back to article Tracking down the Ron Paul spam botnet

Six weeks ago, a small blizzard of spam promoting Ron Paul, the Republican underdog running for US president, touched off a lot of head scratching. Had politics finally stooped to a place where candidates would resort to such a reviled means of communication? Or worse, were the missives the beginning of a new type of smear …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Paris Hilton

    OK I give up

    anybody brilliant know why anyone would do this at all. Firstly he isn't a serious candidate no matter what the kids think. Second no one likes being spammed so I assume it wasn't a publicity gimmick. Which leaves us with nothing. 200 million is pretty respectable numbers for a python script but aren't there any real programming jobs in Russia if you can do this stuff you can do legit stuff this looks psycho to me. It's all we need good programmers out of their minds on bad vodka.

  2. Almost Speechless

    This isnt fare.

    The irony of course is I am a Ron Paul supporter and have signed up an every list I can get on to keep up to date with Dr. Paul and I find it interesting that I never got any spam emails about Ron Paul, I kind of feel cheated.

    Is there a place to sign up?

  3. yeah, right.

    Ron Paul?

    Outside the US I'm guessing this guy doesn't really exist. As I understand it, he's a far-right creationist (so completely divorced from reality) who has managed to somehow gain some sort of cult following.

    The one thing he seems to stand for is something called "States rights", where individual states in the USA can tell their federal government to stuff it and run things their own way. However, it seems to me that the USA had a civil war over this issue, with the "southern" states representing the concept of "states rights", mainly over the issues of taxation and slavery. Last I checked, the bigoted rednecks LOST that particular war, so I'm curious as to why people think the winners, who are still in charge, are going to allow that sort of bullshit to proliferate yet again?

  4. Anonymous Coward
    Paris Hilton

    Integrated?

    What does "it comes integrated with spamassassin" mean? Does the program check whether signatures of its outgoing mails show up on blacklists? More details, please.

    >> Firstly he isn't a serious candidate no matter what the kids think

    There are serious candidates for US president?!? Be still my heart!

    A Paris Hilton icon because at the point we're at, Paris for President may not be the worst choice.

  5. Anonymous Coward
    Happy

    2 AC

    Legit programming jobs just don't pay as good as that kind of stuff on Easter European markets, and you guys aren't making it easy for us to get to US/Europe to get a decent job. That leaves us with thousands of good programmers in Russia/Ukraine/Belarus that'll work their asses off for US$1K, producing all kinds of wonderful stuff :)

    Same thing with China I guess

  6. Brett Brennan
    Pirate

    SPAM Pays Well

    If someone that can create a sophisticated distributed service application does so to create a piece of "malware", then there is probably more remuneration in making malware than getting a "legitimate" job. Or, rather, creating malware is a legitimate job in Russia, and one that probably pays better and has more prestige than working at an outsource code farm in Minsk.

    When malware attacks were perpetrated by hacker kidz, it was simply for prestige and the thrill you get from setting fire to the school. Now, however, there is a large industry spanning many different business models to produce, distribute and harvest spam/phishing/botnets. The defining indicator of these business models is that they have developed a market for the sale of their services, and competition for the revenues is driving significant improvements.

    There is nothing fundamentally different about a spam network and a "legitimate" direct marketing organization - except that the spam network is likely more profitable.

    Something to think about.

  7. Barry
    Paris Hilton

    @Almost Speechless

    It would have been fair had you actually paid the correct fare when you signed up. Clearly you went for the free entry level sign-up!

  8. Anonymous Coward
    Happy

    Ron Paul is the best the US has to offer...

    http://www.businessweek.com/magazine/content/07_50/b4062021769214.htm?chan=rss_topStories_ssi_5

    So of course they'll never get him - they don't deserve someone as sensible as that; but they definitley need him.

  9. Anonymous Coward
    Anonymous Coward

    Time for ISPs to do the decent thing

    It's clear that the arms race will not be won by playing spammers on their own terms. One fix for one spam generator begats a new spam generator. The simplest, effective way to eliminate* spam will be for ISPs to block port 25 for end users and insist they use port 587 for sending mail. 587 is designated for submission, and requires authentication. 25 is for mail relay between ISPs.

    Within a few weeks our major ISPs could cut off the bots on their networks. Simple and effective.

  10. Matthew
    Go

    There's more here

    "When Stewart logged into Reactor" - why do I think that there's a pretty interesting story to be told here?

  11. Dave

    Noticing bounces

    Nice to see they've got a mechanism for noticing bounces - do they use that to tune the spam to get past filters or to actually make an effort to remove addresses that bounce? If so, my policy of bouncing spam might eventually pay off and be better than systems that just quietly eat it or worse, accept it and then fake a bounce message to the wrong system afterwards.

  12. Spleen
    Black Helicopters

    My guess

    The "smear campaign by another candidate" theory is crap, because Ron Paul is less likely to win the presidency than I am. If a candidate was going to send spam emails in the name of another candidate to discredit them, they'd aim it at Giulani, or Romney, or at a stretch even McCain - someone with a vague hope of winning.

    My guess is that some Paul campaigner thought it would be a good idea to release all these emails, then people could claim it was a smear campaign by another candidate. This may sound like an overly complex conspiracy theory but it would be entirely in keeping with the persecuted minority complex the Ron Paul faction has.

    Everyone knows you can't trust people with interchangable first and last names anyway.

  13. James Geldart
    Unhappy

    do the decent thing?

    Robbie, you have a point, but I actually don't think it would help. Firstly it would irritate the hell out of those (myself included) who legitimately run their own mail servers, although relaying via our ISPs probably isn't the end of the world. But I'd guess the additional load on ISPs' mail servers to do the relaying might not be insignificant,

    The main reason, though, is that the spammers would quickly find a way around it. It wouldn't take much for a rogue ISP to sell mail server accounts to spammers - and if they're clever those accounts could be spread among cheap hosted virtual servers all over the world, making blocking them very difficult. And of course it would set up a market for stolen mail server logins - I'm sure it's not outside the bounds of possibility for a trojan to steal account details from Outlook Express, for example.

    I think that as long as there's a market, there will be spam. And the market is generated by people who buy the products they sell, follow the stock tips etc. It's those idiots who need to be sat on - any ideas anyone??

  14. Anonymous Coward
    Alert

    RE: yeah, right.

    Yeah, he's a crazy son of a bitch to support "States rights" since the "10th amendment" expressly forbids it! i.e.

    Tenth Amendment to the United States Constitution:

    "The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people."

    Freaking idiot!

    The southern states had it right but, unfortunately, the Declaration begins with: "...all men are created equal." whoops!

    (where is the sarcasm key on this thing?!)

    Yeah, all of us "Paulites" are cultists. We must be crazy since we believe in the constitution, refraining from nation building and leaving the rest of the world alone. We'd like to bring our troops home, not just from Iraq but from the 130 countries we're stationed in. We'd like to be the "leader's of the free world" again but this this time by setting an example instead of waving a gun.

    We'd like to talk, one on one, to the Iranians and the N. Koreans. We'd like to return to the gold standard to make the dollar more inertial and we'd even like to allow YOU to have more power, instead of the Fed's.

    We're sick, seriously. Help us.

  15. Bob Appleyard

    @Ron Paul spamming AC

    Doesn't the Constitution also say that the Supreme Court is tasked with interpreting its meaning and application to specific matters? and so sticking a president you like in is something of an indirect means to "get back to the Tenth," as it were?

  16. Gavin Pearce
    Go

    Re: There's more here

    I agree!

  17. Anonymous Coward
    Pirate

    But the article leaves us guessing about the motives..

    > We'd like to talk, one on one, to the Iranians and the N. Koreans. We'd like to

    > return to the gold standard to make the dollar more inertial and we'd even like to

    > allow YOU to have more power, instead of the Fed's.

    You sick bastards! You didn't get the memo on New US - Righteous Fascism (NURF)?!

    After Iran and the Euro-fags get it, you are next!

    Don't stop now - vote Giuliani!

  18. Anonymous Coward
    Happy

    Shit. My names are interchangeable.

    @Spleen: "Everyone knows you can't trust people with interchangable first and last names anyway."

    Bugger.

  19. Maksim

    @Brett Brennan

    Being from Minsk, I'd say that working on an 'outsourcing farm' is kinda prestigious, in a way that it's a lot better job that the most jobs out there. And btw Minsk hosts two biggest european software houses.

    But I can easily see how people could write something like reactor for the coolness of it, as opposed to doing boring stuff outsorced from elsewhere. And there's extra pay, of course

  20. Anthony

    spam

    I don't see a difference between penis spam and spam about US politicians.

    John Thomas, Ron Jeremy, Ron Paul, Ru Paul..

    It's pretty much all the same to me.

  21. Anonymous Coward
    Boffin

    @Time for ISPs to do the decent thing

    (1)

    I mostly agree - use of port 25 from a residential DSL connection should be an 'opt in' service. I personally run my off-site backup mailserver over a high-speed (15mbit) DSL connection, but then I pay for a business tarriff with my ISP. 'lite' tarriffs should no include automatic use of port 25.

    (2)

    Additionally, I have been thinking more and more that the SMTP protocol needs to evolve in order to squash spam. The existing protocol does nothing in the way of validation of headers, as it was only ever designed as a 'best attempt' way of trasmitting a message. Some spam detection engines check headers, but thats a bit late to put it politely.

    We need to implement public-key signed route and sender/recipient entries, which can't be (easily) spoofed. Also what about sender domain validation via MX record? Sure this would inflate the footprint of your average email, but offset this against the reduction in transmission of crap mail with forged headers.

  22. Harry Stottle

    Far from being a no hoper

    I'm predicting - on the basis of google search results - that Ron Paul will be the next President of the US of A. If you don't mind wading through a discussion on Democracy, you'll find the explanation for this bizarre hypothesis in my latest comment response on http://stottle.blogspot.com/2007/11/datastrophe.html

  23. Anonymous Coward
    Anonymous Coward

    Spam

    How does email spam choose a winner of a debate from an on line poll?

    I'm a Ron Paul supporter and have participated in polls on line after a debate and have seen on line polls removed from the website (CNBC) and the numbers reduced when Ron Paul is way out in front. The reasoning is always; it's spammers.

    I am 100% positive that this didn't come from Ron Paul or his campaign. The man just has too much integrity. As to whether it came from an over zealous grassroots supporter or somebody looking to smear both the campaign and the grassroots support; I have no idea.

    I do know Ron Paul scares the establishment (Republicrats) because the constitutional government he wants to return to will take away all of their power. No more giant tax pie to divide up between their lobbyist and corporate friends. No more non-stop spending by Congress fueled by the Fed printing fiat currency. He scares the MSM because they see that the internet has become the great equalizer and it's getting harder and harder for them to control the political debate in this country.

    Don't let the MSM shills tell you who are next President will be; that your vote doesn't count, Ron Paul can't win or who Ron Paul supporters are; make up your own mind. I'm a member of a Meetup group to support Ron Paul. We're just a bunch of people, Dems, Indys, Repubs, first time voters, young, old and inbetween who are passionate about civil liberties, bringing our troops home from Iraq, getting rid of the IRS, smaller government. We see that a huge federal government doesn't work- period. No matter how much of our hard earned cash is sunk into it, no matter how many congressional hearings, no matter how many reform bills are passed. It will not work.

    If you won the lottery and wanted to donate a few million to the homeless, would you give your money to the Department of Health and Human Services or Habitats for Humanity? If you wanted to help the environment with a few million dollars would you give it to the EPA or Earth first? Now ask yourself why you chose Habitats for Humanity or Earth First.

    There's nothing cultish about it. While Ron Paul is the man we want to be our next President; it's the ideas and philosophy of government which he stands for that is fueling this political movement.

    I saw several thousand people come out to support Ron Paul at the rally in Philadelphia on November 10th. The Park Service estimated 5,000, and I doubt there are spam bots who donate money to political campaigns and right now Ron Paul is heading toward $11 million this quarter.

    ronpaul2008.com or google Ron Paul + any issue and get the truth about his positions from the man himself.

  24. Timur Rozenfeld

    States rights

    The South fought the war for slavery and used States Rights as a smokescreen. The confederate's federal government's infringement on states' rights exceeded those of the Union.

    States don't have rights that supercede the bill of rights or the rest of the Constitution. Ron Paul isn't looking to do anything other than what the constitution says.

  25. Nexox Enigma

    @@Time for ISPs to do the decent thing

    I've been saying that we need to do the public key signing for server to server mail connections for a long time now. At the very minimum it'd allow people to determine which servers were responsible for sending spam and then blacklist them.

    I guess there are a lot of mail servers out there, plus quite a few lazy sysadmins. If this were to happen at all it would have to be optional for a long time, so that mail servers could fall back on that whacky smtp. Unfortunately it would be of limited use until all major mail servers implimented the new protocol.

    And I don't think that what we need is another modification to smtp - we need to dump that and start over. The Internet, for an entity that is supposed to evolve rapidly, sure does hang on to some old bits for quite a long time...

  26. Paul
    Alert

    Follow the money

    As with everything in US politics these days, the best way to figure out where the spam campaign originated is to follow the money.

    Though that could be tricky since the money ended up in the pockets of shitsack Ukrainian spammers.

  27. bill oxley

    ISPs doing the right thing SIGH,

    dkim.org and 1/2 the spammers are already sending legitamately dkim signed mail. The only way to stop spam is to monetise it. If an email shows up at my mta with more than 3 receiptients on it, I need a check for $3.00 to deliver it to the inbox.

    thanx,

    bill

  28. W
    IT Angle

    Ron Paul

    Re: Spam - I'd say it stems from a concerned (allbeit misguided) hacker genuinely trying to help the RP campaign - all pub is good pub right?

    Re: Ron Paul - He's got more integrity than the bilderberg prostitutes -

    and IMO that matters most!

    ...the rest will tell you only what you want to hear and continue to serve their corporate masters.

  29. Morely Dotes
    Alert

    Do some research, Mr. Goodin

    "Had politics finally stooped to a place where candidates would resort to such a reviled means of communication?"

    Politicians have been spamming (both on their own, and in smear campaigns) since at least 1998. Maria Cantwell, a current office-holder, was previously CEO of RealNetworks, which engaged in spam in support of their business while she was at the helm. In 2000, spam was used in a smear campaign in a Minnesota race between Ciresi and Grams. In 2002, the Bill Jones gubenatorial campaign web site was shut down by the ISP because of spam sent on behalf of Jones. In 2006, Charlie Crist, attorney general of Florida and gubernatorial candidate, spammed Florida voters

    Political candidates have demonstrated that they will do absolutely *anything* to get votes. I am certain that, if you could convince a politician that televised coprophagia would get them elected, that politician would make every effort to get their next meal of used food onto the biggest networks.

  30. Ed

    More info...

    There's some interesting reading here:

    http://www.secureworks.com/research/threats/ronpaul/?threat=ronpaul

  31. ricknhouston

    Speaking of "bots"

    ... or ... We could all just keep on listening to and doing what "big Brother" says for us to do and be totally deserving of whatever that brings us...

  32. andy

    More smearing

    Ron Paul is the only vaguely honest, no-nonsense politician the US has had in years. He is a big threat to the establishment and he is gaining ground rapidly.

    Could be that things like this are designed to tarnish his name. After all, many other methods have already been tried to suppress him. That's probably why many may not have heard of him, but I suspect you'll be hearing a whole lot more very soon...

    http://infowars.net/articles/october2007/121007Smear.htm

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021