[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Spam over Tor

What exactly is happening? Somebody is using your Tor exit node to
access a website (yahoo mail) and using that to send spam? And this is
being traced back to you by the spam being traced back to Yahoo, and
Yahoo checking their webmail logs and finding your exit node's IP?

Look at a Yahoo! mail's headers .. the IP of the submitter (by HTTP from ...) is in there.

I don't see how this is any different than the "pwned" calls (eg: "hey dood .. somebody flamed my blog from yer server!") .. people have been using free porno (or whatever) to get folks to answer Yahoo/Hotmail catchpas for a while now .. and then using those accounts to send spam until Yahoo/Hotmail/etc figures it out and they move on to the next account.

Actually blocking Yahoo mail without causing other problems would require a fair amount of work, but could be done by proxying outbound traffic and filtering the specific bits of the URL that allow composing an email.