Thread: write on screen
Hi. I have a problem - I run pl/sql script on postgresql base using command line in windows and I need to view some data in thiscommand line, but I don't know how to send them in the script.Pleas help
This is worrisome...
I decided to create a separate account for my subscription to PG's
mailing lists (to avoid all replies bouncing back due to my strict
whitelist anti-spam filter) -- I created the account on Dec 22, and
today I notice a phishing e-mail ("Your PayPal account"), meaning
that it took less than two weeks for my e-mail address to go from
PG's mailing list to a spammers' database of addresses... Needless
to say that I have not used this e-mail address (but really, really
really 100% absolute certainty that I have not used it in any single
instance), other than to post a couple messages in here.
This is truly worrisome... I wonder if spammers today are basically
subscribing to mailing lists so that they receive the e-mails (seems
like a very obvious trick), or if they're moving to the next level
of "decrypting" the "encrypted / anti-spam" form of e-mail addresses
(the way they're displayed on the mailing list web site)
Any comments? If it is the first option above, then it feels like
by definition there is absolutely nothing that can be done, now
or ever :-(
Carlos
--
Carlos Moreno wrote:
>
> This is worrisome...
>
> I decided to create a separate account for my subscription to PG's
> mailing lists (to avoid all replies bouncing back due to my strict
> whitelist anti-spam filter) -- I created the account on Dec 22, and
> today I notice a phishing e-mail ("Your PayPal account"), meaning
> that it took less than two weeks for my e-mail address to go from
> PG's mailing list to a spammers' database of addresses... Needless
> to say that I have not used this e-mail address (but really, really
> really 100% absolute certainty that I have not used it in any single
> instance), other than to post a couple messages in here.
>
> This is truly worrisome... I wonder if spammers today are basically
> subscribing to mailing lists so that they receive the e-mails (seems
> like a very obvious trick), or if they're moving to the next level
> of "decrypting" the "encrypted / anti-spam" form of e-mail addresses
> (the way they're displayed on the mailing list web site)
Our email lists are mirrored onto web sites like Google, so I am
thinking they got it that way.
> Any comments? If it is the first option above, then it feels like
> by definition there is absolutely nothing that can be done, now
> or ever :-(
Yes, I came to that conclusion long ago.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
Bruce Momjian <pgman@candle.pha.pa.us> writes:
> Carlos Moreno wrote:
>> Any comments? If it is the first option above, then it feels like
>> by definition there is absolutely nothing that can be done, now
>> or ever :-(
> Yes, I came to that conclusion long ago.
Aggressive spam filtering is about the only thing that keeps email
workable at all anymore :-(. The idea of keeping your address hidden
is not workable and never really has been IMHO.
regards, tom lane
I created an account for perl-cpan and it got hit with spam/phishing attempts in less than a week.
There's not a lot that can be done about it. It's a losing battle to try and fight. There are some things you can do, but it won't be 100% effective. The closer you get to 100% effective, the more likely you are to throw the baby out with the bathwater.
I started using dedicated addresses a few years ago. Anytime I sign up for something, I use an address dedicated for that purpose. Then, when I start seeing spam patterns, I know where the address was used. In the case of mailing lists, there's not much to hide. However, when you sign up for something with a legit store, and then 2 or 3 months later you start getting bombarded with spam having nothing to do with that store -- it's a pretty safe bet where the spammer got your address (unless you use a very easy to guess address like a simple first name or something).
The other problem is dictionary attacks. There are distributed networks of bots that do nothing except try a dictionary of names against your mailserver. You can see how coordinated they are when you are getting dictionary scans from IP addresses all over the globe, starting with A, and not overlapping words.
They are getting more devious too. I found one that had a bug in their tool so it was obvious the connections were linked and they overlapped names every so often (unless it was a single bot net running two separate lists, which is also possible).
It's ugly. No matter how you slice.
Greg
There's not a lot that can be done about it. It's a losing battle to try and fight. There are some things you can do, but it won't be 100% effective. The closer you get to 100% effective, the more likely you are to throw the baby out with the bathwater.
I started using dedicated addresses a few years ago. Anytime I sign up for something, I use an address dedicated for that purpose. Then, when I start seeing spam patterns, I know where the address was used. In the case of mailing lists, there's not much to hide. However, when you sign up for something with a legit store, and then 2 or 3 months later you start getting bombarded with spam having nothing to do with that store -- it's a pretty safe bet where the spammer got your address (unless you use a very easy to guess address like a simple first name or something).
The other problem is dictionary attacks. There are distributed networks of bots that do nothing except try a dictionary of names against your mailserver. You can see how coordinated they are when you are getting dictionary scans from IP addresses all over the globe, starting with A, and not overlapping words.
They are getting more devious too. I found one that had a bug in their tool so it was obvious the connections were linked and they overlapped names every so often (unless it was a single bot net running two separate lists, which is also possible).
It's ugly. No matter how you slice.
Greg
Carlos Moreno wrote:
> today I notice a phishing e-mail ("Your PayPal account"), meaning
> that it took less than two weeks for my e-mail address to go from
> PG's mailing list to a spammers' database of addresses...
Normally you get turnaround times of less than two hours on this, so you
got a good deal.