Stopping Chinese Language Spam

  • Lingusitics
  • Thread starter NEOclassic
  • Start date
  • Tags
    Language
In summary: Your e-mail address appears to be in an alphabetically-sequenced list, so it should work. In summary, damgo found that spamming techniques do not work because spammers use the "received" header to verify the sender's address. He tries to spoof the sender's address but is unsuccessful.
  • #1
NEOclassic
163
0
Hello Email dependent colleagues,
By the time I got into this business I was pestered by spam but was relieved to find at the bottom of a page an offer to cease the unwanted postings.
Shortly, having failed to achieve success because, as someone informed me, any response received by a spammer was an indication that I was still alive and active and a signal to keep on spamming.
I have tried merely sending a "reply" but was frustrated by the web-master who couldn't reply because of the great multitude of addresses that the website couldn't handle.
Recently, I started receiving Chinese language messages and there seemed to be no way to get it turned off. So I tried the trick of copying the reply address and then bringing up the forwarding address which was blank and awaiting my input which I then pasted in and then sent. Usually, the Web master refused to send for want of a legal address - but apparently I had successfully forwarded the spam somewhere - perhaps back to China. Hereafter I'm going to try this reply-forward trick on Viagra, girly-girly, Insurance etc etc.

Let's all do it and perhaps the PF faithful membership can do something about unwanted stuff. Jim Osborn
 
Science news on Phys.org
  • #2
You're still just reaching the spammers themselves, who use it to verify your address. What you need to do is turn on the option to "show full message headers" -- in Outlook I think it's 'message properties' -- and look for lines at the top that look like:
Code:
Received: from 34.52.24.123 (mx3foo.bar.com)
          by mail.myserver.edu
          for <myemail@myaddress.edu>; Sun 23 May 04:23:13
The exact format varies, but that tells you where the mail really came from -- here it's bar.com, often it will be hotmail or aol or something. Sometimes there will be more than one such line, in which case you should follow it all the way back. Then forward the message to abuse@bar.com, obviously replacing bar.com with wherever you got from the above Received ilnes.

Return-Path, Reply-To, and From headers are almost always forged on spam.
 
  • #3
Thanks

Originally posted by damgo
You're still just reaching the spammers themselves, who use it to verify your address. What you need to do is turn on the option to "show full message headers" -- in Outlook I think it's 'message properties' -- and look for lines at the top that look like:
Code:
Received: from 34.52.24.123 (mx3foo.bar.com)
          by mail.myserver.edu
          for <myemail@myaddress.edu>; Sun 23 May 04:23:13
The exact format varies, but that tells you where the mail really came from -- here it's bar.com, often it will be hotmail or aol or something. Sometimes there will be more than one such line, in which case you should follow it all the way back. Then forward the message to abuse@bar.com, obviously replacing bar.com with wherever you got from the above Received ilnes.

Return-Path, Reply-To, and From headers are almost always forged on spam.
Thank you damgo!
 
  • #4
Hi damgo

Originally posted by damgo
You're still just reaching the spammers themselves, who use it to verify your address. What you need to do is turn on the option to "show full message headers" -- in Outlook I think it's 'message properties' -- and look for lines at the top that look like:
Code:
Received: from 34.52.24.123 (mx3foo.bar.com)
          by mail.myserver.edu
          for <myemail@myaddress.edu>; Sun 23 May 04:23:13
The exact format varies, but that tells you where the mail really came from -- here it's bar.com, often it will be hotmail or aol or something. Sometimes there will be more than one such line, in which case you should follow it all the way back. Then forward the message to abuse@bar.com, obviously replacing bar.com with wherever you got from the above Received ilnes.

Return-Path, Reply-To, and From headers are almost always forged on spam.

Hi damgo,
I've tried your method without much success. Web servers indicate that there is no such address etc. Perhaps I am doing something wrong: eg, in your example where "bar.com" is the targeted address you have truncated the "mx3foo" at the dot separating foo.bar; If I do not find a dot I have been including all without truncation. My own experience with your "34.52.24.123" is that it supposedly accurately identifies the source - should this traditional group of four integers separated by dots be utilized?
Interestingly most of the spam comes from my own e-mail home (ie .attbi.com) and my prefix (j.osborn@) is in an alphabetic addressee sequence, eg; j.mxxx, j.nxxx, j.obrx, j.osborn, j.owex,j.pxxx etc. Isn't there some way that this wholesale sale of lists to spammers could be controlled? Perhaps in a manner analogous to that used to control unwanted telemarketing in the telephone industry. Thanks again for you kindness in this matter. Jim Osborn
 
  • #5
The "dot-notation" is an IP address - a 32-bit, unique integer assigned to every computer, router, and other such device on the internet.

A hostname, like www.physicsforums.com,[/URL] is really just an alias for an IP address. Use of the hostname or the IP address is equivalent. If you type in 'www.physicsforums.com,' the first thing your browser does is a DNS (domain name service) lookup on the hostname, resolves it to an IP address, and then opens a connection to the machine with that IP address.

The names are just aliases made available via DNS for those of us humans with a penchant for forgetting 32-bit hex integers. ;)

- Warren
 
Last edited by a moderator:
  • #6
Also, I should mention that often the very act of opening a spam email tells the spammer that you're alive. In today's world, many spammers send HTML spam, and most email programs display HTML. The spammer simply includes your email address in the URL of some element of the HTML when he encodes your message. Just by LOOKING at his HTML, you've contacted his servers and told him you liked it.

We really are rather defenseless against spam -- and that's the honest truth. The likelihood that you'll ever be able to actually find the person or company responsible for your spam is remote. SMTP is just extremely easy to screw around with.

Use a spam filter or a killfile. Most of your spam probably have some common headers that would make them easy kills.

It also looks like we're on track to have the government finally make it all illegal, thank god.

- Warren
 

1. How prevalent is Chinese language spam?

According to recent studies, Chinese language spam accounts for over 60% of all spam emails. This makes it one of the most common forms of spam.

2. What are the risks of Chinese language spam?

Chinese language spam can contain malicious links or attachments that can infect your device with malware or steal your personal information. It can also clog up your inbox and make it difficult to find legitimate emails.

3. How do spammers obtain email addresses for Chinese language spam?

Spammers often obtain email addresses by scraping websites, purchasing email lists, or using malware to collect personal information. They may also use social engineering tactics to trick people into providing their email addresses.

4. How can I prevent Chinese language spam?

To prevent Chinese language spam, you can use spam filters on your email account or use a reputable anti-spam software. It is also important to be cautious when giving out your email address and to avoid clicking on suspicious links or attachments.

5. What should I do if I receive Chinese language spam?

If you receive Chinese language spam, do not respond or click on any links or attachments. Instead, mark the email as spam and delete it. You can also report the spam to your email provider or to authorities if it contains illegal or malicious content.

Similar threads

  • Computing and Technology
Replies
15
Views
999
  • Biology and Medical
Replies
1
Views
4K
  • STEM Academic Advising
Replies
25
Views
8K
  • STEM Academic Advising
Replies
10
Views
1K
Replies
12
Views
6K
Replies
4
Views
3K
  • General Discussion
Replies
11
Views
25K
Back
Top