Click the comments link on any
story to see comments or add your own.
Subscribe to this blog
31 Oct 2014
Someone was asking who has the largest set of spamtraps;
I opined that nobody knows, since the people will the biggest ones
don't discuss the details. Also, it's not a very useful metric. There are spammers who only send to
specific large ISPS, so, say, Google would know all about them, and other people wouldn't see them at all.
Also, different kinds of spamtraps get different kinds of spam. I have three general kinds:
- Addresses that were never valid, typically invented by broken scrapeware that grabbed message IDs or
mangled addresses from web sites
- Abandoned addresses and domains, that may have been valid a decade or more ago, but only get spam now
- A depressingly large number of addresses given to well-known companies who then leaked them to spammers.
I also get a fair amount to real addresses that aren't spamtraps, but that are caught by filters or by
I haven't analyzed the spam profiles in detail but they're clearly different. For example, one ESP
doesn't appear on most people's spam radar, but they send me a great deal of spam (relative to my overall modest
volume.) That appears to be because they have a lot of poor quality lists with repurposed addresses, from senders
booted from more selective ESPs, and they're constantly hitting role addresses that aren't spamtraps, but should
never be on anyone's lists.
Stable link is https://jl.ly/Email/spamflavor.html
13 Oct 2014
Every once in a while, when I come across a domain whose WHOIS
is particularly bad, I send it in to ICANN's WDPRS reporting
system. So here is the entire entry for the domain ename.net:
Domain Name : ename.net
Domain Name Server :
For more information,please go to: http://whois.ename.net/ename.net
(If you visit that web site, it's not much more informative, other
than saying that the registrant is ENAME TECHNOLOGY CO., LTD.)
See more ...
Stable link is https://jl.ly/ICANN/ename.html
11 Oct 2014
I see that Afilias has reserved SLAVE.BLACK
as a premium domain, presumably to be auctioned to the
highest bidder. I'm trying to figure out what the
business model is.
(Some names, including a lot of offensive words, are
permanently reserved by ICANN, but this isn't one of them.)
Domain ID: D53146846-LRMS
Creation Date: 2014-07-17T15:32:41Z
Updated Date: 2014-09-15T20:32:11Z
Registry Expiry Date: 2015-07-17T15:32:41Z
Sponsoring Registrar:Afilias (R720-LRMS)
Sponsoring Registrar IANA ID: 9999
Domain Status: inactive
Registrant Name:Afilias Limited
Registrant Organization:Afilias Limited
Registrant Street: 2 La Touche House
Registrant Street: IFSC
Registrant Postal Code:n/a
Registrant Phone Ext:
Registrant Fax: +1.2157065701
Registrant Fax Ext:
Stable link is https://jl.ly/ICANN/blkopp.html
08 Oct 2014
For reasons that should be obvious, a lot of people are
thinking about ways to make e-mail more secure, and harder
to spy on.
The most likely scenario is an improved version of PGP or S/MIME, two
existing encrypted mail systems, that let people publish their encryption
key, which correspondents use to encrypt mail so that only the recipient
can read it. While this is a significant improvement in privacy, it has
the problem that spam filters at the ISP can't read the mail either.
See more ...
Stable link is https://jl.ly/Email/cryptospam.html
My other sites
Who is this guy?
Airline ticket info
Dave Piscitello on Ransomware
24 days ago
A keen grasp of the obvious
My high security debit card
570 days ago
Coalition Against Unsolicited Commercial E-mail
Network Abuse Clearinghouse