Sam's Insane Ravings

How to look like a bunch of lazy holiday makers?

How to make sure people forget about it?

Organise a strike for the Tuesday following a long weekend.

Then again maybe they went overboard on publicity. I had more important things happening last week to notice :)

While adding Kian to the official people lists, to make things easier for any future totalitarian rulers, I noticed the following prices on the wall.

That's an unusual definition of free.

Kian now has a cousin, Jacob. Born today, much bigger than Kian at about three and a half kilograms, and brought into the world in the natural fashion, as opposed to Kian's surgical delivery.

He's in New Zealand, which means it'll be a long time before Kian and Jacob see each other. Then again, both their brain's are essentially mush at the moment so I'm sure they won't mind.

How are these names from my essentially non-religious family:

• Samuel James - that's me.
• Sarah Daniele - that's my sister (I probably spelt the second name wrong).
• Daniel Graeme - that's my half brother.
• Kian Tyler - that's my son.
• Jacob David - that's my sister's son.

The only one without a biblical name is Kian, and his parent's are the only two that have gone to a church in the last decade for reasons other than weddings and funerals. 60% of those are directly biblical, and Daniele I guess is the female form of the biblical name Daniel, so 70% are biblical.

Of course, someone will now point out an occurance of both Kian and Tyler in the bible...

Yet another Australian bowler has injured themselves...

So now, 5 of Australia's best bowlers are out of action. Glenn McGrath, Jason Gillespie, and Brett Lee are all injured. Australia's three main quicks. Stuart MacGill is also injured - a great leg spinner who finally got his chance when the last of the five was put out of action, Shane Warne who is a drug cheat and hence is suspended.

Sadly enough Australia is playing Zimbabwe, who aren't exactly the bext test team. If they were playing one of the better test teams, they might actually lose a series.

The bowlers have carried Australia in the past, now the batsmen will get their chance to carry the team. On the bright side if these injuries last, those three day test matches might be over with, replaced with the far mre satisfying five day fight for a draw.

On Sunday, there was a torment Kian party. A little over a dozen Persian women in a room, examining the baby. I arrived for the tail end, since for the bulk of it I ran away to uni to get some work done.

I didn't make it to uni, instead stopping in Chatswood to try and find a couple of baby items. Said baby items were not to be found, so I bought some boring stuff for the house (you know, vacuum cleaner bags, etc).

Driving all the way to uni and then back to Pymble seemed silly, so I did some just in time training coding from an internet cafe. As always in this country, the internet cafe had lots of computers with lots of people playing games and checking email, but no cafe component. Not even a coke machine.

My brain broke, as often happens as I get tired, so for the last hour I tried the games instead of working. Battlefield 1942 is great fun. I only managed to play a couple of single player games, since I thought working out how to play would be best done that way. Not being able find any local area network games may have had something to do with it too.

Anyway, the game is great fun. If I had money I'd buy it (it's old enough now that you get it and an expansion pack for the normal astronimic game price).

But I don't have money, not the $80 for the game. And certainly not the $700-$800 for the computer upgrade I'd need in order to play it... Though I guess there are always options.

My spam filtering system got another component added today.

So now each mail I receive is first checked for mailing list identifiers. If they are found it is stored in the appropriate mailing list folder. If the mail doesn't seem to be from a list it is then checked against a very short whitelist. If the From: header matches any of the regexes in the whitelist the mail is placed in my inbox.

If the whitelist didn't match, then the mail is passed to my bayesian spam filter. If the bayesian filter says the mail is good then it is placed in my inbox.

If the bayesian filter claims the mail is spam then it is placed in the spam folder. And the vacation program is used to send an email to the claimed sender of the mail informing them of that fact. Vacation is nice, since it has a long history and does a few checks to try and not cause problems. Those checks suit spam notifications reasonably well. If the message isn't specifically addressed to me no notification is sent, a lot of spam is like that (as are mailing lists, the thorn in the side of automated replies due to the joys of massive mail loops). If a message is to be sent it is only sent if a message hasn't been sent to that address in the last week, which is also good to reduce the harm done by forged headers.

The only remaining step is some sort of validation mechanism for people to get added to the whitelist and/or their "spam" classified emails to be moved to the inbox. Currently, that isn't automated instead I just ask them to send me another mail saying their mail got caught in the spam filter. I would then check th spam folder and manually add them to my whitelist.

Adding that would make it one of those real anti-spam systems. However, I'm too lazy. And I like using a bunch of tiny shell and perl scripts each doing one tiny little step in the chain.

The hassle is bounces from the forged senders being non-existant. A magic word added to the subject would make them easy to autmoatically dispose of. So I guess there are actually two steps required.

The demo for the training thing I'm working on at the moment is real soon now. While that means I'm a little busy, it will also mean I should have time to rerun the spam filter tests I did a couple of months ago on all the new spam I've been receiving...

Isn't spam great!

I received the following email today (I added some line breaks to the URL):

X-Envelope-From: service@e-gold.com Sat Oct 25 10:59:38 2003
Received: by staff.cs.usyd.edu.au with postie; Sat, 25 Oct 2003 10:59:38 +1000
Received: from server1.buzhost.com. by staff.cs.usyd.edu.au.; Sat, 25 Oct 2003 10:59:36 +1000
Received: from [66.130.125.239] (helo=127.0.0.1)
        by server1.buzhost.com with smtp (Exim 4.24)
        id 1ADCmM-0001iv-LB
        for sam@holden.id.au; Fri, 24 Oct 2003 20:59:21 -0400
To: sam@holden.id.au <sam@holden.id.au>
From: e-gold Ltd <service@e-gold.com>
X-Mailer: SuperMail-2
Subject: Win a 500$ prize from e-gold Ltd!
MIME-Version: 1.0
Content-type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <E1ADCmM-0001iv-LB@server1.buzhost.com>
Date: Fri, 24 Oct 2003 20:59:21 -0400
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server1.buzhost.com
X-AntiAbuse: Original Domain - holden.id.au
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - e-gold.com

<html>
<head></head>
<body>
Dear e-gold user!<br><br>
At the end of each October to celebrate e-gold's dominance<br>
at the e-currency market, we give you the chance to win $500 worth<br>
of e-gold! Every day until the 31st of October, one e-gold user<br>
is GUARANTEED to win $500 in e-gold!<br><br>
To take part in the competition, simply login to your account using<br>
the link below and the 1000th logged user automatically wins!<br>
Terms and conditions of this promotion:<br>
Only one competion entry per user may be made from the below link per 24 hours.<br>
Multiple logins within 24 hours from the below link will be declared void. All<br>
winners will be notified via their registered email address within 48 hours of<br>
logging in.<br>

<a href="http://e-gold.com%69%6E%64%65%78%6C%6F%67%69%6E%68%74%6D%6C
%61%64%73%66%61%73%64%68%6A%6B%71%77%65%6B%6A%68%61%73%64%61%6C%73%64
%61%6A%6B%73%64%6B%6A%71%70%77%6F%64%61%73%6B%6A%73%64%68%61%73%64%6B
%6A%61%73%64%61%6F%73%64@%77%77%77%2E%6C%6F%61%6E%2D%6E%61%76%69%2E
%63%6F%2E%6A%70:%38%30/%69/%61%63%63%74/">https://www.e-gold.com/acct/login.html</a><br>
Good luck!
</body>
</html>

Now scam emails designed to get people to enter their account information into web forms are a dime a dozen. I decided to have a peek at the site in question this time. Which after unescaping the the URI is http://e-gold.comindexloginhtmladsfasdhjkqwekjhasdalsdajksdkjqpwodaskjsdhasdkjasdaosd@www.loan-navi.co.jp:80/i/acct/. Which is the standard way of trying to hide the actual site by using another site at the start of the username:password@ part of a URL. All normal so far.

Viewing the site however, presents you with what I assume is a copy of the e-gold website. The big animated banner warning about not trusting emails is impossible not to notice. It says to check for a / after the e-gold.com in the location bar of the web browser. Which of course isn't there. It also says to check for the lock icon indicating HTTPS, which also isn't there.

Now putting a slash on the URL is impossible since then you would go to the real site and not the scam mockup. Surely the scammers would be better off modifying the animated gif to not include that part of the animation. The lack of the lock icon is just stupid, running https is just as easy as running http.

Damn lazy crooks. Of course their are probably enough idiots to keep them in business, then again such idiots probably can't work out how to get e-gold into the account in the first place...