Services, abuse and bears

A couple weeks ago I wrote a post about handling abuse complaints. As a bit of a throwaway I mentioned that new companies don’t always think about how their service can be abused before releasing it on the unsuspecting internet.
Today’s blog post by Margot Romary at the Return Path In the Know blog reminds me that it’s not always new companies that don’t think about abuse potential before launching services.

I don’t have enough fingers to count the instances over the years when — in running one of the largest email systems in the world at my previous employer — I had to shut down a new product launch because the peer initiated email feature of this new product was insecure.

Margo also points out that networks that allow peer-initiated messages have an average of over 20 spamtraps per IP address. The only surprise about this statistic is how low it is. Margot mentions spammer abuse as one of the primary reasons, but I don’t think every form used by Return Path clients is actually open to spammer abuse. Yes, thinking about how to spammer proof peer-submission is important. But it’s as important to think about how to stop submitters from inadvertently hurting your reputation.
It’s not just forms that have problems, social networking sites also see problems with users and spammers abusing their services.
No security is going to be perfect. After years and years of this, all the people who fight abuse can do is acknowledge that we’re never going to actually stop spammers, scammers and criminals from attacking and compromising services. We are never going to outrun the bear. But that doesn’t mean we shouldn’t think about erecting as many fences and obstacles as possible.

Report Spam button
Gevalia spamming

Related Posts

Improving the email interface

Want an improved email interface? Then build it.
There’s been an ongoing discussion about adding thumbs up / thumbs down style buttons to email clients. While I am dubious this is a useful feature or something that recipients will use, if there are others in the industry that think it would be useful then I strongly suggest they go ahead and create it.
In fact, there are a couple things that have been asked for in email interfaces that aren’t currently provided. Last October I blogged about adding an unsubscribe button to email clients.

Read More

Spamhaus and Gmail

Today’s been chock full of phone calls and dealing with clients, but I did happen to notice a bunch of people having small herds of cows because Spamhaus listed www.gmail.com on the SBL.
“SPAMHAUS BLOCKS GOOGLE!!!” the headlines scream.
My own opinion is that Google doesn’t do enough to police their network and their users, and that a SBL listing isn’t exactly a false positive or Spamhaus overreaching. In this case, though, the headlines and the original article didn’t actually get the story right.
Spamhaus blocked a range of IP addresses that are owned by Google that included the IP for www.gmail.com. This range of IP addresses did not include the gmail outgoing mailservers.
Spamhaus says

Read More

First spam to Epsilon leaked address

This morning I received the first two spams to the address of mine that was compromised during the Epsilon compromise back in April. Actually, I received two of them. One was the “standard” Adobe phish email. The other was similar but referenced Limewire instead of Adobe.

Read More