[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Spam over Tor
What exactly is happening? Somebody is using your Tor exit node to
access a website (yahoo mail) and using that to send spam? And this is
being traced back to you by the spam being traced back to Yahoo, and
Yahoo checking their webmail logs and finding your exit node's IP?
Look at a Yahoo! mail's headers .. the IP of the submitter (by HTTP from
...) is in there.
I don't see how this is any different than the "pwned" calls (eg: "hey
dood .. somebody flamed my blog from yer server!") .. people have been
using free porno (or whatever) to get folks to answer Yahoo/Hotmail
catchpas for a while now .. and then using those accounts to send spam
until Yahoo/Hotmail/etc figures it out and they move on to the next account.
Actually blocking Yahoo mail without causing other problems would
require a fair amount of work, but could be done by proxying outbound
traffic and filtering the specific bits of the URL that allow composing