


True. But I've made that mistake with watchwords.

Ultimately, yes, it's simpler to:
1. have a watchword, but
2. never use the watchword in any address! [huh??? ah...]
3. Instead, create all new addresses on-site using the "Send a message from one of your disposable addresses" feature.

On-site, any address will be created, even if it doesn't include the/a watchword[s]. The addresses created are now "cleaner," and the watchword serves its purpose most effectively - the watchword is never exposed, so it can never be bypassed. More work, but more effective. I just discovered this fact, and hence this technique, yesterday. In light of your objections and this superior alternative, I withdraw the "negative watchwords" suggestion/request.

Q: "But what do I do when I need an address and SG's site is offline (knocked out by DOS attack)?"
A: That's your cue to use some other anti-spam methodology.

EDIT: This is perverse, but - to belabor the obvious - now I never have the "Where is my confirmation email?" problem. The Law of Unintended Consequences works in our favor for once.
sg-since03
 
Posts: 46
Joined: Sun Sep 02, 2007 9:11 am


Return to Support / Hilfe / ayuda / ondersteuning / ...

Who is online

Users browsing this forum: No registered users and 14 guests

cron