> > i don't know if I've ever actually received 1 of those spam messages from
> > a host inside Nigeria
>
> wow, i seem to get several per day. would you like some, i can setup an exploder
> for some of my spam if anyones interested? 
and they're all actually sent/relayed through a host in Nigeria? my first
few were, none that I received after that were. alot from south africa,
and a few other parts, but no more from Nigeria
Interestingly enough, I got the following today from a Cybercafe in Nigeria that I had blocked:
>Thanks for the prompt response to the problem with our IP address.
>I have alreday instructed all staff to be more vigilant and we are going
>through the list of people who came around that time on saturday to track
>down who sent this email.
>I am in the process of buying a cybercafe management software which allows
>the administrator to look at diffrent PCs and see what people are doing so
>that if we spot things like this we will stop it.
>Furthermore, I have instructed my team to program the webcams to take
>snapshot of the shop every 20 minutes so that we can see who was in the
shop
>at what time.
>I have also made sure we have notices put up in the cafe to say we do not
>tolerate email spamming and anybody caught will be reported to the
>autorities for appropriate action
>However, I must stress that this is a cybercafe where 100% of people who
>come there use web based email and there is no software or mechanism to
stop
>spamming from web based emails. You can see from the mail that was sent
that
>the person put a web based email address as the return address. Therefore I
>cannot guarantee that this will not happen again , I can only put measures
>in place to deter people. If there is any software you know about that
would
>prevent this or mechanism please let me know and I will put it in place
>immediately
>I am surprised however that there is no responsibility placed on providers
>of web based emails who are in the best position to filter out and prevent
>such emails from being delivered.
>I hope all the measures highlighted above will be enough for you to go to
>the ISP to reactivate our blocked IP
>
>cheers
>Adeyinka
So what exactly do people do in regards to Web spam? I block tcp/80 but would like to hear what others are doing.
Regards,
Hank
<snip>
Interestingly enough, I got the following today from a Cybercafe in Nigeria that I had blocked:
<snip>
>cheers
>Adeyinka
So what exactly do people do in regards to Web spam? I block tcp/80 but would like to hear what others are doing.
Block or rate limit? I would assume that blocking port 80 in a cybercafe wouldn't really work out in the long run.
So what exactly do people do in regards to Web spam? I block tcp/80 but would like to hear what others are doing.
Block or rate limit? I would assume that blocking port 80 in a cybercafe wouldn't really work out in the long run.
One possible solution might be to force all traffic through a proxy, and have it cache all outgoing form traffic for several weeks. This way, if someone reports abuse, you can search the cache and find out who is doing it. From there, hopefully you'll have enough information to hand it over to law enforcement, or at least ban the customer from the cafe.
I don't know what (if any) legal right of privacy is in Nigeria, but I would suspect that a publicly posted policy notice (like "management reserves the right to monitor all traffic" and a strict TOS policy) should mitigate any legal concerns about doing this.
The only problems I see with this are hard drive space for the cache, and the possibility of spammers using secure web sites. Do any web-mail sites use https these days?
-- David
I don't know what (if any) legal right of privacy is in Nigeria, but I
would suspect that a publicly posted policy notice (like "management
reserves the right to monitor all traffic" and a strict TOS policy)
should mitigate any legal concerns about doing this.
Fascinating. Nigeria now has not only US-like internet penetration but also
a US-like legal system.
I would suggest that those who never stepped a foot in the sub-Saharan Africa
refrain from describing how the internet access is setup there.
Alex
My experience has been that it is illegal in most countries and generally
considered unethical to intercept the communications of third parties without
their knowledge. Notifying people that you reserve the right to intercept
their communications does not provide them with the knowledge that their
communications are being intercepted. Knowing that your communications might
be intercepted or that someone has the right to intercept them is not the
same as knowing that they *are* being intercepted.
  If you want to do this, your notification has to be explicit. I suggest,
"You have no privacy here. Everything you are doing is being logged." Notice
that when you tell people the truth, it starts looking less like what you
wanted to do in the first place.
  I think it's obvious that a wishy-washy "mangement reserves the right to
monitor all traffic" is an attempt to deceive your customers. I strongly
recommend not doing that.
  DS
David Schwartz wrote:
  If you want to do this, your notification has to be explicit. I suggest, "You have no privacy here. Everything you are doing is being logged." Notice that when you tell people the truth, it starts looking less like what you wanted to do in the first place.
Well, that makes it sound like you are a pervert that enjoys reading everybody else's e-mail.
The language can be a bit better than that. You're right, you should say that all outgoing web forms are intercepted and recorded. But you can add additional statements to the extent that you won't be reading through that information unless it's part of following up on complaints of abuse, or at the request of law enforcement.
I'm not trying to establish rules carved in stone, and I'm not trying to play lawyer. I was trying to attempt a possible solution to the problem of these spams coming from anonymous-access terminals in public places via web-based mail systems.
Since web-mail doesn't have a fixed protocol to filter/monitor, you have to take a different approach. You can't block all possible vectors, since that would essentially block all traffic. One possibility is monitoring and logging in order to preserving evidence for possible future investigations. Yes it may be seen as invasive, but what other choice is there if your network is routinely being abused by felons?
So far, I haven't seen anybody else post even a vague idea of a solution to this problem. Of course, as a network operator, you don't have to care - you can just cut off the service of any cafe owner who can't figure out a solution on his own.
-- David