whats with these "microsoft service pack" spams ?

[KLR]

over the lasty month - I must have received several hundred of these
crappy things.

I have got mailwasher on the comp and fortunately I have been able to
delete and bounce them - but they still keep coming. Whoever is
sending them must be a bloody good spammer as unlike most spams - very
few of these come up as spams on mailwashers databases.


Im quite pissed off at bigpond too for doing nothing to stop them
coming.

 

[Allan]

Bloody Virus Crap..

"KLR" <kreed@bigpond.net.au> wrote in message
news:f4mtnv4n1l3djp4njf7kn16eskpo0g14m5@4ax.com...

over the lasty month - I must have received several hundred of these
crappy things.

I have got mailwasher on the comp and fortunately I have been able to
delete and bounce them - but they still keep coming. Whoever is
sending them must be a bloody good spammer as unlike most spams - very
few of these come up as spams on mailwashers databases.


Im quite pissed off at bigpond too for doing nothing to stop them
coming.

 

[Russ]

"KLR" <kreed@bigpond.net.au> wrote in message
news:f4mtnv4n1l3djp4njf7kn16eskpo0g14m5@4ax.com...

over the lasty month - I must have received several hundred of these
crappy things.

I have got mailwasher on the comp and fortunately I have been able to
delete and bounce them - but they still keep coming. Whoever is
sending them must be a bloody good spammer as unlike most spams - very
few of these come up as spams on mailwashers databases.


Im quite pissed off at bigpond too for doing nothing to stop them
coming.

You are being hit by the "Swen" worm that, among other things, harvests
email address from newsgroups.

You need to change your email address setting in your newsreading program -
just add "spam" or "removethis" or something to it, ie, something that
humans can easily see should be removed to make the email address valid, but
is difficult for an automated virus to use.

Unfortunately, as your email address is known to the worm, you won't see a
reduction in the volume of email until the worm dies out. Given the number
of infected machines on the net, this could take a long time

Being a fairly clever worm, it uses a large variety of different subjects,
body texts, attachment names and attachment sizes, so without a proper virus
scanner, it is very difficult to identify the emails.

Russ.

 

[Don McKenzie]

Russ wrote:

You are being hit by the "Swen" worm that, among other things, harvests
email address from newsgroups.

which spells news backwards

been around since mid september. for more details see:
http://www.symantec.com/avcenter/venc/data/w32.swen.a@mm.html

I have seen reports of some users getting 2000 a day, others getting 20
meg an hour.
the 'alt.spam, net-abuse-email' type newsgroups carry stories that are
real shockers.
There has never been a virus that had done this much damage.

I have got my spam down to virtually zero, but this cunning devil
manages to get through at the rate of about 1 or 2 a day, so I can
imagine what it is doing to some users, ISP's and businesses.

Most ISP's refuse to block it including optus and telstra.
bluebottle has shut down it's email filtering service, and many other
companies are experiencing similar problems.
see: http://bluebottle.com/pr01102003.html

here is an interesting read that will give you something to think about:
http://smh.com.au/articles/2003/09/15/1063478110174.html

Email as we know it, has already changed dramatically in the last 2 or 3
years. Will we have to abandon it completely?

Don...

--
Don McKenzie E-mail: http://www.dontronics.com/e-mail.html
Home Page: http://www.dontronics.com

USB to RS232 Converter that works http://www.dontronics.com/usb_232.html
The World's Largest Range of Atmel/AVR & PICmicro Hardware and Software

 

On Sat, 04 Oct 2003 14:30:18 GMT, KLR <kreed@bigpond.net.au> wrote:

From: KLR <kreed@bigpond.net.au

And they keep showing up at the above address?

 

[Bob Parker]

Don McKenzie <support2003**NOSPAM**@dontronics.com> wrote:

I have seen reports of some users getting 2000 a day, others getting 20
meg an hour.
the 'alt.spam, net-abuse-email' type newsgroups carry stories that are
real shockers.
There has never been a virus that had done this much damage.

Isn't it interesting that the "Love Bug" worm had headline news,
yet this one is far more widespread and destructive but it never seems
to rate a mention on the TV news that I watch anyway. Apparently we're
all becoming de-sensitized to spam and worms now.
I'm surprised that there are still people who are only now asking
about this Swen worm. Some still don't seem to realize that it is a
worm, or that it wasn't really sent by Microsoft.
Personally I think that if they catch the mongrel who released it,
a 20 year jail term might make others think twice before doing the
same kind of thing.

Email as we know it, has already changed dramatically in the last 2 or 3
years. Will we have to abandon it completely?

I used to think it could never happen. Now I think it can. American
legislators turn to jelly the moment the spammers utter those two
hallowed little words... "Free Speech".
If that 'logic' was applied in Australia, the guys who painted "No
War" on the Sydney Opera House would have been free to walk away.
I'll get off me soap-box now. :-|

Bob

 

[Don McKenzie]

I used to think it could never happen. Now I think it can. American
legislators turn to jelly the moment the spammers utter those two
hallowed little words... "Free Speech".
If that 'logic' was applied in Australia, the guys who painted "No
War" on the Sydney Opera House would have been free to walk away.
I'll get off me soap-box now. :-|

Bob

I just learnt that zipped versions of swen are starting to appear, so we
may get it all over again, but in another form.

Assure me:
Only a mentally impaired single cell organism would open a zip file not
specifically addressed to them, or from a party they don't know!

An internet user wouldn't unzip it and then run it, would they? We are
smarter than that

BTW
did you get my private message yesterday Bob?
I'm starting to wonder if email is still a deliverable item.


--
Don McKenzie E-mail: http://www.dontronics.com/e-mail.html
Home Page: http://www.dontronics.com

USB to RS232 Converter that works http://www.dontronics.com/usb_232.html
The World's Largest Range of Atmel/AVR & PICmicro Hardware and Software

 

[Bob Parker]

Don McKenzie <support2003**NOSPAM**@dontronics.com> wrote:

Assure me:
Only a mentally impaired single cell organism would open a zip file not
specifically addressed to them, or from a party they don't know!

I'd really like to assure you, but....

An internet user wouldn't unzip it and then run it, would they? We are
smarter than that

You and me and everyone else reading this might be, but some internet
users are so stupid that they actually respond to spam and give
spammers their credit card details. Never underestimate the
stupidity/gullibility of some people who use the internet....

BTW
did you get my private message yesterday Bob?
I'm starting to wonder if email is still a deliverable item.

Yes, thanks. To be honest, I'm not highly literate when it come to
webpage design and things like that. You can tell from looking at my
very primitive website. I haven't quite figured out yet what's
involved in implementing it. I'll have another look tonight.


Cheers,
Bob

 

[Don McKenzie]

Yes, thanks. To be honest, I'm not highly literate when it come to
webpage design and things like that. You can tell from looking at my
very primitive website. I haven't quite figured out yet what's
involved in implementing it. I'll have another look tonight.

Cheers,
Bob

no worries Bob
please let me know if I can help.


--
Don McKenzie E-mail: http://www.dontronics.com/e-mail.html
Home Page: http://www.dontronics.com

USB to RS232 Converter that works http://www.dontronics.com/usb_232.html
The World's Largest Range of Atmel/AVR & PICmicro Hardware and Software

 

[Rod Speed]

"Don McKenzie" <support2003**NOSPAM**@dontronics.com> wrote in message news:3F7F2F36.200A879@dontronics.com...

Russ wrote:

You are being hit by the "Swen" worm that, among other things, harvests
email address from newsgroups.

which spells news backwards

been around since mid september. for more details see:
http://www.symantec.com/avcenter/venc/data/w32.swen.a@mm.html

I have seen reports of some users getting 2000 a day, others getting 20
meg an hour.
the 'alt.spam, net-abuse-email' type newsgroups carry stories that are
real shockers.
There has never been a virus that had done this much damage.

I have got my spam down to virtually zero, but this cunning devil
manages to get through at the rate of about 1 or 2 a day, so I can
imagine what it is doing to some users, ISP's and businesses.

Most ISP's refuse to block it including optus and telstra.
bluebottle has shut down it's email filtering service, and many other
companies are experiencing similar problems.
see: http://bluebottle.com/pr01102003.html

here is an interesting read that will give you something to think about:
http://smh.com.au/articles/2003/09/15/1063478110174.html

Email as we know it, has already changed dramatically in
the last 2 or 3 years. Will we have to abandon it completely?

Nope, there will always be obvious fixes.

I havent got a single one on any email address that matters.

 

[Rod Speed]

"Bob Parker" <bobp@bluebottle.com> wrote in message news:fqcunvs42est17hmctvgi9q2d6cbjo7j4o@4ax.com...

Don McKenzie <support2003**NOSPAM**@dontronics.com> wrote:

I have seen reports of some users getting 2000 a day, others getting 20
meg an hour.
the 'alt.spam, net-abuse-email' type newsgroups carry stories that are
real shockers.
There has never been a virus that had done this much damage.

Isn't it interesting that the "Love Bug" worm had headline news,
yet this one is far more widespread and destructive but it never
seems to rate a mention on the TV news that I watch anyway.

Just another example of how comprehensively the news manages
to mangle the story in any area you know anything about yourself.

Presumably they mangle it just as badly
in the areas you dont know much about too.

Apparently we're all becoming de-sensitized to spam and worms now.
I'm surprised that there are still people who are only now asking
about this Swen worm. Some still don't seem to realize that it is a
worm, or that it wasn't really sent by Microsoft.

Personally I think that if they catch the mongrel who
released it, a 20 year jail term might make others
think twice before doing the same kind of thing.

I doubt it would have any effect.

Email as we know it, has already changed dramatically in the
last 2 or 3 years. Will we have to abandon it completely?

I used to think it could never happen. Now I think it can.

Not a chance. You watch.

American legislators turn to jelly the moment the spammers
utter those two hallowed little words... "Free Speech".

They do in fact have more controls over telemarking than we do.

If that 'logic' was applied in Australia, the guys
who painted "No War" on the Sydney Opera
House would have been free to walk away.

Nope, even in yankeeland, you try doing that
on one of their national monuments, say the
Statue of Liberty, and see how long you last.

I'll get off me soap-box now. :-|

You fell off |-)

 

[Rob Judd]

KLR wrote:

over the lasty month - I must have received several hundred of these
crappy things.

I have got mailwasher on the comp and fortunately I have been able to
delete and bounce them - but they still keep coming. Whoever is
sending them must be a bloody good spammer as unlike most spams - very
few of these come up as spams on mailwashers databases.

Im quite pissed off at bigpond too for doing nothing to stop them
coming.

It's a worm, not a virus. And all ISP's employ morons, so won't do
anything. And they'll try to charge you for the extra bandwidth.

Life's a bugger.

Rob

 

[Alex Gibson]

"KLR" <kreed@bigpond.net.au> wrote in message news:f4mtnv4n1l3djp4njf7kn16eskpo0g14m5@4ax.com...

over the lasty month - I must have received several hundred of these
crappy things.

I have got mailwasher on the comp and fortunately I have been able to
delete and bounce them - but they still keep coming. Whoever is
sending them must be a bloody good spammer as unlike most spams - very
few of these come up as spams on mailwashers databases.


Im quite pissed off at bigpond too for doing nothing to stop them
coming.

Don't bounce them, it will
just end up with you getting more of the messages from
news servers saying a mail you sent contains a virus.

With spams etc your better off with mailwasher just
blacklisting and deleting spam etc.

At least its dropped off from 100 an hour to 5 or 6.

Alex

 

[Bob Parker]

"Rod Speed" <rod_speed@yahoo.com> wrote:

Just another example of how comprehensively the news manages
to mangle the story in any area you know anything about yourself.

Presumably they mangle it just as badly
in the areas you dont know much about too.

Exactly what I've thought for a very long time, based on first-hand
experience.

Personally I think that if they catch the mongrel who
released it, a 20 year jail term might make others
think twice before doing the same kind of thing.

I doubt it would have any effect.

So do I. That's why I said "might". At least it wouldn't encourage
the sleazy mongrels who are doing the spamming.

I used to think it could never happen. Now I think it can.

Not a chance. You watch.

Whaddyya reckon is going to be done to reverse the exponential
growth of spam? My hope is that the US FTC is preparing to bust all
the spammers illegally pushing prescription drugs in one big hit, but
I'm not holding my breath. When they busted about 40 spammers at the
same moment earlier this year, my spam dropped by 75% for over a week.

They do in fact have more controls over telemarking than we do.

Maybe so, but they are showing a remarkable reluctance to apply
those laws to spammers.

If that 'logic' was applied in Australia, the guys
who painted "No War" on the Sydney Opera
House would have been free to walk away.

Nope, even in yankeeland, you try doing that
on one of their national monuments, say the
Statue of Liberty, and see how long you last.

True. Their interpretation of "Free Speech" is very rubbery indeed!

 

[Bob Parker]

"Rod Speed" <rod_speed@yahoo.com> wrote:

Nope, there will always be obvious fixes.

At the last big anti-spam convention in the USA where they patted
each other on the back and proclaimed it all a momentous occasion,
they didn't come up with any single practical solution to the problem.
The people with the best view of the situation said that the basics of
e-mail transmission would have to be changed so that at least the
sender could always be identified. Nothing has been done to follow
this up, that I've seen.

I havent got a single one on any email address that matters.

But you've had the foresight not to post your real e-mail address
on newsgroups. I didn't realize that I was leaving myself wide open to
being buried in spam until a few years ago. Now it's too late.

 

[Rod Speed]

Bob Parker <bobp@bluebottle.com> wrote in message
news:bro0ovgsq1csovd9r879cklpqrh9c8ipcp@4ax.com...

Rod Speed <rod_speed@yahoo.com> wrote

Bob Parker <bobp@bluebottle.com> wrote

I used to think it could never happen. Now I think it can.

Not a chance. You watch.

Whaddyya reckon is going to be done to
reverse the exponential growth of spam?

Basically two approaches.

Use the same signature approach already used with virus scanning
to just dump spam because its got a recognised signature.

And for those who dont have to deal with unsolicited email
from new potential customers etc, just dump stuff that isnt
coming from an already authorised souce of emails, with
maybe a proper digital signature approach as well.

With those operations that do need to be able to email
to new potential customers, have them sign on on the
web site to get themselves added to the list of those emails
will be accepted from. And to the web site authorisation
in a way that cant be automated by spammers.

My hope is that the US FTC is preparing to bust all the
spammers illegally pushing prescription drugs in one big hit,

Cant see that even being possible. They'll just operate from
offshore sites instead. They already do that in Mexico etc.

but I'm not holding my breath. When they busted
about 40 spammers at the same moment earlier
this year, my spam dropped by 75% for over a week.

Sure, but it was only for a week until they reacted to that.

They do in fact have more controls over telemarking than we do.

Maybe so, but they are showing a remarkable
reluctance to apply those laws to spammers.

Sure, basically because its pointless and futile.

If that 'logic' was applied in Australia, the guys
who painted "No War" on the Sydney Opera
House would have been free to walk away.

Nope, even in yankeeland, you try doing that
on one of their national monuments, say the
Statue of Liberty, and see how long you last.

True. Their interpretation of "Free
Speech" is very rubbery indeed!

Yep, its never stopped spies being executed
for giving national secrets to the ruskies etc.

 

[Rod Speed]

Bob Parker <bobp@bluebottle.com> wrote in message
news:2bp0ov89itnb2f2l0h6s56p1c909tigk7m@4ax.com...

Rod Speed <rod_speed@yahoo.com> wrote

Email as we know it, has already changed dramatically in
the last 2 or 3 years. Will we have to abandon it completely?

Nope, there will always be obvious fixes.

At the last big anti-spam convention in the USA where they patted
each other on the back and proclaimed it all a momentous occasion,

Thats always the way with that sort of gabfest.

They have to do that to justify their employers paying for the jaunt.

they didn't come up with any single practical solution to the problem.

Dont need a gabfest for that. Its completely trivial solve.

The people with the best view of the situation said that the
basics of e-mail transmission would have to be changed so
that at least the sender could always be identified.

And that technology has been around for
years now, and trivial to use if you want to.

Nothing has been done to follow this up, that I've seen.

Its been trivial to use any time you choose to for years now.

I havent got a single one on any email address that matters.

But you've had the foresight not to post your real e-mail address
on newsgroups. I didn't realize that I was leaving myself wide open
to being buried in spam until a few years ago. Now it's too late.

Nope, just get a new email address and start using that.

Have some proceedure on your web site that makes
it easy to work out what the new email address is.

 

[Don McKenzie]

Rod Speed wrote:

Bob Parker <bobp@bluebottle.com> wrote in message

But you've had the foresight not to post your real e-mail address
on newsgroups. I didn't realize that I was leaving myself wide open
to being buried in spam until a few years ago. Now it's too late.

Nope, just get a new email address and start using that.

Have some proceedure on your web site that makes
it easy to work out what the new email address is.

I agree Rod,
I have the dontronics.com procedure outlined at:
http://www.e-dotcom.com/spam_exp.php
may not suit all, but it is simple, cheap, and it works.

--
Don McKenzie E-mail: http://www.dontronics.com/e-mail.html
Home Page: http://www.dontronics.com

USB to RS232 Converter that works http://www.dontronics.com/usb_232.html
The World's Largest Range of Atmel/AVR & PICmicro Hardware and Software

 

[Bob Parker]

"Rod Speed" <rod_speed@yahoo.com> wrote:

Dont need a gabfest for that. Its completely trivial solve.

You're probably quite right. OK, so how does anyone convince those
in a position to implement that fix, to actually do it? Nothing much
you or me can do.

And that technology has been around for
years now, and trivial to use if you want to.

Seems to me that they don't want to. They'd rather have their
regular gabfests, feel important and sit on their hands.

Nope, just get a new email address and start using that.

I've done that, but some people insist on sending to my old address
no matter how much I tell them not to.

Have some proceedure on your web site that makes
it easy to work out what the new email address is.

I've got it in a form which is supposedly hard for the slimy
spammer harvester bots to read. Seems to be working so far.
Don's idea looks to be bullet-proof if I could only figure out how
to make it work. Haven't had time to sit down and study it properly
yet.
It would be simple if my name was Robert Stroud....

 

[Rod Speed]

Bob Parker <bobp@bluebottle.com> wrote in message
news:6k83ovkekd6ths4gvk6ffskbmeg1jlktsc@4ax.com...

Rod Speed <rod_speed@yahoo.com> wrote

Dont need a gabfest for that. Its completely trivial solve.

You're probably quite right. OK, so how does anyone convince
those in a position to implement that fix, to actually do it?

Makes a lot more sense to ignore them completely.

Nothing much you or me can do.

Thats not right, what Don posted works fine.

If you dont need to be able to accept emails from individuals you have
never had anything to do with before, potential customers etc, its
even easier. Just get a new email address and never use it in usenet.

None of the email addresses I have never used in usenet ever
get a single bit of spam with the exception of those operations
I choose to allow to send me specials etc because I do buy
some stuff from them when the product is of interest.

And that technology has been around for
years now, and trivial to use if you want to.

Seems to me that they don't want to. They'd rather have
their regular gabfests, feel important and sit on their hands.

Sure, thats all those fools are ever about. Politicians in spades.

Nope, just get a new email address and start using that.

I've done that, but some people insist on sending to
my old address no matter how much I tell them not to.

Then just ignore that email address and when they dont get
any response, they will likely check the email address they
used and use the new one when they dont get any response.

Have some proceedure on your web site that makes
it easy to work out what the new email address is.

I've got it in a form which is supposedly hard for the slimy
spammer harvester bots to read. Seems to be working so far.

Yeah, easy enough to do.

Don's idea looks to be bullet-proof if I could only figure out how to
make it work. Haven't had time to sit down and study it properly yet.

Yeah, its all readily doable.

> It would be simple if my name was Robert Stroud....