SPAM FIGHTING

Hi all,
After numerous requests, I have decided to take the time and start posting "Spam fighting techniques and information". I am not the only Spam fighter within the group, and so, encourage the others to come forth with material to teach the uninformed as well.
Many of you may not know that we are "shadowed" by some of the most elite Spam fighters in all of Usenet. And, to those nice people, "thank you from AFOS".
Below is a short lesson in Spam fighting borrowed from our sister group ABNT. All material given is current, and the URL address's all have outstanding information and tools available. (I've been to all of these sites myself).
One piece of software that is not shown is SamSpade. This is Nail's preferred tool for Spam bashing. It's available at www.blighty.com This program may be used on the sites own server, or you may download it and run it on your own machine. To run it on your machine, the ISP that you are connected to MUST allow ICMP (control message protocol) Most allow this. (i.e., traceroute, ping, DNS lookup, finger, etc.)
Thank you to ABNT for providing the following information. ( Saved me hours of typing with one thumb)
More posts coming with additional info on Spam fighting and Spam control for Ng's and your e-mail...
My address is always shown with my posts, so if anyone has questions drop me a line.

Nail

What is Spam ?

"Spam" in ABIA-F consists of non-binary or irrelevant posts that meet one or more of the following definitions:

1. Text-based advertisements for commercial sites and services. Sexually oriented Web sites and phone sex ads are the most prevalent and annoying examples ("Hot teens are waiting to suck you dry").
   Ads need not be cross-posted to be considered Spam by ABIA-F regulars. They can be single one-time messages, periodic repeats of the same message, or more cryptic repeats of the same message that are disguised by changed "subject" and "from" headers.
   
2. Binary advertisement posts made by commercial sex sites, whose main purpose is to attract viewers to their site. These are generally resized and poor in quality, have the site's URL displayed prominently on the image, and are often accompanied by a subject header such as "Hot new teen Web site!" or "Avoid newsgroup downloads!"
   (Do not confuse these crummy binary Spam ads with reposts by ABIA-F regulars of high-quality full-size series "borrowed from" commercial sites; an example would be the recent ALS series of CD images. Even the large high-quality versions of these images unfortunately still contain a copyright notification and a web site URL on them. There is no easy way for private individuals to remove the text from such images prior to posting them, without seriously degrading their quality.)
   
3. Binary posts that have nothing to do with the newsgroup topic. This can be somewhat controversial (recall the U.S. Senator who recently said "I can't define pornography, but I sure know it when I see it"). Many of the "Small-Tits" images posted are not true teens, of course, but certainly any posts involving females past their mid-twenties would be considered off-topic by most ABIA-F regulars, and any posting of females clearly under 18 are illegal and would be considered off-topic.
   The regulars want images of "small brested females" who are getting naked or having sex. So, any material that would not be considered appropriate in the (now largely abandoned) newsgroups a.b.p.e.teen.female and a.b.p.e.teen.fuck would likewise not be welcome in ABIA-F.
   Still in doubt? The answer is simple: post an index and ask the group if they want the posts. You may get various answers, but go with the majority.
   
4. . Extended discussions or arguments; particularly if the area of contention is mainly between two stubborn individuals (assholes) and is of no general group interest. So don't start the thread.
   
5. Posts bragging about having mail-bombed, or cancelled a spammer. If a spammer's account is cancelled, rest assured that it is not because of your complaint alone. All of the regulars work to fight Spam, and the most effective Spam-fighters are stealth fighters. If you want to attract more Spam to ABIA-F, nothing will do so more quickly than baiting additional spamming assholes with your virtual chest-pounding. Learn to live smugly and silently with the victories.
   Note however that it is perfectly appropriate to post verified ISP and contact information for a persistent spammer to the group, so that all can help in getting his account cancelled.
   
6. Software that is already easily available for downloading, either from the Web or from the warez groups. If you want to let ABIA-F regulars know about new relevant software, post a brief text message listing the URL ("ATTN: All - new SpamHater version 2.03 released, URL inside"). If you have a question or reply about software for viewing, autoposting or cataloging images, post it as noted above.

What can I do about Spam ?

You have three basic choices:

1. Ignore the Spam and concentrate on downloading the files you like. (be a shameless leech)
   
2. Use a newsreader that has kill-filters for Spam. (be a shameless but sophisticated leech)
   
3. Take an active aggressive role in Spam-fighting. (be a totally cool dude and valiant protector of the Internet!)

Since you obviously want to be a totally cool dude and fight Spam, you will need the following software capabilities:

1. A Usenet Newsreader that can be set to display all headers for Usenet messages. The NNTP (network news transfer protocol) headers include useful information such as "From". "Subject", "Reply to", "Message-ID", etc. that you would see in a raw message above the actual binary coding. Agent, Gravity, and NewsXpress are examples of popular Windoze newsreaders that allow full header listings. Unfortunately, many of the rudimentary newsreaders built into Web browsers (Netscape Navigator, MS IE) may not be capable of displaying all headers. Go to www.shareware.com and search for "newsreader" or "usenet" software under your platform (DOS, Mac, OS/2, Unix, Windows).
   You should also set your newsreader to sort messages by author instead of by subject or thread, as this will help reveal who the spammers are more clearly (as well as who the really cool posters are!).
   
2. A Network Utility program that will do DNS lookups and WHOIS queries. These routines allow you to identify the ISP (Internet Service Provider) of a spammer, to whom you must complain. An added bonus in some of these programs is the ability to do Tracert queries, to identify the upstream ISP of any Uncooperative ISP. There are many freeware network utility programs available; one example for Windoze is NetLab www.eb.uah.edu/~adanil/php.cgi/~adanil/NetLab.phtml Go to www.shareware.com and search for "WHOIS" software under your platform (DOS, Mac, OS/2, Unix, and Windows)
   
3. A degree of patience and intestinal fortitude, since your complaints will often be ignored, responded to automatically by a cold computer, and, rarely, acknowledged by a responsible human being at an ISP.

Condensed Spam-Fighting Instructions for Beginners

1. Make sure that your newsreader is set to display all NNTP headers for each message you read.
2. Ignore the contents of the "From", "Reply to" and "Organization" headers in a message - these are routinely faked or, if legitimate, will simply result in your e-mail address being made known to the spammer when you complain.
3. Look at the "Path", "Message-ID" and "NNTP-posting-host" headers - these give you the information that you need to complain to the ISP. For example, these headers might contain phrases such as: "Path: yourISP!IntermediateNetwork1!IntermediateNetwork2 !Spammers.domain.com!not-for-mail (or user or newsadmin)" "NNTP-Posting-Host: ppp-dialup35.spammers.domain.com" "Message-ID: 19DR86 @spammers.domain.com"
   If internally consistent, these three headers tell you that the spammer's ISP is "domain.com". The Message-ID and NNTP-Posting-Host headers can be faked in some cases, so if in doubt, go with the last complete network listed in the Path header. If the network is given as a numeric IP address, e.g. 205.125.34.60, then get a freeware network utilities program that does DNS lookups and WHOIS queries (see above) to find out who 205.125.34 or 205.125 is. Note: Some newsreaders will allow posters to add lines to the end of the Path statement that obscure the original ISP news server used for the posting. Sometimes these added (fake) Path headers are detectable because they follow a generic login name (!usenet, !not-for-mail) near the end of the Path statement. If there is no obvious ISP to be gleaned from the Path, Message-ID and NNTP-posting-host headers, you can run a Tracert and try a complaint to the apparent upstream ISP. Tell them you are uncertain about the originating downstream ISP because of possibly falsified headers.
4. Send a polite and informative e-mail complaint to "abuse@domain.com" AND "postmaster@domain.com" with the subject "Usenet Spam". Include a FULL copy of the spammer's post with all headers and message text. Write a brief message, telling the ISP that the message was irrelevant to the newsgroup. One example is:
   

If the sys admin at the spammer's ISP gets numerous complaints from several people, the spammer's account may be cancelled right away. 99.9% of the ISP sys admins will appreciate and respond to any polite effort you make to keep their clientele within the confines of Usenet protocol.
If each of us makes a concerted effort to complain to spammers' ISP's, the group will remain relatively "clean".
Note: If you use Windoze 95, the FREEWARE program SpamHater a href="http://www.compulink.co.uk/~net-services/spam"> www.compulink.co.uk/~net-services/spam will do all of this automatically for you. (Similar software exists for other platforms as well, go to www.shareware.com and search for "Spam" software under your platform. Also go to com.primenet.com/spamking/#fighters

How to complain effectively to ISP's

1. Yours was not the only complaint that got the spammer's account cancelled.
   
2. Nothing will bring on more Spam than baiting the other assholes out there with chest-pounding.

Advanced Spam-Fighting: