The FreeBSD Diary |
|
(TM) | Providing practical examples since 1998If you buy from Amazon USA, please support us by using this link. |
|
Which BSD site is sending out spam?
28 February 2001
|
|
I was surprised by some spam I received tonight. It was the sender
and subject matter which caused me the most concern. It was the first time I'd ever
been spammed about BSD. Usually it's some pyramid selling scheme which promised
riches beyond your wildest dreams or a sure fire way to make money by selling bogus
reports to other gullible fools. But this spam was different. It was
advertising a BSD site. It wasn't just one message. They sent me four messages, one via the freebsd-chat mailing list, and three directly to nz.freebsd.org and two to freebsddiary.org. I would imagine they obtained a list somewhere and I can't believe they're stupid enough to think that spam is acceptable, especially within the BSD community. It will only serve to alienate them. In the mail headers, I notice this:
A quick search revealed nothing of interest, but this mailing list archive message leads me to believe it's a PHP based tool. |
|
So who did the spamming?
|
The spam originated within arpnetworks.com,
which is registered to:
They appear to be a web design / software house. For someone in the business of the Internet they appear to know very little about netiquette. The spam was advertising BSDSearch.com which claims to be a "new search engine for BSD users around the Glove [sic]". Apparently, they have a list and they have included removal instructions. This appears to be a non-opt-in list. Such lists are usual spammer tools. Opt-in lists, such as those run by the FreeBSD project are those which you subscribe to, they send you an email, you reply to it, and you're on the list. There is no doubt with such a setup that you have voluntarily joined the list. With a spammer's "list", such as the one run by BSDSearch.com, is the wrong way to do things. BSDSearch.com is registered to:
This name appears regularly in one of the BSDSearch forums. It appears that the owner of the domain from which the spam originated is also the owner of the domain which was being touted in the spam. Mail for both of these domains is handled by mail.filetron.com:
The IP addresses in question are owned by filetron:
Complaints to postmaster@arpnetworks.com bounced with this message:
|
|
The spam
|
Here's one message:
I won't bore with the details of the other messages, but the message ids were:
They also spammed the following mailing lists (perhaps there are more, but these are what I know of now):
I also know of people who received this spam on every BSDi address they own, including aliases, and on every mailing list. |
|
The bottom line
|
| It certainly looks like this spam was sent by and behalf of BSDSearch.com.
It appears to have originated from within the umbrella of BSDSearch and its owner
or his company. There is the possibility that this was an act of terrorism against
the BSDSearch people. But if it was, it was an inside job. I did a simple
relay test on their smtp server. It did not allow relay. I am quite sad that this came from a BSD site. Garry is obviously working hard to support the BSD community and to make a contribution. However, spam is not the way to go. Regardless of how well intentioned this act was, there are no circumstances under which it can be condoned. When I originally wrote this article, I was going to wait 24 hours for a reply to my complaints. I've reconsidered that given the total lack of response I've seen over the past 10 hours. Garry is alive and active: I've seen him post a message to on of his forums. I'm just very disappointed he hasn't bothered to reply. Perhaps he is just working through the complaints and will get to mine eventually. In any case, I eagerly await Garry's explanation regarding this spam bombing incident. His complete lack of response is certainly not encouraging. But again, he may be busy. |