That Grumpy BSD Guy: A Short Reading List https://nxdomain.no/~peter/the_short_reading_list.html A collection of pointers to things I have written and that I think may be of value to you too (with conference teasers) #openbsd #packetfilter #pf #cybercrime #antispam #security #networking #freesoftware #libresoftware #eurobsdcon #bsdcan
#ContactForm #AntiSpam #WebDev
Most people despise spam as much as I do. So here's a mouthful for you.
Pre-validation Anti-spam Contact Form Mask.
Create a script that searches and extracts the domain, and TLD part of an email separately through RegEx. Then search the message content looking for keywords.
Modify the submit button to just a button. If any of the above matches, have it redirect to the success page (depending on the platform you may have to clone the success page).
1/2
From the archives, to ease your boredom:
"RFC7505 Means Yes, Your Domain Can Refuse to Handle Mail. Please Leave Us a TXT If You Do." (from 2021) https://nxdomain.no/~peter/rfc7505_means_yes_you_can_refuse_to_handle_mail.html #email #spam #antispam #rfc7505 #smtp #dns #cybercrime
I interpret the following
Apr 20 18:38:09 skapet spamd[52874]: (GREY) 117.53.153.22: <> -> <spfilter-2.sel01.mschosting.com-1745167076-testing@ehtrib.org>
As a sign there are still, er, individuals out there who think SMTP callbacks were a good idea.
Please have them read "Twenty-plus years on, SMTP callbacks are still pointless and need to die" (2017) https://nxdomain.no/~peter/twenty-plus_years_on_smtp_callbacks_are_still_pointless.html
Spammers and scammers seem to be constantly surprised that all new Keila subscriptions are manually reviewed. Turns out: #Meta isn’t using an 8€/month plan to send support emails. 
I deleted and refunded the account before they managed to send a single email.
Made some improvements to ejabberd’s `mod_spam_filter` to support blocked domains as provided by RTBL hosts. Give it a try if you’re courageous!
Can somebody explain why people create #spam #pullrequest|s? Who benefits from this? How does this scheme work?
My day started with welcoming agmKHzyPT1wK_sLBlBs0KzXZt_18274@skapet.bsdly.net to the imaginary friends population at https://nxdomain.no/~peter/traplist.shtml, this one generated by whatever runs the service check@taknc.com, hosted in AS134963 (Alibaba) address space.
How is your day going?
Welcome new imaginary friends glenn.finch@bsdly.net and stewart.ashton@bsdly.net to the cast of millions at https://nxdomain.no/~peter/traplist.shtml (served up to us today by mxtest@serverscannerpro.com and mxtest@emailengineexpert.com, respectively).
My favorite new imaginary friend (aka spamtrap) today was however Noreplyadmin@bsdly.net, a faked sender address.
Logs for the interested at https://nxdomain.no/~peter/blogpix/new_imaginary_friends_20250306.txt
The other horribly nonsensical thing I saw during the last 24 hours was the error messages GNU Emacs emits when it is faced with a file of a size that exceeds its expected per-buffer memory allocation.
Fortunately a sane solution was found for that particular problem (split that big hand generated log into smaller pieces) - search for "this log directory" in https://nxdomain.no/~peter/traplist.shtml #spamtraps #greyptrapping #spamd #antispam #cybercrime #imaginaryfriends
#infosec
#spam
#antispam
#office365
Anyone know any OK anti spam/phishing/etc addon filter products for O365 email that sucks less than the woeful MS-Defender rubbish?
And that handle relatively small orgs.. just wasted my time "getting a quote" from a vendor to find out they don't handle under 100 seats.
This lame "contact us for a quote" stuff is a big waste of time.
Still teasing and mulling a #greytrapping with #openbsd #spamd retrospective, so perhaps reprising "Maintaining A Publicly Available Blacklist - Mechanisms And Principles" (2013) https://nxdomain.no/~peter/maintaining_a_publicly_available.html might spur some inspiring comments?
I look forward to hearing your thoughts. #spam #email #smtp #antispam #cybercrime
Is SPF Simply Too Hard For Application Developers?
The Sender Policy Framework (SPF) is unloved by some, because it conflicts with some long-established SMTP email use cases. But is it also just too hard to understand and to use correctly for application developers? https://nxdomain.no/~peter/is_spf_too_hard_for_appdevs.html
(2016 but still holds) #smtp #spf #mail #spam #antispam #security #openbsd #spamd
And ref previous toot, the 1006089th imaginary friend to join the collection at https://nxdomain.no/~peter/traplist.shtml is , mail.protection.outlook.com@bsdly.net following this sequence: https://nxdomain.no/~peter/blogpix/2025-01_18_johnson@vicglobalintelligence.com_to_mail.protection.outlook.com@bsdly.net.txt
The bots never cease to amaze #openbsd #spamd #greytrapping #antispam #cybercrime
And the two episodes combined proved addendum-worty, at least, see https://nxdomain.no/~peter/harvesting_the_noise_revisited.html
Likely not blogworthy in itself, but #openbsd #spamd aficionados will get a light chuckle from hearing that some scraping and massaging relevant logs had the number of imaginary friends at https://nxdomain.no/~peter/traplist.shtml for our not-friends to play with roll past the one million mark in the early hours of today CET.
The recent update of https://nxdomain.no/~peter/harvesting_the_noise_revisited.html has links to more info. #spam #antispam #greytrapping #blocklists #cybercrime
An update on #green #cybercrime #prevention: "Harvesting the Noise While it's Fresh, Revisited" https://nxdomain.no/~peter/harvesting_the_noise_revisited.html (tracked, prettified https://bsdly.blogspot.com/2022/12/that-grumpy-bsd-guy-harvesting-noise.html) now has an update about harvesting even more useful data from #openbsd #spamd log file noise.
#antispam #greytrapping #greencomputing #spam #email #smtp
Edit: per year statistics link now functional
I was reminded that the old "Effective Spam and Malware Countermeasures - Network Noise Reduction Using Free Tools" https://nxdomain.no/~peter/effective_spam_and_malware_countermeasures.html (a somewhat overweight article/blogpost) might still be worth your time if you are that kind of person #openbsd #spamd #antispam #greylisting #greytrapping #cybercrime #freebsd #freesoftware #libresoftware (if nothing else for the references to other items of interest)
Already somewhat blasé from life in the honeypots, yours truly registers an even more bizarre level of events after a some routine logs spelunking
Read on in "A Suitably Bizarre Start of the Year 2025" https://nxdomain.no/~peter/suitably_bizarre_start_of_the_year_2025.html (or https://bsdly.blogspot.com/2025/01/a-suitably-bizarre-start-of-year-2025.html)
#OpenBSD #spamd #spam #spamtraps #greytrapping #SMTP #relaying, #antispam #network #security #cybercrime #2025 #yearofcrazy
A *new* byproduct of the silliness: Spamtraps added per year (growth since records started): https://nxdomain.no/~peter/spamtraps-per-year.txt
A Suitably Bizarre Start of the Year 2025 https://nxdomain.no/~peter/suitably_bizarre_start_of_the_year_2025.html (also https://bsdly.blogspot.com/2025/01/a-suitably-bizarre-start-of-year-2025.html)
Already somewhat blasé from life in the honeypots, yours truly registers an even more bizarre level of events after a some routine logs spelunking
#OpenBSD #spamd #spam #spamtraps #greytrapping #SMTP #relaying, #antispam #network #security #cybercrime #2025 #yearofcrazy
*Bonus EDIT* for CET morning crowd: Spamtraps added per year (growth since records started): https://nxdomain.no/~peter/spamtraps-per-year.txt
